Donation spam from gmail posing as microsoft
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 12 Mar 2023 17:55:04 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1pbVWe-000BQ8-0D
for dave@doctor.nl2k.ab.ca;
Sun, 12 Mar 2023 17:54:52 -0600
Resent-From: The Doctor
Resent-Date: Sun, 12 Mar 2023 17:54:52 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-yw1-f193.google.com ([209.85.128.193]:39805)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from)
id 1pbLqL-000G5D-0h
for doctor@doctor.nl2k.ab.ca;
Sun, 12 Mar 2023 07:34:39 -0600
Received: by mail-yw1-f193.google.com with SMTP id 00721157ae682-5416b0ab0ecso64379537b3.6
for; Sun, 12 Mar 2023 06:32:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1678627948;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=4DVVxdfruVGWUV++XVG/leA1zEDpBP+gebe+wjWKqxY=;
b=pXNvfLNtuWPefPUncY7+Ef8mxNZLqYwq81myn/fH69BOthq2LKu0HqD8Dn915wy3O3
pO9Lh1pe4NGlPaSrHVdJC9x1u52pufJBp664mjRC8pbDJLCjLiuIfNvEkr6B/bSxixon
Wc5QHoCKHXqTHQQG569LigzDEw1Gxa/9g93a18Ak6f8itlvqpRHjOL014UO/AAOCRXcF
jEgdwG8p75ay2u72f0nP3Hyj+aDhZ7bsHBX7PpLfOxk/4TlBWUS1b0r9ZNtVHRq11z2D
Ovho+QjOYI1eUUZHf29Bv2aPjqLGxcUG3XR8xwKxK8AVaTe/2s7Eu0mYBfnAOZHBVmWf
4AUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1678627948;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=4DVVxdfruVGWUV++XVG/leA1zEDpBP+gebe+wjWKqxY=;
b=fh4TgRA9/3LdPtYdglhBPde/2ZT8mrg7Jp+u5762Fjj85dsJJDPNkmVLspElDvT9OT
hc64WH9JHeCUBg746aGIA45CAfC20ErJ5LCpmL2JTzh4NsG194jCEj6wFLm/mRZgP4x2
+sYxTTgy9mWxUfV9GkOf8HLD8KdMOso6PfOKhyTKVJ0r7V5hitFRwcGXznduxD2ZXUFK
PyQeUK8snbwy4+N2noaWEL2jr8MD+scNag0A07MEQDCKZhOxW3c3li8QJwJGKwqI0oAt
W9dEz5l6AKBJ4R66kiQ+ZAsufK0gCPWZ5Gu+0NyGr4sLsIm0DClX1Bd10/AnQjHJpZ+s
dbsg==
X-Gm-Message-State: AO0yUKUXgXok3fGuRbzIFJhn+aXiO6uRbJYUb/OxjTkuLApkNLjzSvcG
y7Ljf8AejspywU+Kbr5xbYKHJF/6xwzHOPtvA94=
X-Google-Smtp-Source: AK7set/+7VxPOLArxLjhl8FtHyOWcNDW/MW8uJUp159WTrIy3wpB1sSx03YDDc2XZpn9ZKnwJlhjCXVDWUVcoCkd1mU=
X-Received: by 2002:a81:ad5a:0:b0:541:a17f:c77d with SMTP id
l26-20020a81ad5a000000b00541a17fc77dmr150165ywk.10.1678627948069; Sun, 12 Mar
2023 06:32:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:7010:720b:b0:33a:3f61:2a8a with HTTP; Sun, 12 Mar 2023
06:32:27 -0700 (PDT)
Reply-To: corporationmicrosoft863@gmail.com
From: =?UTF-8?Q?Microsoft=C2=AE_Corporation?=
Date: Sun, 12 Mar 2023 06:32:27 -0700
Message-ID:
Subject: Payment
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 21.2
X-Spam_score_int: 212
X-Spam_bar: +++++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Dear beneficiary, You are welcome to Microsoft Corporation
office, Your E-mail is one of the E- mails randomly selected by Microsoft
corporation lottery department, Therefore you have won the sum of $ [...]
Content analysis details: (21.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.128.193 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ezrate531(at)gmail.com]
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
[corporationmicrosoft863(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ezrate531(at)gmail.com]
2.5 MILLION_USD BODY: Talks about millions of dollars
2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
3.5 DEAR_BENEFICIARY BODY: Dear Beneficiary:
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.193 listed in wl.mailspike.net]
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.8 HK_LOTTO No description available.
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
3.0 UNDISC_FREEM Undisclosed recipients + freemail reply-to
0.0 LOTTO_DEPT Claims Department
2.0 FILL_THIS_FORM_LONG Fill in a form with personal information
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
0.0 FILL_THIS_FORM Fill in a form with personal information
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases
1.8 ADVANCE_FEE_5_NEW_FRM_MNY Advance Fee fraud form and lots of money
0.0 MONEY_FORM Lots of money if you fill out a form
Subject: {SPAM?} Payment
Dear beneficiary,
You are welcome to Microsoft Corporation office, Your E-mail is one of
the E- mails randomly selected by Microsoft corporation lottery
department, Therefore you have won the sum of $1,000,000.00(One
million united states dollars)cash prize courtesy of Microsoft
Corporation. This exercise is held periodically and is organized to
encourage the use of the Internet and promote computer literacy
worldwide.
You are to provide the below personal information to enable us process
your claim;
Your Full names:
Home Address:
Country/State:
Phone number:
Occupation:
Monthly Income:
Gender:
Age:
Send the above information to our fiduciary agent via email:
microsoftc018@gmail.com
Congratulations once more from the entire management and staff of
Microsoft Cooperation to all our lucky winners this year. Thank you
for being part of this promotional lottery program. Our special thanks
and gratitude to Bill Gates of Microsoft and all his Associates for
alleviating poverty round the World.
Sincerely.
The Microsoft Internet E-mail lottery Awards is sponsored by our CEO/Chairm=
an.
Note that your award information was released with the following
particulars attached to it.
(1). Award Numbers: UK/149/2023
(2). Batch Numbers: MSOFT/421/8PDH
(3). Reference Numbers: GB/54/132/921/MSOFT
SATYA NADELLA
Chairman, Microsoft=C2=AE Corporation.
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 12 Mar 2023 17:55:04 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1pbVWe-000BQ8-0D
for dave@doctor.nl2k.ab.ca;
Sun, 12 Mar 2023 17:54:52 -0600
Resent-From: The Doctor
Resent-Date: Sun, 12 Mar 2023 17:54:52 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-yw1-f193.google.com ([209.85.128.193]:39805)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from
id 1pbLqL-000G5D-0h
for doctor@doctor.nl2k.ab.ca;
Sun, 12 Mar 2023 07:34:39 -0600
Received: by mail-yw1-f193.google.com with SMTP id 00721157ae682-5416b0ab0ecso64379537b3.6
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1678627948;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:from:to:cc:subject:date:message-id:reply-to;
bh=4DVVxdfruVGWUV++XVG/leA1zEDpBP+gebe+wjWKqxY=;
b=pXNvfLNtuWPefPUncY7+Ef8mxNZLqYwq81myn/fH69BOthq2LKu0HqD8Dn915wy3O3
pO9Lh1pe4NGlPaSrHVdJC9x1u52pufJBp664mjRC8pbDJLCjLiuIfNvEkr6B/bSxixon
Wc5QHoCKHXqTHQQG569LigzDEw1Gxa/9g93a18Ak6f8itlvqpRHjOL014UO/AAOCRXcF
jEgdwG8p75ay2u72f0nP3Hyj+aDhZ7bsHBX7PpLfOxk/4TlBWUS1b0r9ZNtVHRq11z2D
Ovho+QjOYI1eUUZHf29Bv2aPjqLGxcUG3XR8xwKxK8AVaTe/2s7Eu0mYBfnAOZHBVmWf
4AUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1678627948;
h=content-transfer-encoding:to:subject:message-id:date:from:reply-to
:mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=4DVVxdfruVGWUV++XVG/leA1zEDpBP+gebe+wjWKqxY=;
b=fh4TgRA9/3LdPtYdglhBPde/2ZT8mrg7Jp+u5762Fjj85dsJJDPNkmVLspElDvT9OT
hc64WH9JHeCUBg746aGIA45CAfC20ErJ5LCpmL2JTzh4NsG194jCEj6wFLm/mRZgP4x2
+sYxTTgy9mWxUfV9GkOf8HLD8KdMOso6PfOKhyTKVJ0r7V5hitFRwcGXznduxD2ZXUFK
PyQeUK8snbwy4+N2noaWEL2jr8MD+scNag0A07MEQDCKZhOxW3c3li8QJwJGKwqI0oAt
W9dEz5l6AKBJ4R66kiQ+ZAsufK0gCPWZ5Gu+0NyGr4sLsIm0DClX1Bd10/AnQjHJpZ+s
dbsg==
X-Gm-Message-State: AO0yUKUXgXok3fGuRbzIFJhn+aXiO6uRbJYUb/OxjTkuLApkNLjzSvcG
y7Ljf8AejspywU+Kbr5xbYKHJF/6xwzHOPtvA94=
X-Google-Smtp-Source: AK7set/+7VxPOLArxLjhl8FtHyOWcNDW/MW8uJUp159WTrIy3wpB1sSx03YDDc2XZpn9ZKnwJlhjCXVDWUVcoCkd1mU=
X-Received: by 2002:a81:ad5a:0:b0:541:a17f:c77d with SMTP id
l26-20020a81ad5a000000b00541a17fc77dmr150165ywk.10.1678627948069; Sun, 12 Mar
2023 06:32:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:7010:720b:b0:33a:3f61:2a8a with HTTP; Sun, 12 Mar 2023
06:32:27 -0700 (PDT)
Reply-To: corporationmicrosoft863@gmail.com
From: =?UTF-8?Q?Microsoft=C2=AE_Corporation?=
Date: Sun, 12 Mar 2023 06:32:27 -0700
Message-ID:
Subject: Payment
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 21.2
X-Spam_score_int: 212
X-Spam_bar: +++++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Dear beneficiary, You are welcome to Microsoft Corporation
office, Your E-mail is one of the E- mails randomly selected by Microsoft
corporation lottery department, Therefore you have won the sum of $ [...]
Content analysis details: (21.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.128.193 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[ezrate531(at)gmail.com]
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
[corporationmicrosoft863(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[ezrate531(at)gmail.com]
2.5 MILLION_USD BODY: Talks about millions of dollars
2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
3.5 DEAR_BENEFICIARY BODY: Dear Beneficiary:
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.128.193 listed in wl.mailspike.net]
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.8 HK_LOTTO No description available.
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
3.0 UNDISC_FREEM Undisclosed recipients + freemail reply-to
0.0 LOTTO_DEPT Claims Department
2.0 FILL_THIS_FORM_LONG Fill in a form with personal information
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
0.0 FILL_THIS_FORM Fill in a form with personal information
3.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs
0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases
1.8 ADVANCE_FEE_5_NEW_FRM_MNY Advance Fee fraud form and lots of money
0.0 MONEY_FORM Lots of money if you fill out a form
Subject: {SPAM?} Payment
Dear beneficiary,
You are welcome to Microsoft Corporation office, Your E-mail is one of
the E- mails randomly selected by Microsoft corporation lottery
department, Therefore you have won the sum of $1,000,000.00(One
million united states dollars)cash prize courtesy of Microsoft
Corporation. This exercise is held periodically and is organized to
encourage the use of the Internet and promote computer literacy
worldwide.
You are to provide the below personal information to enable us process
your claim;
Your Full names:
Home Address:
Country/State:
Phone number:
Occupation:
Monthly Income:
Gender:
Age:
Send the above information to our fiduciary agent via email:
microsoftc018@gmail.com
Congratulations once more from the entire management and staff of
Microsoft Cooperation to all our lucky winners this year. Thank you
for being part of this promotional lottery program. Our special thanks
and gratitude to Bill Gates of Microsoft and all his Associates for
alleviating poverty round the World.
Sincerely.
The Microsoft Internet E-mail lottery Awards is sponsored by our CEO/Chairm=
an.
Note that your award information was released with the following
particulars attached to it.
(1). Award Numbers: UK/149/2023
(2). Batch Numbers: MSOFT/421/8PDH
(3). Reference Numbers: GB/54/132/921/MSOFT
SATYA NADELLA
Chairman, Microsoft=C2=AE Corporation.
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments