Debt collection phish

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 14 Jul 2022 15:46:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1oC6e5-000712-6N

for dave@doctor.nl2k.ab.ca;

Thu, 14 Jul 2022 15:45:17 -0600

Resent-From: The Doctor

Resent-Date: Thu, 14 Jul 2022 15:45:17 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [202.82.170.82] (port=53851 helo=mail.miniprinthk.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.95 (FreeBSD))

(envelope-from )

id 1oC6RS-0006M1-VJ

for root@nk.ca;

Thu, 14 Jul 2022 15:32:19 -0600

Received: from [103.167.92.100] (unknown [103.167.92.100])

by mail.miniprinthk.com (Postfix) with ESMTPA id 0F01E2561D77

for ; Fri, 4 Feb 2022 23:25:51 +0800 (CST)

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: Be Alert.!

To: root@nk.ca

From: "Admin Emissary"

Date: Fri, 04 Feb 2022 15:25:52 +0000

Reply-To: "Admin Emissary"

X-MailScanner-ID: 0F01E2561D77.A0D3C

X-MailScanner: Found to be clean

X-MailScanner-SpamCheck: spam, SpamAssassin (cached, score=5.112, required 5,

autolearn=disabled, ADVANCE_FEE_4_NEW 2.70, ALL_TRUSTED -1.00,

FREEMAIL_FORGED_REPLYTO 2.50, HK_LOTTO 0.77, MISSING_MID 0.14)

X-MailScanner-SpamScore: sssss

X-MailScanner-From: temp@test.com

X-Spam-Flag: Yes

X-Spam_score: 11.6

X-Spam_score_int: 116

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, I am very sorry I have to reach you through this medium.

I am a member of the debt reconvener (debt collection experts) and I am aware

of your ordeal about your unpaid fund. It may interest you to know that not

long after the Debt Management Office (DMO) completed the merger and acquisition

process of all pending payments occasion through the petition raised by the

intern [...]



Content analysis details: (11.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[202.82.170.82 listed in bb.barracudacentral.org]

1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,

https://senderscore.org/blocklistlookup/

[202.82.170.82 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.1 MISSING_MID Missing Message-Id: header

0.8 HK_LOTTO No description available.

-0.0 T_SCC_BODY_TEXT_LINE No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

2.7 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)

Subject: {SPAM?} Be Alert.!



Hello,

I am very sorry I have to reach you through this medium. I am a member of t=

he debt reconvener (debt collection experts) and I am aware of your ordeal =

about your unpaid fund.



It may interest you to know that not long after the Debt Management Office =

(DMO) completed the merger and acquisition process of all pending payments =

occasion through the petition raised by the international community about t=

heir unpaid funds. I discovered that their boss connived with some top offi=

cials to divert funds approve to settle unpaid inheritances, email lottery =

winners, Internet scam victims, unclaimed consignments(concealed funds), an=

d International Contractors.



The DMO has already given the approval to pay your fund but they deliberate=

ly withheld your payment file and continue to demand fees from you through =

their associates from different unassigned affiliates mostly from Africa, t=

he US, Spain, and the Netherlands all in trying to frustrate you into givin=

g up on it so they can finally enrich themselves. I wonder why you haven=E2=

=80=99t noticed all this while.



You may choose to disbelieve this email as inconceivable but my doctrine do=

es not let such an act, the reason I have to open up to you to seek the rig=

ht channel. DMO was authorized to release your fund via their asset managem=

ent firm with claim code numbers, supposedly to have been issued to you.



Upon your response, I shall guide you through and offer you with details to=

contact the assigned affiliate who will immediately ease the release of yo=

ur fund.



Thanks and have a wonderful day.

Be Safe.



Yours Faithfully,

Admin Emissary.

UK.Ref:RDC-82/M2T03Y22/100/A

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA