Has someone offered you a huge sum of money or a valuable consignment? It's a 419 or advance fee fraud - find out how they work, and what to do to be safe.
#375000 by buried under 419s Thu Oct 18, 2018 9:35 am
Return-Path: <[email protected]>
Delivered-To:
Received: from
by with LMTP id 8CJHALVryFtSSgAAjbubUg
for <>; Thu, 18 Oct 2018 04:17:09 -0700
Return-path: <[email protected]>
Envelope-to:
Delivery-date: Thu, 18 Oct 2018 04:17:09 -0700
Received: from mail.genohotel.com ([101.99.66.45]:50213 helo=vps53829.domain.local)
by with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.89)
(envelope-from <[email protected]>)
id 1gD6Id-0004wj-MX
for ; Thu, 18 Oct 2018 04:17:08 -0700
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=genohotel.com; s=default; h=Content-Transfer-Encoding:Content-Type:
MIME-Version:Date:Subject:From:Reply-To:Sender:Message-ID:To:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=Fn4HBCpA2YS6Mc1C1OCXVioxPTeJQ3IL/YYbUPpy3XM=; b=Ni4ixOyhm2QUERGWaNqOW97c3a
8weTuB82GD6juDxX1Cn+qEMrV2WYeE0aQNrkpj4UEocr4Ia0UFBgvCNb+Dbf/KzgFPPCneAonH7Ck
aBve9f1M95NnlT187XAr2IutkDJkxvCxNRNQ37hqeecq4M9qH11yfAnt5+PlU9GiZMK3RtvLFODf9
NTC+eJFWQ7nS7pD/SfOZ1/vFwyrSrCFfte0dv0vH8czZM9AvIxbcR87GCrorjzKijxkWGOWy3Mpuu
hAdNlLjuAIXDN9QVdsrqm1Po8+WMbYb7N+2i70lzdrwwmyM31CDwI9FA29w/Pe07DBEgX9jQdxFnU
3u50zgvQ==;
Received: from [45.35.198.41] (port=64910 helo=User)
by vps53829.domain.local with esmtpa (Exim 4.91)
(envelope-from <[email protected]>)
id 1gD6Hj-0003IL-Ry; Thu, 18 Oct 2018 19:16:12 +0800
Reply-To: <[email protected]>
From: "Mr George Ellis Sr Director Inspection"<[email protected]>
Date: Thu, 18 Oct 2018 04:16:13 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - vps53829.domain.local
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - genohotel.com
X-Get-Message-Sender-Via: vps53829.domain.local: authenticated_id: [email protected]
X-Authenticated-Sender: vps53829.domain.local: [email protected]
X-Source:
X-Source-Args:
X-Source-Dir:
X-Spam-Status: Yes, score=19.8
X-Spam-Score: 198
X-Spam-Bar: +++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Attn: My Friend My Name is Mr.George Ellis as a diplomat i
discovered an abandoned Consignment ready for delivery to you with undisclosed
sum of money in a Metallic Trunk Boxes weighing approximately 65kg contained
$5M currently available in Dallas/Fort Worth International Airport USA. [...]


Content analysis details: (19.8 points, 7.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
0.0 NSL_RCVD_HELO_USER Received from HELO User
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[101.99.66.45 listed in bl.score.senderscore.com]
1.0 MISSING_HEADERS Missing To: header
0.0 T_SPF_PERMERROR SPF: test of record failed (permerror)
1.5 SUBJ_ALL_CAPS Subject is all capitals
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
0.0 T_HK_NAME_MR_MRS No description available.
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
1.6 MISSING_MID Missing Message-Id: header
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority
1.6 REPLYTO_WITHOUT_TO_CC No description available.
2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information
1.5 MONEY_FORM_SHORT Lots of money if you fill out a short form
1.0 FORM_FRAUD Fill a form and a fraud phrase
X-Spam-Flag: YES
Subject: ***SPAM*** CALL ME AND REPLY MESSAGE


Attn: My Friend

My Name is Mr.George Ellis as a diplomat i discovered an abandoned Consignment
ready for delivery to you with undisclosed sum of money in a Metallic Trunk Boxes
weighing approximately 65kg contained $5M currently available in Dallas/Fort Worth
International Airport USA.

Write me on this email: [email protected] ,if you accepts to work with me.Send me
your cell phone number and your address and your full name attachment copy of your
photo.You can as well call me on this number 469-712-5160 if you wish to speak with
me.

Mr.George Ellis
DFW Airport

Questions about scams? fraudatiocruor @ gmail.com to contact remove spaces
Advertisement

Who is online

Users browsing this forum: Clive Wire and 80 guests