Nigerian spam from Microsoft Outlook servers
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 25 Dec 2022 14:28:53 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1p9YWn-0003Zs-0D
for dave@doctor.nl2k.ab.ca;
Sun, 25 Dec 2022 14:27:29 -0700
Resent-From: The Doctor
Resent-Date: Sun, 25 Dec 2022 14:27:29 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-tyzapc01on2110.outbound.protection.outlook.com ([40.107.117.110]:25102 helo=APC01-TYZ-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.96)
(envelope-from)
id 1p9YNd-0001Dz-2M
for games@nl2k.ab.ca;
Sun, 25 Dec 2022 14:18:08 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=EEI8qskm74YnaGmy5Lbd4LN+DtZC5NJCHyAu2z/KbAr6pPRKXuv1tT+xN3g3+KP8aIVaNkUhbj/uUoUOWELn+7OQG0ecgz1HofB8+KceSLZ8BEeZNwJ3ulVMZdc5vgTqsUp6oHuTN/uyobrBYSZUhwkxCtMxA8z4ZMj6IqYXSdRmnajPfr+9HwNc9tt6pviURPhUESNtjg2G6oScwNzqtRjUtFRLpY+db0uW1QzRxz8As/XbcXr+uK+PqLghwEZzPKFQFFnnE+dIaz6n2at/DdgHdkFuE+8Pfy6qbFZbJQw+YRlCMZRhfnBfeOcyqgRo21FqG7NMZrsYfdtJcGoKgA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=jWqyj0Zn0/h9cdPYX4Z9EpCqKh1UVpQFMn7N4qrW084=;
b=nrlHKvzf6dnWJMqB0fh0vLvRyCWkrtHAcWrA86Jws2BFs+PpujLfzpttcpIbOHanvjkqAhFlKGZzmZMbLAYxT3hUi9ItphXF2BGtVPL+B8h8wL+SQPYhMviFrYhU5MyyTDnt0zZiQ10LYk9ugOaw7mbjejxgkKSlsFBxc5pIe2tsIk0n+OkBV8RWhGm124eJ3jHNlBYfkiAKJpaU9CGg72taoOwLf4B6dooI83oh5sdK2U02SMsLQelsBiaTu2UQGMw9l7xIN4j9cuVucY7yganxYeV1j/WoCp0hd3lJIxdKl9NzV2SALxSd5PIJMBsb34bU6u+KxzOBkFr5zL5puw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is
122.53.128.222) smtp.rcpttodomain=striker.ottawa.on.ca
smtp.mailfrom=actionlabs.com.ph; dmarc=none action=none
header.from=actionlabs.com.ph; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=wizworx.onmicrosoft.com; s=selector2-wizworx-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=jWqyj0Zn0/h9cdPYX4Z9EpCqKh1UVpQFMn7N4qrW084=;
b=nJvXLLVGKMoQhf9cK2v7pEH065JIw3uPAnAJJ+aqZ+KF+m/Eh7s1D3dYPEHggsgYNbPNBAlA3vzk0ZzrABryplaeXugptrVKoH2jp4x3AP22UrSozeQewFpdPXyhFEHGN/gALeDIxGPIXrUcdTqE92Tenn/AH0IyZGEq/rbHk34=
Received: from TYZPR02MB5738.apcprd02.prod.outlook.com (2603:1096:400:1c1::9)
by TYZPR02MB5738.apcprd02.prod.outlook.com (2603:1096:400:1c1::9) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.16; Sun, 25 Dec
2022 21:15:24 +0000
Received: from TYZPR02MB5738.apcprd02.prod.outlook.com
(fe80::d860:6afc:887c:6fa2%6) by TYZPR02MB5738.apcprd02.prod.outlook.com
(fe80::d860:6afc:887c:6fa2%6) with TransportReplication id Version 15.20
(Build 5944.16); Sun, 25 Dec 2022 21:15:24 +0000
Received: from TYZAPC01FT021.eop-APC01.prod.protection.outlook.com
(2603:1096:404:42:cafe::35) by TY2PR06CA0010.outlook.office365.com
(2603:1096:404:42::22) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.16 via Frontend
Transport; Sun, 25 Dec 2022 16:00:55 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 122.53.128.222)
smtp.mailfrom=actionlabs.com.ph; dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=actionlabs.com.ph;
Received-SPF: Fail (protection.outlook.com: domain of actionlabs.com.ph does
not designate 122.53.128.222 as permitted sender)
receiver=protection.outlook.com; client-ip=122.53.128.222;
helo=SRV-XCHANGE02.worxgroup.xchange;
Received: from SRV-XCHANGE02.worxgroup.xchange (122.53.128.222) by
TYZAPC01FT021.mail.protection.outlook.com (10.118.152.130) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.5944.16 via Frontend Transport; Sun, 25 Dec 2022 16:00:54 +0000
Received: from SRV-XCHANGE02.worxgroup.xchange (192.168.4.50) by
SRV-XCHANGE02.worxgroup.xchange (192.168.4.50) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1118.7; Sun, 25 Dec 2022 23:59:01 +0800
Received: from SRV-XCHANGE02.worxgroup.xchange ([fe80::99c1:1f06:df4c:a4fd])
by SRV-XCHANGE02.worxgroup.xchange ([fe80::99c1:1f06:df4c:a4fd%3]) with mapi
id 15.02.1118.007; Sun, 25 Dec 2022 23:59:01 +0800
From: Mark Semeniano
To: Mark Semeniano
Subject: RE: RE: INVESTMENT DEAL/PARTNERSHIP.
Thread-Topic: RE: INVESTMENT DEAL/PARTNERSHIP.
Thread-Index: AdkXQq/yEwevLuwXTk6Bn0tKHtLCHQA3cvbAAAW4ixAACrECwA==
Date: Sun, 25 Dec 2022 15:59:01 +0000
Message-ID:
References:
Reply-To: "gura.eren@member-turkiyefinans.com"
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [185.202.220.15]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: TYZAPC01FT021:EE_|TYZPR02MB5738:EE_
X-MS-Office365-Filtering-Correlation-Id: c876c024-3571-4e1c-25d5-08dae691341f
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
+474h3CaYEh235lTsTFEm/BrCGb1ZbEdAXJn2Y3GYCUsmmCLFoMhlfmLD4HjCsOUrd27j0YxN4sswn9L9PLBH3wpWpgZDTjJajfiBirT0Ub/p7l4JTH1d+tfSjogq7WtHCOF+LWfmfTMlKBrzPULP+xUvCq6qEUsQPWS+/Wbrc4K2FGHgwKm0Nji56kWDRYc7yTt4YU5MjOXxt/FyQpq30/klwpi9mINX19YJiAFfoTGanfdc/4Z4hFkIJX1ZKxybMbS4l6t2xKqkB7uYgmF5eCI7Ieb/JW2vDLPPCOHYTIi0+CIwhJCi4MDH//aleSq06nLdQEFRjcW3lEwaZPHl4r5jMEFkyyAVfQB8ecViAP44Jlo1G8Lj4/6u/PxsvDxuhqr6CGbAG/btDlVMl+tSaHk+kUlfGIKaXBmy6ttIjuqhU3+SBA/gfzK6cPpJUmcD2DdIQfMOu0Ws23oiXKQXZRfKp4wBTJlDxnZZ8drSxyUtCNhEk3aWa2L+4rz/modIS+sdaTj4v3fXWvQx1JR+XryUeC4aAR3J10m7JHcQCpTjEZalozBgOfJSjIr18ODcxNyPQLhIZoDO+Tp2O9GFUnPHfTj/EANt/C3ErrftvQce7cNBSZB/m6yr25f4cvZXOrVvwuBkgQDuG1XYYR1W/rS/X0056f0NUoSQvfE7ULvJK38FBOMDxqgXWJ2DaTNUy+ciYUtdw7qbAZMzXOPOCmz8DiCbr0EVH3P8N8ubodyl/2zg6BU/P6FVFFyDPvB
X-Forefront-Antispam-Report:
CIP:122.53.128.222;CTRY:PH;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SRV-XCHANGE02.worxgroup.xchange;PTR:host.30.static.pcworx.ph;CAT:NONE;SFS:(13230022)(39860400002)(376002)(396003)(136003)(346002)(451199015)(36840700001)(46966006)(70586007)(8676002)(82310400005)(478600001)(36860700001)(40480700001)(356005)(24736004)(76576003)(53546011)(81166007)(36756003)(316002)(37006003)(36906005)(108616005)(2616005)(7336002)(82740400003)(7416002)(7276002)(4743002)(7406005)(7366002)(83380400001)(26005)(5660300002)(186003)(66806009)(4744005)(66899015)(8796002)(6862004)(8936002)(86362001)(47076005)(2906002)(336012)(41300700001)(6200100001)(400074008);DIR:OUT;SFP:1102;
X-OriginatorOrg: actionlabs.com.ph
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Dec 2022 16:00:54.1543
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c876c024-3571-4e1c-25d5-08dae691341f
X-MS-Exchange-CrossTenant-Id: 32993797-babc-486d-98d1-7795e961f54d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=32993797-babc-486d-98d1-7795e961f54d;Ip=[122.53.128.222];Helo=[SRV-XCHANGE02.worxgroup.xchange]
X-MS-Exchange-CrossTenant-AuthSource: TYZAPC01FT021.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR02MB5738
X-Spam_score: 5.0
X-Spam_score_int: 50
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: I tried to reach you; I'm awaiting your response. Did you
receive my earlier email below.
Content analysis details: (5.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[40.107.117.110 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust
[40.107.117.110 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.6 SUBJ_ALL_CAPS Subject is all capitals
3.6 NA_DOLLARS BODY: Talks about a million North American dollars
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
lines
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Subject: {SPAM?} RE: RE: INVESTMENT DEAL/PARTNERSHIP.
I tried to reach you; I'm awaiting your response. Did you receive my earlie=
r email below.
-----Original Message-----
From: Mark Semeniano=20
Sent: Monday, 19 December 2022 5:19 AM
Subject: RE: INVESTMENT DEAL/PARTNERSHIP.=20
Hello,
I genuinely hope all is fine in your world.
One of my reserved Board of Director, whom we had personally worked with a =
few years ago, is looking to confidentially wire asset sum of $75 Million =
US Dollars from Turkey and reinvest it overseas over a period of 10 to 15 y=
ears due to the inflation here with expectation of 4% annual interest.
I am reaching out to you to see if you are capable of receiving the funds a=
nd working with the client so we can begin the paperwork.
Please reply if you wish to know more.
Mr. Mark Semeniano
CEO ACTIONLAB Group
Enerya Enerji A.S., a subsidiary of STFA Group
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 25 Dec 2022 14:28:53 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1p9YWn-0003Zs-0D
for dave@doctor.nl2k.ab.ca;
Sun, 25 Dec 2022 14:27:29 -0700
Resent-From: The Doctor
Resent-Date: Sun, 25 Dec 2022 14:27:29 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-tyzapc01on2110.outbound.protection.outlook.com ([40.107.117.110]:25102 helo=APC01-TYZ-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.96)
(envelope-from
id 1p9YNd-0001Dz-2M
for games@nl2k.ab.ca;
Sun, 25 Dec 2022 14:18:08 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=EEI8qskm74YnaGmy5Lbd4LN+DtZC5NJCHyAu2z/KbAr6pPRKXuv1tT+xN3g3+KP8aIVaNkUhbj/uUoUOWELn+7OQG0ecgz1HofB8+KceSLZ8BEeZNwJ3ulVMZdc5vgTqsUp6oHuTN/uyobrBYSZUhwkxCtMxA8z4ZMj6IqYXSdRmnajPfr+9HwNc9tt6pviURPhUESNtjg2G6oScwNzqtRjUtFRLpY+db0uW1QzRxz8As/XbcXr+uK+PqLghwEZzPKFQFFnnE+dIaz6n2at/DdgHdkFuE+8Pfy6qbFZbJQw+YRlCMZRhfnBfeOcyqgRo21FqG7NMZrsYfdtJcGoKgA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=jWqyj0Zn0/h9cdPYX4Z9EpCqKh1UVpQFMn7N4qrW084=;
b=nrlHKvzf6dnWJMqB0fh0vLvRyCWkrtHAcWrA86Jws2BFs+PpujLfzpttcpIbOHanvjkqAhFlKGZzmZMbLAYxT3hUi9ItphXF2BGtVPL+B8h8wL+SQPYhMviFrYhU5MyyTDnt0zZiQ10LYk9ugOaw7mbjejxgkKSlsFBxc5pIe2tsIk0n+OkBV8RWhGm124eJ3jHNlBYfkiAKJpaU9CGg72taoOwLf4B6dooI83oh5sdK2U02SMsLQelsBiaTu2UQGMw9l7xIN4j9cuVucY7yganxYeV1j/WoCp0hd3lJIxdKl9NzV2SALxSd5PIJMBsb34bU6u+KxzOBkFr5zL5puw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is
