lottery phish from Google
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 13 Feb 2023 07:34:42 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1pRZuW-000Lbb-0R
for dave@doctor.nl2k.ab.ca;
Mon, 13 Feb 2023 07:34:28 -0700
Resent-From: The Doctor
Resent-Date: Mon, 13 Feb 2023 07:34:28 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f47.google.com ([209.85.167.47]:42630)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from)
id 1pRZA8-000FD9-0m
for bin@nl2k.ab.ca;
Mon, 13 Feb 2023 06:46:26 -0700
Received: by mail-lf1-f47.google.com with SMTP id y25so18927628lfa.9
for; Mon, 13 Feb 2023 05:44:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=qcYsZHWbt8IEBwer9astcboH8Td5pmJHC9XvS5I6V/RnyL3CIi8t8X6xlzETAccb3o
7di2Ea0mTL7dX1WIritSnx8KTcrqeOFHzAWjxFaWLljjuXyV4DZKEdysQBljAJpdoIT5
eSKaQ3J5sNjzYHh1xds60JTlPhs9Tt+2r10jcoSGQRGtBhxmpX/TocBVGWKa8L/PeeJ6
vln688L9rK+4cy/A7ofomhLeJfvnk+Hmr7AfEYFqgM5CTibDKmohy27sEcFUZSLsNiAM
qdoPc0BRzKPXzWncCT3C3mophMcjUhauk3RajyDVy72Z1gfhtZCh4b9C//O/ID8tLllc
Iylg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=ZohxJqU2i9iajM/VY32X33IyE3mvq4/kr3Q8MdG3/sTj110UbRLVTo1R9WDlGEI89+
dcNDBbJsTpwB0Joloog5dupF/nQ/1iBnmWucbZXpIhCfjKWw0F/buT5rGhlR0GO/JIRv
fSqqQg46J3GcQoZ1eKP7RJlnXyONrI+nnwVVMeIePtmfzuC040/azwv6KI3L4/nJ5832
eUR+o7t5NJlGP/uVU1Pdn8SAGlR4B+88E6i+Db6TQLdRuhkeTUF5M46vz1q6Ik1AVtj2
hh7fp3P5EHvGIQ67wNNn+ssZQFLnoB0xBrR0rZK+YSAiIjvNPtLvzOL8r2ubCp4lYrQu
3m+Q==
X-Gm-Message-State: AO0yUKWuZtZ014/NVU3JScMYbHWYrk4kaErIlrrs8wYX2Hd7xxlCt2n4
M6ANMM1xJISrZomRFMM2qZiiV4wfCqEf6hJ8uhs=
X-Google-Smtp-Source: AK7set8r/sbNmX9PRMsJPF006jDFmzC3cXNzBYsTuZ+2hATedzDi40nQB2LaQJIBYiU8SYkUJoNKXlQdBp18gjGmPbQ=
X-Received: by 2002:a19:f605:0:b0:4db:38ba:ca69 with SMTP id
x5-20020a19f605000000b004db38baca69mr813032lfe.154.1676295855556; Mon, 13 Feb
2023 05:44:15 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6520:503:b0:23e:ca06:2b28 with HTTP; Mon, 13 Feb 2023
05:44:14 -0800 (PST)
Reply-To: thepowerpackk@gmail.com
From: The Power Pack
Date: Mon, 13 Feb 2023 05:44:14 -0800
Message-ID:
Subject: spende
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: bin@nl2k.ab.ca
X-Spam_score: 13.8
X-Spam_score_int: 138
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: -- Good day dear beneficiaries, You have received this message
from the Power Pack Foundation; We are The Power Pack and the winner of the
$731.1 million Powerball jackpot. We are one of the largest j [...]
Content analysis details: (13.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.47 listed in list.dnswl.org]
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ljoe99720(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ljoe99720(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.47 listed in wl.mailspike.net]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 LOTS_OF_MONEY Huge... sums of money
2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to
1.5 MONEY_ATM_CARD Lots of money on an ATM card
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases
2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} spende
--
Good day dear beneficiaries,
You have received this message from the Power Pack Foundation;
We are The Power Pack and the winner of the $731.1 million Powerball
jackpot. We are one of the largest jackpot winners in the history of
the Maryland Lottery in the United States. We won this lottery on
January 20, 2021 and would like to inform you that at my request,
Google in cooperation with Microsoft sent your "email address" to
receive a donation of $ 3 million . We're giving you this $3 million
to help charities and poor people in your community so we can make the
world a better place for everyone. Please visit the website below for
more information so as not to be skeptical about this $3 million
donation
Click on the link below:
https://www.wbaltv.com/article/dollar7311m-powerball-jackpot-ticket-claimed-maryland-lottery/36547950#
Please reply to: (thepowerpackk@gmail.com) so we can go to the right
bank to issue a $3 million ATM card. This ATM card is supplied
together with your PIN for accessing your funds. Remember that all
replies to this message must be sent to (thepowerpackk@gmail.com) for
more information on how to receive this donation with a universal ATM
card that will be sent to you as soon as possible. Contact us as soon
as possible
Regards,
Power pack foundation
*
Powerball Jackpot Winner
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 13 Feb 2023 07:34:42 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1pRZuW-000Lbb-0R
for dave@doctor.nl2k.ab.ca;
Mon, 13 Feb 2023 07:34:28 -0700
Resent-From: The Doctor
Resent-Date: Mon, 13 Feb 2023 07:34:28 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f47.google.com ([209.85.167.47]:42630)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from
id 1pRZA8-000FD9-0m
for bin@nl2k.ab.ca;
Mon, 13 Feb 2023 06:46:26 -0700
Received: by mail-lf1-f47.google.com with SMTP id y25so18927628lfa.9
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=qcYsZHWbt8IEBwer9astcboH8Td5pmJHC9XvS5I6V/RnyL3CIi8t8X6xlzETAccb3o
7di2Ea0mTL7dX1WIritSnx8KTcrqeOFHzAWjxFaWLljjuXyV4DZKEdysQBljAJpdoIT5
eSKaQ3J5sNjzYHh1xds60JTlPhs9Tt+2r10jcoSGQRGtBhxmpX/TocBVGWKa8L/PeeJ6
vln688L9rK+4cy/A7ofomhLeJfvnk+Hmr7AfEYFqgM5CTibDKmohy27sEcFUZSLsNiAM
qdoPc0BRzKPXzWncCT3C3mophMcjUhauk3RajyDVy72Z1gfhtZCh4b9C//O/ID8tLllc
Iylg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=ZohxJqU2i9iajM/VY32X33IyE3mvq4/kr3Q8MdG3/sTj110UbRLVTo1R9WDlGEI89+
dcNDBbJsTpwB0Joloog5dupF/nQ/1iBnmWucbZXpIhCfjKWw0F/buT5rGhlR0GO/JIRv
fSqqQg46J3GcQoZ1eKP7RJlnXyONrI+nnwVVMeIePtmfzuC040/azwv6KI3L4/nJ5832
eUR+o7t5NJlGP/uVU1Pdn8SAGlR4B+88E6i+Db6TQLdRuhkeTUF5M46vz1q6Ik1AVtj2
hh7fp3P5EHvGIQ67wNNn+ssZQFLnoB0xBrR0rZK+YSAiIjvNPtLvzOL8r2ubCp4lYrQu
3m+Q==
X-Gm-Message-State: AO0yUKWuZtZ014/NVU3JScMYbHWYrk4kaErIlrrs8wYX2Hd7xxlCt2n4
M6ANMM1xJISrZomRFMM2qZiiV4wfCqEf6hJ8uhs=
X-Google-Smtp-Source: AK7set8r/sbNmX9PRMsJPF006jDFmzC3cXNzBYsTuZ+2hATedzDi40nQB2LaQJIBYiU8SYkUJoNKXlQdBp18gjGmPbQ=
X-Received: by 2002:a19:f605:0:b0:4db:38ba:ca69 with SMTP id
x5-20020a19f605000000b004db38baca69mr813032lfe.154.1676295855556; Mon, 13 Feb
2023 05:44:15 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6520:503:b0:23e:ca06:2b28 with HTTP; Mon, 13 Feb 2023
05:44:14 -0800 (PST)
Reply-To: thepowerpackk@gmail.com
From: The Power Pack
Date: Mon, 13 Feb 2023 05:44:14 -0800
Message-ID:
Subject: spende
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: bin@nl2k.ab.ca
X-Spam_score: 13.8
X-Spam_score_int: 138
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: -- Good day dear beneficiaries, You have received this message
from the Power Pack Foundation; We are The Power Pack and the winner of the
$731.1 million Powerball jackpot. We are one of the largest j [...]
Content analysis details: (13.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.47 listed in list.dnswl.org]
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ljoe99720(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ljoe99720(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.47 listed in wl.mailspike.net]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 LOTS_OF_MONEY Huge... sums of money
2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to
1.5 MONEY_ATM_CARD Lots of money on an ATM card
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases
2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} spende
--
Good day dear beneficiaries,
You have received this message from the Power Pack Foundation;
We are The Power Pack and the winner of the $731.1 million Powerball
jackpot. We are one of the largest jackpot winners in the history of
the Maryland Lottery in the United States. We won this lottery on
January 20, 2021 and would like to inform you that at my request,
Google in cooperation with Microsoft sent your "email address" to
receive a donation of $ 3 million . We're giving you this $3 million
to help charities and poor people in your community so we can make the
world a better place for everyone. Please visit the website below for
more information so as not to be skeptical about this $3 million
donation
Click on the link below:
https://www.wbaltv.com/article/dollar7311m-powerball-jackpot-ticket-claimed-maryland-lottery/36547950#
Please reply to: (thepowerpackk@gmail.com) so we can go to the right
bank to issue a $3 million ATM card. This ATM card is supplied
together with your PIN for accessing your funds. Remember that all
replies to this message must be sent to (thepowerpackk@gmail.com) for
more information on how to receive this donation with a universal ATM
card that will be sent to you as soon as possible. Contact us as soon
as possible
Regards,
Power pack foundation
*
Powerball Jackpot Winner
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments