jackpot phish from gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 15 Feb 2023 07:58:24 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1pSJEm-000FZZ-0i
for dave@doctor.nl2k.ab.ca;
Wed, 15 Feb 2023 07:58:24 -0700
Resent-From: The Doctor
Resent-Date: Wed, 15 Feb 2023 07:58:24 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lj1-f171.google.com ([209.85.208.171]:44766)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from)
id 1pSJBR-000Ez2-30
for bin@nl2k.ab.ca;
Wed, 15 Feb 2023 07:54:50 -0700
Received: by mail-lj1-f171.google.com with SMTP id b16so22464123ljr.11
for; Wed, 15 Feb 2023 06:52:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=lVrie1FHIWXkwVo/ycb4J5IEQ1TY4FpQUX/0n5r1fabRn8wJt2wHc2MNqv3jAIHGSw
vv/m5LWoei/+nkfna0w0PBtcArec435eelfUg7679qTaXUecEsu1t3Z3Km2xh7OvWeW3
2BwOuPltfTSuXplK/H5bBgnoLTPlac2ZYCDAUUHogqgMTwQTdo2MFaiW4XJztwV8Npr8
MoFCyxoPL5/FnqHoKIdz/HgQCRlFhzrlPCp5lI3Re8hbxXG70TaZGaTFyMVHwgiCaK3/
4TzV2h/viICPMFkmEunLXBnl8azbcpVcEbAahKuUraw4ib+tWUZxq4wdItQ3kbnD+0j8
DpPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=56lwySRCs2eiqy5I01CkeE8qDAAPlj648w9nUjS46m5liPPR6goY4Gav0YTvSEgKEA
gtIMFnUwsnciaQw3Stgenc1A1JtuRxbg7xmjXR+wH4omcOwQ4i6DQTGfndQY6dl2F4xP
bTAptGkvB1Wo2JbG+6OKv+fyFNiWSSN0+MnhhIR0x3X6AFcweLSlzHMjtP2QMttxIT3/
/kBFhljA7Xc2orlUCZ869MuxW7Onw/CZfxV1qByi4jMy4uq3RsEb38iyGbBz6Vpt0ojd
p13FkVVjj++d6RpQDdPGgXx5Rc7RZGF6KxQT70eiFqGCjIMmRnqUCeQdM0C8zvWFZWsV
PNwg==
X-Gm-Message-State: AO0yUKXJcqWKXUH5M+3VHdhX0/ioDzk521s9ZxlbffjQ5JluDNAaZGZl
7gGwE+bwfgyt0Sef/SF4RhOIc1q+HLAlMpNY8EU=
X-Google-Smtp-Source: AK7set/JvY6HyKpVwO5FS/YYMDuRRm1MVdMFdZl6mSmq0ROwGGH/jb1dWKAdPKG5nrupvHGxHnE836gNgF4F7QMtb+0=
X-Received: by 2002:a2e:a49b:0:b0:293:5f43:c7b0 with SMTP id
h27-20020a2ea49b000000b002935f43c7b0mr632744lji.5.1676472761088; Wed, 15 Feb
2023 06:52:41 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6520:503:b0:23e:ca06:2b28 with HTTP; Wed, 15 Feb 2023
06:52:40 -0800 (PST)
Reply-To: thepowerpackk@gmail.com
From: The Power Pack
Date: Wed, 15 Feb 2023 06:52:40 -0800
Message-ID:
Subject: spende
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: bin@nl2k.ab.ca
X-Spam_score: 13.8
X-Spam_score_int: 138
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: -- Good day dear beneficiaries, You have received this message
from the Power Pack Foundation; We are The Power Pack and the winner of the
$731.1 million Powerball jackpot. We are one of the largest j [...]
Content analysis details: (13.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.208.171 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ljoe99720(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ljoe99720(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.208.171 listed in wl.mailspike.net]
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
1.5 MONEY_ATM_CARD Lots of money on an ATM card
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases
2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} spende
--
Good day dear beneficiaries,
You have received this message from the Power Pack Foundation;
We are The Power Pack and the winner of the $731.1 million Powerball
jackpot. We are one of the largest jackpot winners in the history of
the Maryland Lottery in the United States. We won this lottery on
January 20, 2021 and would like to inform you that at my request,
Google in cooperation with Microsoft sent your "email address" to
receive a donation of $ 3 million . We're giving you this $3 million
to help charities and poor people in your community so we can make the
world a better place for everyone. Please visit the website below for
more information so as not to be skeptical about this $3 million
donation
Click on the link below:
https://www.wbaltv.com/article/dollar7311m-powerball-jackpot-ticket-claimed-maryland-lottery/36547950#
Please reply to: (thepowerpackk@gmail.com) so we can go to the right
bank to issue a $3 million ATM card. This ATM card is supplied
together with your PIN for accessing your funds. Remember that all
replies to this message must be sent to (thepowerpackk@gmail.com) for
more information on how to receive this donation with a universal ATM
card that will be sent to you as soon as possible. Contact us as soon
as possible
Regards,
Power pack foundation
*
Powerball Jackpot Winner
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 15 Feb 2023 07:58:24 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1pSJEm-000FZZ-0i
for dave@doctor.nl2k.ab.ca;
Wed, 15 Feb 2023 07:58:24 -0700
Resent-From: The Doctor
Resent-Date: Wed, 15 Feb 2023 07:58:24 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lj1-f171.google.com ([209.85.208.171]:44766)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from
id 1pSJBR-000Ez2-30
for bin@nl2k.ab.ca;
Wed, 15 Feb 2023 07:54:50 -0700
Received: by mail-lj1-f171.google.com with SMTP id b16so22464123ljr.11
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=lVrie1FHIWXkwVo/ycb4J5IEQ1TY4FpQUX/0n5r1fabRn8wJt2wHc2MNqv3jAIHGSw
vv/m5LWoei/+nkfna0w0PBtcArec435eelfUg7679qTaXUecEsu1t3Z3Km2xh7OvWeW3
2BwOuPltfTSuXplK/H5bBgnoLTPlac2ZYCDAUUHogqgMTwQTdo2MFaiW4XJztwV8Npr8
MoFCyxoPL5/FnqHoKIdz/HgQCRlFhzrlPCp5lI3Re8hbxXG70TaZGaTFyMVHwgiCaK3/
4TzV2h/viICPMFkmEunLXBnl8azbcpVcEbAahKuUraw4ib+tWUZxq4wdItQ3kbnD+0j8
DpPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=Sh77pwlDWxd5SXpxBOHDv4q0gYigsatuXvk2XVZrIqI=;
b=56lwySRCs2eiqy5I01CkeE8qDAAPlj648w9nUjS46m5liPPR6goY4Gav0YTvSEgKEA
gtIMFnUwsnciaQw3Stgenc1A1JtuRxbg7xmjXR+wH4omcOwQ4i6DQTGfndQY6dl2F4xP
bTAptGkvB1Wo2JbG+6OKv+fyFNiWSSN0+MnhhIR0x3X6AFcweLSlzHMjtP2QMttxIT3/
/kBFhljA7Xc2orlUCZ869MuxW7Onw/CZfxV1qByi4jMy4uq3RsEb38iyGbBz6Vpt0ojd
p13FkVVjj++d6RpQDdPGgXx5Rc7RZGF6KxQT70eiFqGCjIMmRnqUCeQdM0C8zvWFZWsV
PNwg==
X-Gm-Message-State: AO0yUKXJcqWKXUH5M+3VHdhX0/ioDzk521s9ZxlbffjQ5JluDNAaZGZl
7gGwE+bwfgyt0Sef/SF4RhOIc1q+HLAlMpNY8EU=
X-Google-Smtp-Source: AK7set/JvY6HyKpVwO5FS/YYMDuRRm1MVdMFdZl6mSmq0ROwGGH/jb1dWKAdPKG5nrupvHGxHnE836gNgF4F7QMtb+0=
X-Received: by 2002:a2e:a49b:0:b0:293:5f43:c7b0 with SMTP id
h27-20020a2ea49b000000b002935f43c7b0mr632744lji.5.1676472761088; Wed, 15 Feb
2023 06:52:41 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6520:503:b0:23e:ca06:2b28 with HTTP; Wed, 15 Feb 2023
06:52:40 -0800 (PST)
Reply-To: thepowerpackk@gmail.com
From: The Power Pack
Date: Wed, 15 Feb 2023 06:52:40 -0800
Message-ID:
Subject: spende
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: bin@nl2k.ab.ca
X-Spam_score: 13.8
X-Spam_score_int: 138
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: -- Good day dear beneficiaries, You have received this message
from the Power Pack Foundation; We are The Power Pack and the winner of the
$731.1 million Powerball jackpot. We are one of the largest j [...]
Content analysis details: (13.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.208.171 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ljoe99720(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ljoe99720(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.208.171 listed in wl.mailspike.net]
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
1.5 MONEY_ATM_CARD Lots of money on an ATM card
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases
2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} spende
--
Good day dear beneficiaries,
You have received this message from the Power Pack Foundation;
We are The Power Pack and the winner of the $731.1 million Powerball
jackpot. We are one of the largest jackpot winners in the history of
the Maryland Lottery in the United States. We won this lottery on
January 20, 2021 and would like to inform you that at my request,
Google in cooperation with Microsoft sent your "email address" to
receive a donation of $ 3 million . We're giving you this $3 million
to help charities and poor people in your community so we can make the
world a better place for everyone. Please visit the website below for
more information so as not to be skeptical about this $3 million
donation
Click on the link below:
https://www.wbaltv.com/article/dollar7311m-powerball-jackpot-ticket-claimed-maryland-lottery/36547950#
Please reply to: (thepowerpackk@gmail.com) so we can go to the right
bank to issue a $3 million ATM card. This ATM card is supplied
together with your PIN for accessing your funds. Remember that all
replies to this message must be sent to (thepowerpackk@gmail.com) for
more information on how to receive this donation with a universal ATM
card that will be sent to you as soon as possible. Contact us as soon
as possible
Regards,
Power pack foundation
*
Powerball Jackpot Winner
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments