Urgency Spam from Gmail
Posted by Dave Yadallee onEnvelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 31 Jul 2022 15:09:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oIGAu-0003bJ-Tc
for dave@doctor.nl2k.ab.ca;
Sun, 31 Jul 2022 15:08:36 -0600
Resent-From: The Doctor
Resent-Date: Sun, 31 Jul 2022 15:08:36 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f43.google.com ([209.85.167.43]:38648)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oIFja-00015t-ND
for doctor@doctor.nl2k.ab.ca;
Sun, 31 Jul 2022 14:40:32 -0600
Received: by mail-lf1-f43.google.com with SMTP id bq11so9361852lfb.5
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:from:to:cc;
bh=FCa3PgHYkxbDtL0KIsZbdWtwyd1wZ7lsNTVp0TR2FEU=;
b=mtyxXDfZlqguoz6BeWE+SFlt68pduNaRWyiXvNnKoMENU97Tt1+WyQgRQjAG6OVzI4
3n33XvD+TEHJaLhMvPYeIXBiLXfuaboreEtN6s7dJdeCmoMwNMlLTOtwje36CuxNToK9
4gVTrsCP6EIxVj3V6a6EMyqYnxYv5pQZvtIPNirJLfjD76oFb4oIyjdfWPv+YidzDKVI
8F6XFNfjpNYDTy5sq36hs6An7RfNskpYzoZJ45QprXD7oHW50hyDEoOeBEo5Y32k8gXE
i2ux83LKhQs9f4YoyQBD8AcaceyIdawEl1igHS2oBFhJsm2bZ2llVaXM9t54Q8INjNag
0uNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:x-gm-message-state:from:to:cc;
bh=FCa3PgHYkxbDtL0KIsZbdWtwyd1wZ7lsNTVp0TR2FEU=;
b=P10HLidoo4NEtTHz/fz0NQXlZD/hH7hnpi1Mqopzl8gCkpmUt6nt1UAH+q5v8D5o15
UYwxlMZeaUInUtkT5CmCkb9qJsKgBFYxpGkoPf1XDMMk0mOVKzG/x1JXWoT4MdDqPmat
E4PuIG4Ie4QOWksnMqsACzWmXhM4sLdgf1qn+NtgIfojy0pnWaawUB1oY/ks9k4pyDBP
apP2EsLVJEnZbZ1oUke6ahVws/bqoBet3hRbY31Zr1vNICpyEzYucD/torH+pPpPxvI6
hTvcCw0wJ9liu+DiBlpc6BKqkVGWLs2tU1WxMg/lKqfF5QCaHpXmbd53qWE6fvXK9Y00
3eQw==
X-Gm-Message-State: AJIora8Hf3kxtTbgr1FtQOopEa1zxF0B4fZdNt19nqRzYjvtyNG4bIhC
szGMsz3Yl4bldlV8mBZJ8VptF9TMvl4nHf1bzMw=
X-Google-Smtp-Source: AGRyM1suh6rp1T/Owku3mxy4eUTjxg8uH4S63lEhDmm+oGyAtzta77+o2jSsYbPYvljFRAVad+VWeTw9ZjxzIyt9rws=
X-Received: by 2002:a05:6512:c13:b0:48a:9341:68ad with SMTP id
z19-20020a0565120c1300b0048a934168admr4384529lfu.333.1659299990205; Sun, 31
Jul 2022 13:39:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a2e:86d7:0:0:0:0:0 with HTTP; Sun, 31 Jul 2022 13:39:49
-0700 (PDT)
Reply-To: mrhassanr900@gmail.com
From: "MR. HASSAN B ROUHANI"
Date: Sun, 31 Jul 2022 13:39:49 -0700
Message-ID:
Subject: GET BACK TO ME IMMEDIATELY?
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 21.7
X-Spam_score_int: 217
X-Spam_bar: +++++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: I am Mr. HASSAN ROUHANI. I got your contact information from
a reputable business/professional directory. I'm working with a Bank as
one of the Senior Staff. I am writing you this memo, because I ha [...]
Content analysis details: (21.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.43 listed in wl.mailspike.net]
1.6 SUBJ_ALL_CAPS Subject is all capitals
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit
[mrhassanr900[at]gmail.com]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[kubbahdonzu2018[at]gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[kubbahdonzu2018[at]gmail.com]
2.5 HK_SCAM_N2 BODY: No description available.
0.9 URG_BIZ BODY: Contains urgent matter
2.0 HK_SCAM No description available.
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
1.5 HK_NAME_FM_MR_MRS No description available.
0.0 T_HK_NAME_FM_MR_MRS No description available.
0.0 LOTS_OF_MONEY Huge... sums of money
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
3.1 UNDISC_FREEM Undisclosed recipients + freemail reply-to
2.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free
email?
3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money
3.0 UNDISC_MONEY Undisclosed recipients + money/fraud signs
Subject: {SPAM?} GET BACK TO ME IMMEDIATELY?
I am Mr. HASSAN ROUHANI. I got your contact information from a
reputable business/professional directory. I'm working with a Bank=C2=A0 as
one of the Senior Staff. I am writing you this memo, because I have an
urgent BUSINESS PROPOSAL for you that will benefit both of us and it=E2=80=
=99s
urgent. USD$41.6 Million Dollars. is an abandoned Fund with no one to
lay claim on it, The Depositor died Years ago, I cross-check his file
no next of kin, I will use my position in bank as Senior Staff
move/transfer the Fund to your account for mutual benefit of our both
families,
For more details, write me on my personal contact (mrhassanr900@gmail.com)
Yours Sincerely,
=C2=A0=C2=A0=C2=A0=C2=A0 Mr. Hassan Rouhani.