Has someone offered you a huge sum of money or a valuable consignment? It's a 419 or advance fee fraud - find out how they work, and what to do to be safe.
#359221 by buried under 419s Tue Mar 20, 2018 8:47 pm
Return-path: <[email protected]>
Envelope-to:
Delivery-date: Tue, 20 Mar 2018 12:57:17 -0700
Received: from [187.33.248.200] (port=38020 helo=srv01.digitusnet.com.br)
by m with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.89)
(envelope-from <[email protected]>)
id 1eyNNj-0006IT-SU
for ; Tue, 20 Mar 2018 12:57:17 -0700
Received: from [197.211.58.4] (helo=User)
by srv01.digitusnet.com.br with esmtpa (Exim 4.84_2)
(envelope-from <[email protected]>)
id 1eyNxs-0005kd-5s; Tue, 20 Mar 2018 17:34:37 -0300
Reply-To: <[email protected]>
From: "Larry Leake"<[email protected]>
Date: Tue, 20 Mar 2018 20:51:16 +0100
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1081
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
Message-Id: <[email protected]>
X-Spam-Status: Yes, score=28.5
X-Spam-Score: 285
X-Spam-Bar: ++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Good Day Compliment, We bring to your notice from homeland
securities Usa Texas, note your fund is not in Africa any longer is here
in Usa right now,please stop all [...]

Content analysis details: (28.5 points, 7.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.4 NSL_RCVD_HELO_USER Received from HELO User
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[187.33.248.200 listed in bl.score.senderscore.com]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?187.33.248.200>]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[187.33.248.200 listed in psbl.surriel.com]
0.1 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL
[197.211.58.4 listed in zen.spamhaus.org]
1.0 MISSING_HEADERS Missing To: header
1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
1.6 REPLYTO_WITHOUT_TO_CC No description available.
0.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
2.6 MSOE_MID_WRONG_CASE No description available.
2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.7 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only
0.0 TO_NO_BRKTS_MSFT To: lacks brackets and supposed Microsoft tool
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information
0.0 T_FILL_THIS_FORM_FRAUD_PHISH Answer suspicious question(s)
2.4 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)
0.0 FORM_FRAUD_3 Fill a form and several fraud phrases
X-Spam-Flag: YES
Subject: ***SPAM*** Good Day Compliment,

Good Day Compliment,



We bring to your notice from homeland securities Usa Texas, note your fund

is not in Africa any longer is here in Usa right now,please stop all

communication with all offices from Africa or other countries offshore

offices contacting you for transfer of fund, they are not capable

transferring your funds to you, which the Usa government checking files of

our citizens and out side countries pending funds own to clients,we found

out the amount of monies our Usa citizens and others loose every day while

trying to receive payment,Usa Government via homeland securities have

investigated funds, called your fund back to the Usa to enable homeland

security office and you conclude this transfer in-house which you must

receive your fund within 72hrs once you adhere to our instructions.



The mode of settlement is this, you will receive fund via direct cash

cargo delivery to your home, bank or office depending where you will

prefer to receive cash, write back to this office to inform you the steps

you have to follow to get your funds like we have informed via our letter

now,below re-confirm your particulars as requested to proceed.



1. FULL NAME

2. FULL ADDRESS/OFFICE/HOME

3. TELEPHONE NUMBER MOBILE OR ANY DIRECT PHONE NUMBER

4. SCAN COPY OF INTERNATIONAL PASSPORT OR DRIVERS LICENSE



Reply with this email : [email protected]



Regards,



Larry Leake ( Homeland Security investigation officer

Questions about scams? fraudatiocruor @ gmail.com to contact remove spaces
Advertisement

Who is online

Users browsing this forum: No registered users and 144 guests