I have not seen this type of scam posted her so far, if it is correct me.
It is a scam about "stealing" some's Hotmail account.
We had a new baiter at 419Eater who got a request to verify his Hotmail account in a very strange way, so he asked us why would they ask this? it didnt make sense, it was duly explained as i will do here.
You receive a mail that says...
Seems strange to start with, untill we explained what the scam was. The scammer wants the account to fleece ALL your friends of their money. sounds crazy? No its not, the scammer is happy if he gets one lucky hit.
the problem was the scammer sent this to a 419eater scambaiter so i will explain what and how it developes.
(what our Scambaiter did was fill his hotmail friends list with fellow Scambaiters, so the scammer got an account full of baiters)
the Scammer takes over the hotmail account and very quickly mails everyone on your contact list this (I have Taken out peoples names as this is still on-going, when it is finished, we will add the scammers details) :
SHE is hopeing one person will help, if all of the list are talking then the scammer fails, but all the scammer needs is one link, one "not so close friend"
One day later we also recieved this mail to another friend on the list:
Both E-mails came from the same hotmail account, so we could find the IP to verify.
Email headers proved this:
The IP is : 82.128.27.229
And the result is :
IP address [?]: 82.128.27.229 [Copy][Whois] [Reverse IP]
IP country code: NG
IP address country: Nigeria
IP address state: Lagos
IP address city: Lagos
IP address latitude: 6.4531
IP address longitude: 3.3958
ISP of this IP [?]: Multi-Links Telecommunications Limited
Organization: Multi-Links Telecommunications Limited
so how can they be in Russia or Manchester at the same time.
So all please beware of a verification email to your hotmail and also watch if you receive a "HELP" from your friends like this.
If you think your friend is in trouble INSIST that you will put it into there Personal Bank Account.
Think to yourself, "would a friend EVER use Western Union" when we can do Bank transfers for free?
Please be careful as friends may need help sometimes, but be sure you are talking to your friend and not some guy in Nigeria.
(oh and as for this sorry scammer? well he has about 5 of 419eaters playing with him for the last 2 months and we havent finished yet)
But please dont attempt to bait them yourself unless you know what to do and how to do it safely
As i am involved in the "bait" feel free to PM me if you have any questions.
It is a scam about "stealing" some's Hotmail account.
We had a new baiter at 419Eater who got a request to verify his Hotmail account in a very strange way, so he asked us why would they ask this? it didnt make sense, it was duly explained as i will do here.
You receive a mail that says...
Dear Account User,
You are advise to verify your account details below to enable us upgrade your account. E.G Your Hotmail ID, Password, Date Of Birth etc.
In failure of doing this, you will Automatically lose your Hotmail Account.
Thanks for using Hotmail
Account Alert
VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID CLOSE !!!
Dear Account User,
This message is from Hotmail message center to all Hotmail account owners and premium account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused Hotmail account to create more space for new accounts.
To prevent your account from closing, you will have to verify it below before One (1) week from now!
CONFIRM YOUR IDENTITY. VERIFY YOUR HOTMAIL ACCOUNT
NOW!!!
Hotmail ID:...................
Password:......................
Your Birthday:...................
Your Country or Territory:...............
Warning!!! Account owner that refuses to update his or her account before One (1) week of receiving this warning will lose his or her account permanently.
Sincerely,
Hotmail Team
Seems strange to start with, untill we explained what the scam was. The scammer wants the account to fleece ALL your friends of their money. sounds crazy? No its not, the scammer is happy if he gets one lucky hit.
the problem was the scammer sent this to a 419eater scambaiter so i will explain what and how it developes.
(what our Scambaiter did was fill his hotmail friends list with fellow Scambaiters, so the scammer got an account full of baiters)
the Scammer takes over the hotmail account and very quickly mails everyone on your contact list this (I have Taken out peoples names as this is still on-going, when it is finished, we will add the scammers details) :
Hi Pxxx,
are you doing today? Fine I presume my reason for writing you an emergency
letter is that I am currently in to RUSSIA to visit my ill Aunt,sorry for not informing you before embarking on my journey to RUSSIAN FEDERATION because the news of her illness arrived to me as " EMERGENCY " she is
suffering from a critical uterine Fibroid and needs urgent attention to keep her
going, her condition is deteriorating and the doctor told me that he will
under-go a surgery to keep him alive because her fibroid has gotten
worse(70pounds Large) and has done a lot of damages to her abdominal area. They
require a deposit of $2500because they are inviting
professional surgeons
from ukrain to perform the(hysterectomy) operation because it had gotten way-out
of hand for them to handle. That brings me more to why I have written you, I
need a financial help of ($2500) from you to deposit for her surgery, I travel with little cash because I didn't expect things to be the way it is right now. I really need this
money from you soon because I am in a terrible and tight situation here, I have
48hrs to get the money before the surgeons arrive. Even if you can't afford
the whole sum, I will appreciate whatever you are able to come up with, because
I don't even know your financial status before asking you for money. I
promise to pay you back when I return.
I am desperately waiting to read from you soon so that I will know my faith and
the next step to take,Regarding how to get the money to me pls go to any gross store or shopping mall that operates western union money transfer and request to send the money to the Doctor's name and address provided below
NELSON TOSIN
150 STAVROPOLSKALYA STR,
MOSCOW CITY,
RUSSIAN FEDERATION.
And you will be given a 10 digits mtcn number and secret test question and
answer that you will require to provide to me for picking up of the money as
soon it is sent. I prefer western union money transfer because it is the
fastest way to receive money globally, compare to bank-bank wire that will take
me about a week or more to receive and that will be terribly late.
I will pay you a courtesy visit when i return from my trip to personally thank
you, and show gratitude to you for your heavenly kindness. pls email me necessary informations i need to pick up the money
Sincerely,
Xxxxxx...
SHE is hopeing one person will help, if all of the list are talking then the scammer fails, but all the scammer needs is one link, one "not so close friend"
One day later we also recieved this mail to another friend on the list:
Hey Xxxxx
How are you doing today? Nice to hear you from you after a very long time,Am glad to hear that you have filling good now after a very long time spent in the hopital, My reason for writing you an emergency letter is that I am currently in MANCHESTER, to visit my ill Aunt,
am sorry for not informing you before embarking on my journey ,because the news of her illness arrived to me as " EMERGENCY " she is
suffering from a critical uterine Fibroid and needs family support to keep her
going, her condition is deteriorating and the doctor told me that she will
under-go a surgery to keep her alive because her fibroid has gotten worse(70pounds Large) and has done a lot of damages to her abdominal area. They will require a deposit of (3500GBP) because they are inviting professional surgeons to perform the(hysterectomy) operation because it had gotten way-out of hand for them to handle. That brings me more to why I have written you, I need a financial help of (3500GBP) from you to deposit for her surgery, and I travel with little cash because I didn't expect things to be the way it is right now. I really need this money from you soon because I am in a terrible and tight situation here, I have 48hrs to get the money before the surgeons arrive. Even if you can't afford whole sum, I will appreciate whatever you are able to come up with, because I don't even know your financial status before asking you for money. I promise to pay you back when I return.
I am desperately waiting to read from you soon so that I will know my faith and the next step to
take.
Sincerely
xxxxxx..
Both E-mails came from the same hotmail account, so we could find the IP to verify.
Email headers proved this:
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0xO0Q9MTtTQ0w9Mg==
X-Message-Status: n:0
X-SID-PRA: Xxxxxx <[email protected]>
X-Message-Info: JGTYoYF78jE2YoPLO/WbF9BxdPiZ0u+Aw9NjWEXvBo/9gmD+bxLwn6nNQGssgPH6kg5+VbTokhUS+xO0YiH1CEvaA8L52Tx7
Received: from n9.bullet.re3.yahoo.com ([68.142.237.94]) by snt0-mc4-f41.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Sun, 28 Jun 2009 04:01:21 -0700
Received: from [68.142.237.90] by n9.bullet.re3.yahoo.com with NNFMP; 28 Jun 2009 11:01:21 -0000
Received: from [67.195.9.81] by t6.bullet.re3.yahoo.com with NNFMP; 28 Jun 2009 11:01:21 -0000
Received: from [67.195.9.102] by t1.bullet.mail.gq1.yahoo.com with NNFMP; 28 Jun 2009 11:01:21 -0000
Received: from [127.0.0.1] by omp106.mail.gq1.yahoo.com with NNFMP; 28 Jun 2009 11:01:21 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
Received: (qmail 92771 invoked by uid 60001); 28 Jun 2009 11:01:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1246186880; bh=qK9i58ydCeIr2KSBXHvuVTNTS428Phu+ud91fjBXRV8=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=M3u/0q9RcDTS88jAxbBKLNiTMpygY712pZUmKCWgFGp2FrekBzQ3134wCa9a/zR2oVCJq8RnjGgAaaeDvrHXVWCzymcrBekOz53lgeMGg43SoBxOtEUzzs3x1CjHayHWpSqX9vkUlMXejMnBTZ92O9EA+YeEy7HyOsboXLe56YQ=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type;
b=G04Yv2ngO0KgE9TPB8FlZ5P/CZMSzM7+sX0yb+cQQ11oNNCHb3R19J8NkI/K+uXlgTga01OLRS0d4q3s1TBNHvB6H+JwNsq9ui6MryKcmibHhjBOztjj/Nj1KRcUk95yjYHmLrS70LCJPqEWIAyH9BBwvZH6O35Nne7CJkIUERk=;
Message-ID: <[email protected]>
X-YMail-OSG: OcU0YdUVM1mY3G.WDsfhV3shZTCanTzoVit_DXFFWEG4Jw5dCRy2ugQ0SYj8BzVxLwzDsil8BXFa2oWO8DnEYeG9HJ2r619h1MguedaZgezSWWuy4QaBXSv4HRDtj24Fgeh5VxGgg_XihLUwTMlJz.q33poIypK2o7JGHr8HIcV5f5fLyrxMmSO8r5yHzjHHhJG10Y7kQUCT3I2iX1m4y8yisXuGgHiYxP5NBYy9nL5Avd36e0xKRWbO3Z6GRJU0uCBNm9GEhVZ9FKlh.iBX7bfh43b8dHVg0yGPpI7hQ2pggXQoeH249uR5zgWxkiKUFQ361GSxAdIV9uk-
Received: from [82.128.27.229] by web111002.mail.gq1.yahoo.com via HTTP; Sun, 28 Jun 2009 04:01:20 PDT
X-Mailer: YahooMailClassic/5.4.17 YahooMailWebService/0.7.289.15
Date: Sun, 28 Jun 2009 04:01:20 -0700 (PDT)
From: Xxxxxxx <[email protected]>
Subject: I NEED YOUR URGENT ASSISTANCE
To: [email protected]
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1926135201-1246186880=:90468"
Return-Path: [email protected]
X-OriginalArrivalTime: 28 Jun 2009 11:01:22.0008 (UTC) FILETIME=[C580A580:01C9F7DF]
The IP is : 82.128.27.229
And the result is :
IP address [?]: 82.128.27.229 [Copy][Whois] [Reverse IP]
IP country code: NG
IP address country: Nigeria
IP address state: Lagos
IP address city: Lagos
IP address latitude: 6.4531
IP address longitude: 3.3958
ISP of this IP [?]: Multi-Links Telecommunications Limited
Organization: Multi-Links Telecommunications Limited
so how can they be in Russia or Manchester at the same time.
So all please beware of a verification email to your hotmail and also watch if you receive a "HELP" from your friends like this.
If you think your friend is in trouble INSIST that you will put it into there Personal Bank Account.
Think to yourself, "would a friend EVER use Western Union" when we can do Bank transfers for free?
Please be careful as friends may need help sometimes, but be sure you are talking to your friend and not some guy in Nigeria.
(oh and as for this sorry scammer? well he has about 5 of 419eaters playing with him for the last 2 months and we havent finished yet)
But please dont attempt to bait them yourself unless you know what to do and how to do it safely
As i am involved in the "bait" feel free to PM me if you have any questions.