122.53.128.222) smtp.rcpttodomain=striker.ottawa.on.ca
smtp.mailfrom=actionlabs.com.ph; dmarc=none action=none
header.from=actionlabs.com.ph; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=wizworx.onmicrosoft.com; s=selector2-wizworx-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=jWqyj0Zn0/h9cdPYX4Z9EpCqKh1UVpQFMn7N4qrW084=;
b=nJvXLLVGKMoQhf9cK2v7pEH065JIw3uPAnAJJ+aqZ+KF+m/Eh7s1D3dYPEHggsgYNbPNBAlA3vzk0ZzrABryplaeXugptrVKoH2jp4x3AP22UrSozeQewFpdPXyhFEHGN/gALeDIxGPIXrUcdTqE92Tenn/AH0IyZGEq/rbHk34=
Received: from TYZPR02MB5738.apcprd02.prod.outlook.com (2603:1096:400:1c1::9)
by TYZPR02MB5738.apcprd02.prod.outlook.com (2603:1096:400:1c1::9) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.16; Sun, 25 Dec
2022 21:15:24 +0000
Received: from TYZPR02MB5738.apcprd02.prod.outlook.com
(fe80::d860:6afc:887c:6fa2%6) by TYZPR02MB5738.apcprd02.prod.outlook.com
(fe80::d860:6afc:887c:6fa2%6) with TransportReplication id Version 15.20
(Build 5944.16); Sun, 25 Dec 2022 21:15:24 +0000
Received: from TYZAPC01FT021.eop-APC01.prod.protection.outlook.com
(2603:1096:404:42:cafe::35) by TY2PR06CA0010.outlook.office365.com
(2603:1096:404:42::22) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.16 via Frontend
Transport; Sun, 25 Dec 2022 16:00:55 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 122.53.128.222)
smtp.mailfrom=actionlabs.com.ph; dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=actionlabs.com.ph;
Received-SPF: Fail (protection.outlook.com: domain of actionlabs.com.ph does
not designate 122.53.128.222 as permitted sender)
receiver=protection.outlook.com; client-ip=122.53.128.222;
helo=SRV-XCHANGE02.worxgroup.xchange;
Received: from SRV-XCHANGE02.worxgroup.xchange (122.53.128.222) by
TYZAPC01FT021.mail.protection.outlook.com (10.118.152.130) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.5944.16 via Frontend Transport; Sun, 25 Dec 2022 16:00:54 +0000
Received: from SRV-XCHANGE02.worxgroup.xchange (192.168.4.50) by
SRV-XCHANGE02.worxgroup.xchange (192.168.4.50) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1118.7; Sun, 25 Dec 2022 23:59:01 +0800
Received: from SRV-XCHANGE02.worxgroup.xchange ([fe80::99c1:1f06:df4c:a4fd])
by SRV-XCHANGE02.worxgroup.xchange ([fe80::99c1:1f06:df4c:a4fd%3]) with mapi
id 15.02.1118.007; Sun, 25 Dec 2022 23:59:01 +0800
From: Mark Semeniano
To: Mark Semeniano
Subject: RE: RE: INVESTMENT DEAL/PARTNERSHIP.
Thread-Topic: RE: INVESTMENT DEAL/PARTNERSHIP.
Thread-Index: AdkXQq/yEwevLuwXTk6Bn0tKHtLCHQA3cvbAAAW4ixAACrECwA==
Date: Sun, 25 Dec 2022 15:59:01 +0000
Message-ID:
References:
Reply-To: "gura.eren@member-turkiyefinans.com"
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [185.202.220.15]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: TYZAPC01FT021:EE_|TYZPR02MB5738:EE_
X-MS-Office365-Filtering-Correlation-Id: c876c024-3571-4e1c-25d5-08dae691341f
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
+474h3CaYEh235lTsTFEm/BrCGb1ZbEdAXJn2Y3GYCUsmmCLFoMhlfmLD4HjCsOUrd27j0YxN4sswn9L9PLBH3wpWpgZDTjJajfiBirT0Ub/p7l4JTH1d+tfSjogq7WtHCOF+LWfmfTMlKBrzPULP+xUvCq6qEUsQPWS+/Wbrc4K2FGHgwKm0Nji56kWDRYc7yTt4YU5MjOXxt/FyQpq30/klwpi9mINX19YJiAFfoTGanfdc/4Z4hFkIJX1ZKxybMbS4l6t2xKqkB7uYgmF5eCI7Ieb/JW2vDLPPCOHYTIi0+CIwhJCi4MDH//aleSq06nLdQEFRjcW3lEwaZPHl4r5jMEFkyyAVfQB8ecViAP44Jlo1G8Lj4/6u/PxsvDxuhqr6CGbAG/btDlVMl+tSaHk+kUlfGIKaXBmy6ttIjuqhU3+SBA/gfzK6cPpJUmcD2DdIQfMOu0Ws23oiXKQXZRfKp4wBTJlDxnZZ8drSxyUtCNhEk3aWa2L+4rz/modIS+sdaTj4v3fXWvQx1JR+XryUeC4aAR3J10m7JHcQCpTjEZalozBgOfJSjIr18ODcxNyPQLhIZoDO+Tp2O9GFUnPHfTj/EANt/C3ErrftvQce7cNBSZB/m6yr25f4cvZXOrVvwuBkgQDuG1XYYR1W/rS/X0056f0NUoSQvfE7ULvJK38FBOMDxqgXWJ2DaTNUy+ciYUtdw7qbAZMzXOPOCmz8DiCbr0EVH3P8N8ubodyl/2zg6BU/P6FVFFyDPvB
X-Forefront-Antispam-Report:
CIP:122.53.128.222;CTRY:PH;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SRV-XCHANGE02.worxgroup.xchange;PTR:host.30.static.pcworx.ph;CAT:NONE;SFS:(13230022)(39860400002)(376002)(396003)(136003)(346002)(451199015)(36840700001)(46966006)(70586007)(8676002)(82310400005)(478600001)(36860700001)(40480700001)(356005)(24736004)(76576003)(53546011)(81166007)(36756003)(316002)(37006003)(36906005)(108616005)(2616005)(7336002)(82740400003)(7416002)(7276002)(4743002)(7406005)(7366002)(83380400001)(26005)(5660300002)(186003)(66806009)(4744005)(66899015)(8796002)(6862004)(8936002)(86362001)(47076005)(2906002)(336012)(41300700001)(6200100001)(400074008);DIR:OUT;SFP:1102;
X-OriginatorOrg: actionlabs.com.ph
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Dec 2022 16:00:54.1543
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: c876c024-3571-4e1c-25d5-08dae691341f
X-MS-Exchange-CrossTenant-Id: 32993797-babc-486d-98d1-7795e961f54d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=32993797-babc-486d-98d1-7795e961f54d;Ip=[122.53.128.222];Helo=[SRV-XCHANGE02.worxgroup.xchange]
X-MS-Exchange-CrossTenant-AuthSource: TYZAPC01FT021.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR02MB5738
X-Spam_score: 5.0
X-Spam_score_int: 50
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: I tried to reach you; I'm awaiting your response. Did you
receive my earlier email below.
Content analysis details: (5.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[40.107.117.110 listed in wl.mailspike.net]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust
[40.107.117.110 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.6 SUBJ_ALL_CAPS Subject is all capitals
3.6 NA_DOLLARS BODY: Talks about a million North American dollars
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay
lines
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Subject: {SPAM?} RE: RE: INVESTMENT DEAL/PARTNERSHIP.
I tried to reach you; I'm awaiting your response. Did you receive my earlie=
r email below.
-----Original Message-----
From: Mark Semeniano=20
Sent: Monday, 19 December 2022 5:19 AM
Subject: RE: INVESTMENT DEAL/PARTNERSHIP.=20
Hello,
I genuinely hope all is fine in your world.
One of my reserved Board of Director, whom we had personally worked with a =
few years ago, is looking to confidentially wire asset sum of $75 Million =
US Dollars from Turkey and reinvest it overseas over a period of 10 to 15 y=
ears due to the inflation here with expectation of 4% annual interest.
I am reaching out to you to see if you are capable of receiving the funds a=
nd working with the client so we can begin the paperwork.
Please reply if you wish to know more.
Mr. Mark Semeniano
CEO ACTIONLAB Group
Enerya Enerji A.S., a subsidiary of STFA Group
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments