Business deal spam from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Fri, 26 Aug 2022 08:03:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oRZuT-000BwN-Pt
for dave@doctor.nl2k.ab.ca;
Fri, 26 Aug 2022 08:02:09 -0600
Resent-From: The Doctor
Resent-Date: Fri, 26 Aug 2022 08:02:09 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pf1-f174.google.com ([209.85.210.174]:44622)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oRYOo-0008dq-4D
for doctor@doctor.nl2k.ab.ca;
Fri, 26 Aug 2022 06:25:26 -0600
Received: by mail-pf1-f174.google.com with SMTP id f17so1385155pfk.11
for; Fri, 26 Aug 2022 05:25:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc;
bh=4IAVCA2gJTTjDt5CBjLggMJFJuBSUP41/Lvi+HTqvVI=;
b=Hi2HpAK1yqHNv8ZJAjUUQVvu/VaJoMdZP2U9qLSSsp0N3GQr63+HtJflOqAV3+Wqkv
zPmAIFZEVisSDLO3fSN6070WHOvnD3aycgWBHN0+z95yLo2vzcctR7T96v+6vlENjQMG
CeMjes9YEs9eN0lphxJR7avwLJofMPQGj0u2qVd0aaEfEAZOnB/pB4k6ok9lEnN/NOnh
d8t6PHKzP467hp0YG0w8MJ4/bMrnYfE7VCKImQVRvcB2YJNQ/ueB5xQSA+gBneEAtRkG
12X49/kNYrE/vLATGkEnucplZ+gRdvlQCXTtiHAMWsKwZRIY6kuU7b6rb+3h4R+uZT40
2krQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc;
bh=4IAVCA2gJTTjDt5CBjLggMJFJuBSUP41/Lvi+HTqvVI=;
b=Rr3uBf9+BmM2grdqv4OZY5AWqiqMAp9NM8UjcBkx+AtdUMJr9bGtJsK1/nJjFt38x9
0pfq41X2uIMYenLoTenlyX7faMm+ArDuKSwL0d+8DX/yVgeoqSzaN4990VTWHeNWqiQt
esohKyQqUhTLH4xwPYNBmUeyZyn6chV+siWyrqGgfRrz3j+j3cJl4TKVkMfJgFlp6jnU
wdWXIgCVKIu2YgmqvlapJLWLuvAobcPV4l0LvLJX208PPT2mOX6DtfJGQBm4tHw4B315
7Ao7CBLax3mQ1CsufCfvwVw02USE/FWSuRAB6H7D6SiiIWcDuXBw3mf27wNDpCfh/ItM
DrbQ==
X-Gm-Message-State: ACgBeo1jX2QzHinQMK6Wq4FMFxa1m1+FQdxMdw2inWF4xysiNEP9PZhj
jQY3sVXyugIpyOX0u/gzT+IiIUlfz8Pph8n3C6U=
X-Google-Smtp-Source: AA6agR6xvnytaeYdZtNYeqXPsePMrnbBVDx55vnGbLoW8Uts2rwTaJUif96M+Y6Cs+oO3uwBZiH44IALgPGc0RnLfgw=
X-Received: by 2002:a65:6755:0:b0:41d:70c1:be0 with SMTP id
c21-20020a656755000000b0041d70c10be0mr3145387pgu.99.1661516699418; Fri, 26
Aug 2022 05:24:59 -0700 (PDT)
MIME-Version: 1.0
From: "Dr. Umar Bello"
Date: Fri, 26 Aug 2022 05:24:45 -0700
Message-ID:
Subject: Greetings dear Friend:
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="000000000000a846f905e7240097"
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 13.3
X-Spam_score_int: 133
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Greetings dear Friend: I am contacting you on a business deal
of $19.5 Million US Dollars, ready for transfer into your account if we make
this claim, we will share it 60%/40%.100% risk free and it will be legally
backed up with government approved If you are interested reply for more details.
Content analysis details: (13.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.210.174 listed in wl.mailspike.net]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[a0sis4ite31[at]gmail.com]
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[a0sis4ite31[at]gmail.com]
-0.0 SPF_PASS SPF: sender matches SPF record
3.6 NA_DOLLARS BODY: Talks about a million North American dollars
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 T_HK_NAME_FM_DR No description available.
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
0.0 LOTS_OF_MONEY Huge... sums of money
-0.0 T_SCC_BODY_TEXT_LINE No description available.
3.1 RISK_FREE No risk!
2.8 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} Greetings dear Friend:
--000000000000a846f905e7240097
Content-Type: text/plain; charset="UTF-8"
Greetings dear Friend:
I am contacting you on a business deal of $19.5 Million US Dollars,
ready for transfer into your account
if we make this claim, we will share it 60%/40%.100% risk free and it
will be legally backed up with government approved If you are
interested reply for more details.
Kindly reply for more details Waiting for your reply Make Sure You
Write To My Via E-mail Address...(umarbellod46@gmail.com)
Best regards
Dr.Umar Bello,
--000000000000a846f905e7240097
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
--000000000000a846f905e7240097--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Fri, 26 Aug 2022 08:03:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oRZuT-000BwN-Pt
for dave@doctor.nl2k.ab.ca;
Fri, 26 Aug 2022 08:02:09 -0600
Resent-From: The Doctor
Resent-Date: Fri, 26 Aug 2022 08:02:09 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pf1-f174.google.com ([209.85.210.174]:44622)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oRYOo-0008dq-4D
for doctor@doctor.nl2k.ab.ca;
Fri, 26 Aug 2022 06:25:26 -0600
Received: by mail-pf1-f174.google.com with SMTP id f17so1385155pfk.11
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc;
bh=4IAVCA2gJTTjDt5CBjLggMJFJuBSUP41/Lvi+HTqvVI=;
b=Hi2HpAK1yqHNv8ZJAjUUQVvu/VaJoMdZP2U9qLSSsp0N3GQr63+HtJflOqAV3+Wqkv
zPmAIFZEVisSDLO3fSN6070WHOvnD3aycgWBHN0+z95yLo2vzcctR7T96v+6vlENjQMG
CeMjes9YEs9eN0lphxJR7avwLJofMPQGj0u2qVd0aaEfEAZOnB/pB4k6ok9lEnN/NOnh
d8t6PHKzP467hp0YG0w8MJ4/bMrnYfE7VCKImQVRvcB2YJNQ/ueB5xQSA+gBneEAtRkG
12X49/kNYrE/vLATGkEnucplZ+gRdvlQCXTtiHAMWsKwZRIY6kuU7b6rb+3h4R+uZT40
2krQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc;
bh=4IAVCA2gJTTjDt5CBjLggMJFJuBSUP41/Lvi+HTqvVI=;
b=Rr3uBf9+BmM2grdqv4OZY5AWqiqMAp9NM8UjcBkx+AtdUMJr9bGtJsK1/nJjFt38x9
0pfq41X2uIMYenLoTenlyX7faMm+ArDuKSwL0d+8DX/yVgeoqSzaN4990VTWHeNWqiQt
esohKyQqUhTLH4xwPYNBmUeyZyn6chV+siWyrqGgfRrz3j+j3cJl4TKVkMfJgFlp6jnU
wdWXIgCVKIu2YgmqvlapJLWLuvAobcPV4l0LvLJX208PPT2mOX6DtfJGQBm4tHw4B315
7Ao7CBLax3mQ1CsufCfvwVw02USE/FWSuRAB6H7D6SiiIWcDuXBw3mf27wNDpCfh/ItM
DrbQ==
X-Gm-Message-State: ACgBeo1jX2QzHinQMK6Wq4FMFxa1m1+FQdxMdw2inWF4xysiNEP9PZhj
jQY3sVXyugIpyOX0u/gzT+IiIUlfz8Pph8n3C6U=
X-Google-Smtp-Source: AA6agR6xvnytaeYdZtNYeqXPsePMrnbBVDx55vnGbLoW8Uts2rwTaJUif96M+Y6Cs+oO3uwBZiH44IALgPGc0RnLfgw=
X-Received: by 2002:a65:6755:0:b0:41d:70c1:be0 with SMTP id
c21-20020a656755000000b0041d70c10be0mr3145387pgu.99.1661516699418; Fri, 26
Aug 2022 05:24:59 -0700 (PDT)
MIME-Version: 1.0
From: "Dr. Umar Bello"
Date: Fri, 26 Aug 2022 05:24:45 -0700
Message-ID:
Subject: Greetings dear Friend:
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="000000000000a846f905e7240097"
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 13.3
X-Spam_score_int: 133
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Greetings dear Friend: I am contacting you on a business deal
of $19.5 Million US Dollars, ready for transfer into your account if we make
this claim, we will share it 60%/40%.100% risk free and it will be legally
backed up with government approved If you are interested reply for more details.
Content analysis details: (13.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.210.174 listed in wl.mailspike.net]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[a0sis4ite31[at]gmail.com]
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[a0sis4ite31[at]gmail.com]
-0.0 SPF_PASS SPF: sender matches SPF record
3.6 NA_DOLLARS BODY: Talks about a million North American dollars
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 T_HK_NAME_FM_DR No description available.
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
0.0 LOTS_OF_MONEY Huge... sums of money
-0.0 T_SCC_BODY_TEXT_LINE No description available.
3.1 RISK_FREE No risk!
2.8 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} Greetings dear Friend:
--000000000000a846f905e7240097
Content-Type: text/plain; charset="UTF-8"
Greetings dear Friend:
I am contacting you on a business deal of $19.5 Million US Dollars,
ready for transfer into your account
if we make this claim, we will share it 60%/40%.100% risk free and it
will be legally backed up with government approved If you are
interested reply for more details.
Kindly reply for more details Waiting for your reply Make Sure You
Write To My Via E-mail Address...(umarbellod46@gmail.com)
Best regards
Dr.Umar Bello,
--000000000000a846f905e7240097
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Greetings dear Friend:
=C2=A0 =C2=A0
=C2=A0 I am co=
ntacting you on a business deal of $19.5 Million US Dollars,
ready for t=
ransfer into your account
if we make this claim, we will share it 60=
%/40%.100% risk free and it
will be legally backed up with government ap=
proved If you are
interested reply for more details.
Kindly reply=
=C2=A0for more details Waiting for your reply =C2=A0Make Sure You
Write=
To My Via E-mail Address...(umar=
bellod46@gmail.com)
Best regards
Dr.Umar Bello,
=C2=A0 =C2=A0
=C2=A0 I am co=
ntacting you on a business deal of $19.5 Million US Dollars,
ready for t=
ransfer into your account
if we make this claim, we will share it 60=
%/40%.100% risk free and it
will be legally backed up with government ap=
proved If you are
interested reply for more details.
Kindly reply=
=C2=A0for more details Waiting for your reply =C2=A0Make Sure You
Write=
To My Via E-mail Address...(umar=
bellod46@gmail.com)
Best regards
Dr.Umar Bello,
--000000000000a846f905e7240097--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments