Has someone offered you a huge sum of money or a valuable consignment? It's a 419 or advance fee fraud - find out how they work, and what to do to be safe.
#340067 by buried under 419s Sat Sep 23, 2017 3:57 pm
Return-path: <[email protected]>
Envelope-to:
Delivery-date: Sat, 23 Sep 2017 12:46:28 -0700
Received: from [83.242.139.67] (port=56619 helo=smtpa.comstar.ru)
by with esmtp (Exim 4.89)
(envelope-from <[email protected]>)
id 1dvqNc-0000QG-87
for ; Sat, 23 Sep 2017 12:46:28 -0700
Received: from User (unknown [104.243.26.5])
(Authenticated sender: [email protected])
by smtpa.comstar.ru (Postfix) with ESMTP id EA3187DFA1;
Sat, 23 Sep 2017 22:17:02 +0400 (MSD)
Reply-To: <[email protected]>
From: "Zenith Bank"<[email protected]>
Date: Sat, 23 Sep 2017 09:17:10 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <[email protected]>
To: undisclosed-recipients:;
X-Spam-Status: Yes, score=33.0
X-Spam-Score: 330
X-Spam-Bar: +++++++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Dated: 22/09/17. Attn: Beneficiary. This is to officially
inform you that we have verified your contract/inheritance fund file and found
out that you have not received your fund us$12.5m. [...]

Content analysis details: (33.0 points, 7.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
0.0 T_DEAR_BENEFICIARY BODY: Dear Beneficiary:
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.0 NSL_RCVD_FROM_USER Received from User
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[83.242.139.67 listed in psbl.surriel.com]
4.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[83.242.139.67 listed in bb.barracudacentral.org]
0.1 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL
[83.242.139.67 listed in zen.spamhaus.org]
0.5 RCVD_IN_SORBS_SPAM RBL: SORBS: sender is a spam source
[83.242.139.67 listed in dnsbl.sorbs.net]
6.2 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[83.242.139.67 listed in bl.mailspike.net]
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
(atmzenith_6[at]yahoo.com)
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[83.242.139.67 listed in bl.score.senderscore.com]
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
1.8 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
0.0 FROM_MISSP_TO_UNDISC From misspaced, To undisclosed
0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
2.6 MSOE_MID_WRONG_CASE No description available.
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 FROM_MISSP_USER From misspaced, from "User"
2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
0.0 FROM_MISSPACED From: missing whitespace
0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information
0.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
0.0 FORM_FRAUD_3 Fill a form and several fraud phrases
X-Spam-Flag: YES
Subject: ***SPAM*** Your ATM Card US$12.5M is ready for collection


Dated: 22/09/17.

Attn: Beneficiary.

This is to officially inform you that we have verified your contract/inheritance
fund file and found out that you have not received your fund us$12.5m.

You will receive it through ATM CARD, forward your name,address and direct telephone
number.

Regards.
Mr.Philip Uku.
Atm Manager Zenith Bank.

Questions about scams? fraudatiocruor @ gmail.com to contact remove spaces
Advertisement

Who is online

Users browsing this forum: Majestic-12 [Bot] and 119 guests