More Nigerian AOL Spam
Posted by Dave Yadallee on
From - Tue Mar 18 08:16:17 2014
X-Account-Key: account2
X-UIDL: 00057315501fb806
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: aboo@doctor.nl2k.ab.ca
Delivery-date: Tue, 18 Mar 2014 08:16:04 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.82)
(envelope-from)
id 1WPukF-0004Dk-9v
for aboo@doctor.nl2k.ab.ca; Tue, 18 Mar 2014 08:11:56 -0600
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Tue, 18 Mar 2014 08:11:55 -0600
Resent-Message-ID: <20140318141155.GB11783@doctor.nl2k.ab.ca>
Resent-To: See root
Received: from oms-dc01.r1000.mx.aol.com ([205.188.167.65])
by doctor.nl2k.ab.ca with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from)
id 1WPoWI-00003T-IV
for doctor@doctor.nl2k.ab.ca; Tue, 18 Mar 2014 01:33:41 -0600
Received: from mtaomg-mae02.mx.aol.com (mtaomg-mae02.mx.aol.com [172.26.254.144])
by oms-dc01.r1000.mx.aol.com (AOL Outbound OMS Interface) with ESMTP id 5CA8638000314;
Tue, 18 Mar 2014 03:32:58 -0400 (EDT)
Received: from core-dfd004c.r1000.mail.aol.com (core-dfd004.r1000.mail.aol.com [172.29.55.79])
by mtaomg-mae02.mx.aol.com (OMAG/Core Interface) with ESMTP id DAAE438000081;
Tue, 18 Mar 2014 03:32:56 -0400 (EDT)
X-MB-Message-Source: WebUI
Subject: I NEED YOUR URGENT REPLY
X-MB-Message-Type: User
MIME-Version: 1.0
From: Mohammed Aziz
Content-Type: multipart/alternative;
boundary="--------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com"
X-Mailer: AOL WebMail 38442 - BASIC
Received: from 41.138.98.145 by webmail-m138.sysops.aol.com (149.174.9.12) with HTTP (WebMailUI); Tue, 18 Mar 2014 03:32:56 -0400
Message-Id: <8D110936A5FD7DA-2DA0-2A23C@webmail-m138.sysops.aol.com>
X-Originating-IP: [41.138.98.145]
Date: Tue, 18 Mar 2014 03:32:56 -0400 (EDT)
x-aol-global-disposition: S
X-SPAM-FLAG: YES
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com;
s=20121107; t=1395127978;
bh=4ZvAks7equIQ4y6mPC+S+3YwHLzwbjLHERIzH6N6kl8=;
h=From:Subject:Message-Id:Date:MIME-Version:Content-Type;
b=FswiE1zjU/o/t4t/iYqFSUMWRG3Xa+STlfMze3anB2GRxOoM6t7JaxpvCJEJmn45j
/L0igbjkjhua4Vi1rv1GTUh1JJNCRyvlxdyr3RP1ZKdVkrryEIxfMqrTXaZR2XByd7
qubEbQvYGIvkVRg3AFU3SLg9VF1bSevKHyiWFfLU=
X-AOL-REROUTE: YES
x-aol-sid: 3039ac1afe905327f6a82d1d
X-Spam_score: 19.3
X-Spam_score_int: 193
X-Spam_bar: +++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "gallifrey.nk.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear Friend, I want to transfer US$20.5 Million to your bank
account. The fund belong to our deceased customer who died with his entire
family in Iraq War 2006, leaving nobody for the claim and as such, I decided
to contact you to enable us claim the fund. Your share is 40% while 60% for
me. This transaction is 100% risky free. Contact me for more details on my
private email address which is � (mohammedaziz349@gmail.com)� � [...]
Content analysis details: (19.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is freemail (mohammed_aziz33[at]aol.fr)
1.6 SUBJ_ALL_CAPS Subject is all capitals
2.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (mohammed_aziz33[at]aol.fr)
1.2 MISSING_HEADERS Missing To: header
0.9 URG_BIZ BODY: Contains urgent matter
2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
2.5 FREEMAIL_REPLY From and body contain different freemails
1.5 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)
2.4 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)
0.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419)
0.0 T_TO_NO_BRKTS_FREEMAIL T_TO_NO_BRKTS_FREEMAIL
0.0 T_MONEY_PERCENT X% of a lot of money for you
0.5 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
1.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
0.5 MONEY_FRAUD_5 Lots of money and many fraud phrases
0.8 MONEY_FRAUD_8 Lots of money and very many fraud phrases
1.0 MONEY_FRAUD_3 Lots of money and several fraud phrases
Subject: {SPAM?} I NEED YOUR URGENT REPLY
This is a multi-part message in MIME format.
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
=20
Dear Friend,=20
I want to transfer US$20.5 Million to your bank account. The fund belong to=
our deceased customer who died with his entire family in Iraq War 2006, le=
aving nobody for the claim and as such, I decided to contact you to enable =
us claim the fund. Your share is 40% while 60% for me. This transaction is =
100% risky free. Contact me for more details on my private email address wh=
ich is
=C2=A0(mohammedaziz349@gmail.com)=C2=A0=C2=A0=20
Thanks,
Mohammed Aziz.
Banque R=C3=A9gionale de Solidarite( BRS),
ouagadougou,Burkina Faso
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com--
X-Account-Key: account2
X-UIDL: 00057315501fb806
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path:
Envelope-to: aboo@doctor.nl2k.ab.ca
Delivery-date: Tue, 18 Mar 2014 08:16:04 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.82)
(envelope-from
id 1WPukF-0004Dk-9v
for aboo@doctor.nl2k.ab.ca; Tue, 18 Mar 2014 08:11:56 -0600
Resent-From: doctor@doctor.nl2k.ab.ca
Resent-Date: Tue, 18 Mar 2014 08:11:55 -0600
Resent-Message-ID: <20140318141155.GB11783@doctor.nl2k.ab.ca>
Resent-To: See root
Received: from oms-dc01.r1000.mx.aol.com ([205.188.167.65])
by doctor.nl2k.ab.ca with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from
id 1WPoWI-00003T-IV
for doctor@doctor.nl2k.ab.ca; Tue, 18 Mar 2014 01:33:41 -0600
Received: from mtaomg-mae02.mx.aol.com (mtaomg-mae02.mx.aol.com [172.26.254.144])
by oms-dc01.r1000.mx.aol.com (AOL Outbound OMS Interface) with ESMTP id 5CA8638000314;
Tue, 18 Mar 2014 03:32:58 -0400 (EDT)
Received: from core-dfd004c.r1000.mail.aol.com (core-dfd004.r1000.mail.aol.com [172.29.55.79])
by mtaomg-mae02.mx.aol.com (OMAG/Core Interface) with ESMTP id DAAE438000081;
Tue, 18 Mar 2014 03:32:56 -0400 (EDT)
X-MB-Message-Source: WebUI
Subject: I NEED YOUR URGENT REPLY
X-MB-Message-Type: User
MIME-Version: 1.0
From: Mohammed Aziz
Content-Type: multipart/alternative;
boundary="--------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com"
X-Mailer: AOL WebMail 38442 - BASIC
Received: from 41.138.98.145 by webmail-m138.sysops.aol.com (149.174.9.12) with HTTP (WebMailUI); Tue, 18 Mar 2014 03:32:56 -0400
Message-Id: <8D110936A5FD7DA-2DA0-2A23C@webmail-m138.sysops.aol.com>
X-Originating-IP: [41.138.98.145]
Date: Tue, 18 Mar 2014 03:32:56 -0400 (EDT)
x-aol-global-disposition: S
X-SPAM-FLAG: YES
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mx.aol.com;
s=20121107; t=1395127978;
bh=4ZvAks7equIQ4y6mPC+S+3YwHLzwbjLHERIzH6N6kl8=;
h=From:Subject:Message-Id:Date:MIME-Version:Content-Type;
b=FswiE1zjU/o/t4t/iYqFSUMWRG3Xa+STlfMze3anB2GRxOoM6t7JaxpvCJEJmn45j
/L0igbjkjhua4Vi1rv1GTUh1JJNCRyvlxdyr3RP1ZKdVkrryEIxfMqrTXaZR2XByd7
qubEbQvYGIvkVRg3AFU3SLg9VF1bSevKHyiWFfLU=
X-AOL-REROUTE: YES
x-aol-sid: 3039ac1afe905327f6a82d1d
X-Spam_score: 19.3
X-Spam_score_int: 193
X-Spam_bar: +++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "gallifrey.nk.ca", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear Friend, I want to transfer US$20.5 Million to your bank
account. The fund belong to our deceased customer who died with his entire
family in Iraq War 2006, leaving nobody for the claim and as such, I decided
to contact you to enable us claim the fund. Your share is 40% while 60% for
me. This transaction is 100% risky free. Contact me for more details on my
private email address which is � (mohammedaziz349@gmail.com)� � [...]
Content analysis details: (19.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is freemail (mohammed_aziz33[at]aol.fr)
1.6 SUBJ_ALL_CAPS Subject is all capitals
2.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (mohammed_aziz33[at]aol.fr)
1.2 MISSING_HEADERS Missing To: header
0.9 URG_BIZ BODY: Contains urgent matter
2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
2.5 FREEMAIL_REPLY From and body contain different freemails
1.5 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)
2.4 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)
0.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419)
0.0 T_TO_NO_BRKTS_FREEMAIL T_TO_NO_BRKTS_FREEMAIL
0.0 T_MONEY_PERCENT X% of a lot of money for you
0.5 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
1.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
0.5 MONEY_FRAUD_5 Lots of money and many fraud phrases
0.8 MONEY_FRAUD_8 Lots of money and very many fraud phrases
1.0 MONEY_FRAUD_3 Lots of money and several fraud phrases
Subject: {SPAM?} I NEED YOUR URGENT REPLY
This is a multi-part message in MIME format.
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"
=20
Dear Friend,=20
I want to transfer US$20.5 Million to your bank account. The fund belong to=
our deceased customer who died with his entire family in Iraq War 2006, le=
aving nobody for the claim and as such, I decided to contact you to enable =
us claim the fund. Your share is 40% while 60% for me. This transaction is =
100% risky free. Contact me for more details on my private email address wh=
ich is
=C2=A0(mohammedaziz349@gmail.com)=C2=A0=C2=A0=20
Thanks,
Mohammed Aziz.
Banque R=C3=A9gionale de Solidarite( BRS),
ouagadougou,Burkina Faso
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
Dear Friend,
I want to transfer US$20.5 Million to your bank account. The fund belong to=
our deceased customer who died with his entire family in Iraq War 2006, le=
aving nobody for the claim and as such, I decided to contact you to enable =
us claim the fund. Your share is 40% while 60% for me. This transaction is =
100% risky free. Contact me for more details on my private email address wh=
ich is
(mohammedaziz349@gmail.com)
Thanks,
Mohammed Aziz.
Banque R=C3=A9gionale de Solidarite( BRS),
ouagadougou,Burkina Faso
I want to transfer US$20.5 Million to your bank account. The fund belong to=
our deceased customer who died with his entire family in Iraq War 2006, le=
aving nobody for the claim and as such, I decided to contact you to enable =
us claim the fund. Your share is 40% while 60% for me. This transaction is =
100% risky free. Contact me for more details on my private email address wh=
ich is
(mohammedaziz349@gmail.com)
Thanks,
Mohammed Aziz.
Banque R=C3=A9gionale de Solidarite( BRS),
ouagadougou,Burkina Faso
----------MB_8D110936A62393A_2DA0_8952B_webmail-m138.sysops.aol.com--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments