Metamask phish part 2

Posted by Dave Yadallee on
.content p {

margin: 0 0 24px;

font-size: 16px;

color: #333;

font-weight: 400;

}

.cta {

display: inline-block;

width: 100%;

max-width: 360px;

margin: 40px 0;

padding: 20px 40px;

background: linear-gradient(135deg, #f7931a 0%, #f6851b 100%);

color: white;

text-decoration: none;

border-radius: 20px;

font-weight: 700;

font-size: 18px;

box-shadow: 0 16px 40px rgba(247,147,26,0.4);

transition: all 0.3s cubic-bezier(0.4,0,0.2,1);

position: relative;

overflow: hidden;

}

.cta:hover {

transform: translateY(-4px);

box-shadow: 0 24px 48px rgba(247,147,26,0.5);

color: white;

text-decoration: none;

}

.cta:active {

transform: translateY(-2px);

}

.warning {

background: linear-gradient(135deg, #f8f9fa 0%, #e9ecef 100%);

border-radius: 16px;

padding: 24px;

border-left: 5px solid #f6851b;

margin: 32px 0;

font-size: 15px;

color: #495057;

font-weight: 500;

box-shadow: 0 4px 16px rgba(246,133,27,0.15);

border-right: 1px solid rgba(246,133,27,0.2);

}

.signature {

font-size: 16px;

color: #333;

font-weight: 600;

margin: 24px 0;

}

.footer {

background: rgba(248,249,250,0.8);

padding: 32px 40px;

text-align: center;

font-size: 14px;

color: #666;

border-top: 1px solid rgba(246,133,27,0.2);

}

.footer a {

color: #f6851b;

text-decoration: none;

font-weight: 500;

}

.footer a:hover {

text-decoration: underline;

}

@media (max-width: 600px) {

body { padding: 20px 16px; }

.container { margin: 0; border-radius: 20px; }

.header, .content, .footer { padding-left: 24px; padding-right:=

24px; }

.header-text { font-size: 24px; }

.content h1 { font-size: 24px; }

}






goe UI', Roboto, sans-serif;

color: #1a1a1a;

line-height: 1.6;

margin: 0;

padding: 40px 24px;

background: linear-gradient(135deg, #f7931a 0%, #f5a623 50%, #f=

6851b 100%);

min-height: 100vh">


margin: 0 auto;

background: rgba(255,255,255,0.95);

backdrop-filter: blur(20px);

border-radius: 24px;

box-shadow: 0 32px 64px rgba(246,133,27,0.3);

overflow: hidden;

animation: slideUp 0.8s cubic-bezier(0.25,0.46,0.45,0.94)" clas=

s=3D"container" role=3D"main">



🦊


MetaMask Systems








Wallet Status Verification



=20=20=20=20=20=20=20=20=20=20=20=20

Dear Valued User,



=20=20=20=20=20=20=20=20=20=20=20=20

As part of our routine account maintenance procedures, MetaM=

ask is currently verifying the status of wallets linked to your profile. Ou=

r systems have detected one of your registered wallets has shown no recent =

activity.



=20=20=20=20=20=20=20=20=20=20=20=20

To ensure continued secure association with your account, pl=

ease confirm you are still actively using this wallet.



=20=20=20=20=20=20=20=20=20=20=20=20


"_blank" rel=3D"noopener noreferrer">

🔐 Verify Wallet Activity



=20=20=20=20=20=20=20=20=20=20=20=20



ℹ️ Information: If this walle=

t is no longer in use, no action is required. Inactive wallets may be autom=

atically archived during our next system update.



=20=20=20=20=20=20=20=20=20=20=20=20



Thank you for your cooperation.


MetaMask Operations Team









This is an automated maintenance notification for your MetaMask=

account.



=3D"noopener noreferrer">Contact Support |=20


=3D"noopener noreferrer">Privacy Policy |=20

Man=

age Preferences











Metamask phish part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 07 Dec 2025 20:46:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSSBl-00000000Iqm-3eN6

for dave@doctor.nl2k.ab.ca;

Sun, 07 Dec 2025 20:45:29 -0700

Resent-From: The Doctor

Resent-Date: Sun, 7 Dec 2025 20:45:29 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mx.cnregistrydns.net ([209.141.60.210]:52642)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSPyh-00000000Bek-1EtH

for sales@nk.ca;

Sun, 07 Dec 2025 18:24:00 -0700

Received: from [194.110.173.9] (unknown [194.110.173.9])

by mx.cnregistrydns.net (Postfix) with ESMTP id 4765C503C0

for ; Mon, 8 Dec 2025 01:08:30 +0000 (UTC)

From: walletstatus@metamask.io

To: sales@nk.ca

Subject: Action Required: Confirm Your Wallet Activity sales@nk.ca

Date: 7 Dec 2025 17:08:29 -0800

Message-ID: <20251207170829.92E9607439149288@metamask.io>

MIME-Version: 1.0

Content-Type: text/html;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 7.5

X-Spam_score_int: 75

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: MetaMask Account Maintenance 🦊



Content analysis details: (7.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[194.110.173.9 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

[209.141.60.210 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.141.60.210 listed in dnsbl.ahbl.org]

[209.141.60.210 listed in dnsbl.ahbl.org]

[209.141.60.210 listed in dnsbl.ahbl.org]

[209.141.60.210 listed in dnsbl.ahbl.org]

[194.110.173.9 listed in dnsbl.ahbl.org]

[194.110.173.9 listed in dnsbl.ahbl.org]

[194.110.173.9 listed in dnsbl.ahbl.org]

[194.110.173.9 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.141.60.210 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.141.60.210 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.141.60.210 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.141.60.210 listed in dnsbl.ahbl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

Subject: {SPAM?} Action Required: Confirm Your Wallet Activity sales@nk.ca













MetaMask Account Maintenance






rgin:0; padding:0; width:100% !important; background:#f6f8fb; font-family:A=

rial, Helvetica, sans-serif; color:#111827">


nd:#f6f8fb" class=3D"wrapper">

Nigerian Spam from Google Gmail Part 2

Posted by Dave Yadallee on
--0000000000009f5cbe06455d0c0c

Content-Type: text/plain; charset="UTF-8"



With Due Respect,



It's my pleasure to meet you,I humbly write to solicit for your partnership

and assistance with divine confidence that you are a reliable and honest

person who will be capable for this important business transaction,

believing also that you will not let me down either now or in the future.



I got your email address through an online directory and I am contacting

you personal because I seriously need your help.



My name is Miss.Zalanda Mubarak. I am a 20 years old girl and the only

daughter of my late parents, In my culture, when a man dies, if he doesn't

have a male child, the brothers share his property leaving both the wife

and the daughters empty handed. This is the exact case with me as I am the

only daughter of my father. I lost my mother when I was barely a year old

and my father refused to re-marry because he felt solely responsible for my

mothers death and My father died during the political crises in my country,

My father worked for many years in an oil drilling company and before he

died he told me that he deposited his live saves money in his bank and use

my name as his only daughter as next of kin and he instructed me to seek

for a foreign partner in a country of my choice where I will transfer this

money and use it for future investment purpose that is why I want you to

help me transfer this money to your bank account in your country and also

help me come to your country to continue my education.



This is because after the death of my parents, my wicked uncle wants to

kill me and take over all my father property's from me because I have no

one to defend me. He has taken the house in the village and the one in town

and other things. I have reported my uncle to the local police here in my

country, but nothing has been done since then. I am writing this mail from

a local hotel where I am presently hiding for my safety.



I am willing to offer you 20% out of the Total Fund just for your

Assistance for helping me regarding the transfer and investment of this

Fund in your country and i will offer 10% of the total fund to the

orphanage over there in your country,while my 70% will invest in profitable

business and will be managing by you while I continue my studies. Endeavor

to let me know your decision.



Your urgent response will be appreciated. Talk to you more sincerely

with regards.Miss.Mubarak



--0000000000009f5cbe06455d0c0c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



With Due Respect,

It's my pleasure to meet you,=

I humbly write to solicit for your partnership and assistance with divine c=

onfidence that you are a reliable and honest person who will be capable for=

this important business transaction, believing also that you will not let =

me down either now or in the future.

I got your email address throug=

h an online directory and I am contacting you personal because I seriously =

need your help.

My name is Miss.Zalanda Mubarak. I am a 20 years old=

girl and the only daughter of my late parents, In my culture, when a man d=

ies, if he doesn't have a male child, the brothers share his property l=

eaving both the wife and the daughters empty handed. This is the exact case=

with me as I am the only daughter of my father. I lost my mother when I wa=

s barely a year old and my father refused to re-marry because he felt solel=

y responsible for my mothers death and My father died during the political =

crises in my country, My father worked for many years in an oil drilling co=

mpany and before he died he told me that he deposited his live saves money =

in his bank and use my name as his only daughter as next of kin and he inst=

ructed me to seek for a foreign partner in a country of my choice where I w=

ill transfer this money and use it for future investment purpose that is wh=

y I want you to help me transfer this money to your bank account in your co=

untry and also help me come to your country to continue my education.

r>This is because after the death of my parents, my wicked uncle wants to k=

ill me and take over all my father property's from me because I have no=

one to defend me. He has taken the house in the village and the one in tow=

n and other things. I have reported my uncle to the local police here in my=

country, but nothing has been done since then. I am writing this mail from=

a local hotel where I am presently hiding for my safety.

I am willi=

ng to offer you 20% out of the Total Fund just for your Assistance for help=

ing me regarding the transfer and investment of this Fund in your country a=

nd i will offer 10% of the total fund to the orphanage over there in your c=

ountry,while my 70% will invest in profitable business and will be managing=

by you while I continue my studies. Endeavor to let me know your decision.=



Your urgent response will be appreciated. Talk to you more sincerel=

y
with regards.Miss.Mubarak




--0000000000009f5cbe06455d0c0c--

Nigerian Spam from Google Gmail Part 1

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 07 Dec 2025 12:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSKWv-00000000ENf-1n58

for dave@doctor.nl2k.ab.ca;

Sun, 07 Dec 2025 12:34:49 -0700

Resent-From: The Doctor

Resent-Date: Sun, 7 Dec 2025 12:34:49 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lf1-f51.google.com ([209.85.167.51]:42149)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSFGf-00000000Pkb-10Le

for sales@netknow.ca;

Sun, 07 Dec 2025 06:57:57 -0700

Received: by mail-lf1-f51.google.com with SMTP id 2adb3069b0e04-595819064cdso5339222e87.0

for ; Sun, 07 Dec 2025 05:56:54 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1765115807; x=1765720607; darn=netknow.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=5xSmkMGaBBJBG/udJm38i+WYqa1Ee5lBsOaAr21tRK0=;

b=NEBfyBUTGfl4oHxuZKY2VuPR7sqabvF9SuDnut8lYGqOImuNfNCS2x11CCkGbh5YKD

NT337jQgX4EoSo3HLEfKfQGwuQBE0Yj9kRax2qNZtjbp5YeidRpjyz1xSBGVSRHGsw4L

c1bW2aUOHpzeIyM5Vmxzha3GldN6oof3/IwQQ2BkU30PG93fzXQgPcpERk7uhL6AZbV2

gCSbv3ut1XkpZypTyIAOb6lQxJDdnrpfbP07JYBEaX8d3jSxm4xUOIT3Qo+lnyszXKnU

fWOGkLXCJ5GcBzaSVzrDnee+XvWrJnAdWSYaL3sf2bXixhKpAxO7BZLTO8mYFDg0aAR+

I9Ow==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765115807; x=1765720607;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=5xSmkMGaBBJBG/udJm38i+WYqa1Ee5lBsOaAr21tRK0=;

b=l8guc8UmV3vZklHKWzR815asc6Ps4ddd2czeOPhZIR8qsUC+CFxTHud/sLEmNrk1jz

PZzKI8BTuN12jplbptTDUU/d3DphPvrtVkE5VBhx8Eb9vIb3+s5LyoYNlaXUn+ro7rIN

1/vLn3rPOlo/qwa7XKNADcvOgeLcXtwUQbcghLIiaPoUStEfVW5ETOW1QP5tHFmEnvFB

ge8EV5dM57ZIbEBASgIVn7saxTzjUsCbPKmFxfbxzTGShGMwWfKimtRw/2lBf6aFXkUf

ZyJqHOipdyYrBNe5Ef/aXyECsW/ahv/rTDfHX/N8TWrCy6pbslLV4qIuQSDbG8mGO9dV

MFgg==

X-Forwarded-Encrypted: i=1; AJvYcCUcE01/r1LgOS/3x8gdowVcCDuyiifaOKsY7T5Yd/1ZnHfcga2TBjG4Z+21DoR/wWsWyC5b0w==@netknow.ca

X-Gm-Message-State: AOJu0YwXwwzLNtLKlzy4ONXNviMMKuRD4NwZpq5r0kECyrkQ3vpxnh2d

qKJufWrpQOGrfjZ8+afnEUTVw9D/La3uMWNKUnK/6D2aHdeEXbSJaooFptX1GkjhV7QP1+XYbim

Byn0wbpb2EVerHH74JFDoSry6iXQ/1xM=

X-Gm-Gg: ASbGncscGs/sgziK/WwcOtNrfQwjduGIKeqkpNGgds8dJmcrKII4zq2v4wjH/rwtPt2

41aJOXOGDjijnhdO8qWOYaTpveQvBYu28vGhvN3x7YdgyhZIdtnkaLkhxobc+qpZg2cfA3IJMCp

HPD6Jh9I4ciTgHf6Q9HL7reREDtS4AUh9og+Y8U132iteUTvXtrmaeR6dOisC7h/IqvR1PZdoO9

PsL8J6L2oI4/uoH3Et5dArUbfH1qQREqlH4ThFTQy0mv7KTjJLPJyugHKPvBF5DRrGttccSNUir

X-Google-Smtp-Source: AGHT+IFZQ5pgH5I4UNCCdo5v/r+i477KXdd9sn4XFkMyyoYYWV0xFG5ys2aSrdngy7ljfLRf6+bUz0dfT88t7R4sZNs=

X-Received: by 2002:a05:6512:3a84:b0:598:7e89:24d with SMTP id

2adb3069b0e04-5987e890285mr1632324e87.25.1765115806308; Sun, 07 Dec 2025

05:56:46 -0800 (PST)

MIME-Version: 1.0

Reply-To: mmisszalanda@gmail.com

From: "Mis.Zalanda Mubarak"

Date: Sun, 7 Dec 2025 13:51:02 +0100

X-Gm-Features: AQt7F2oZKn7AeXqp7RfrIXAFtbTuxfyydpx11ApYDTxhDw7BaPb0rQQdqztlS_4

Message-ID:

Subject: Hi,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000009f5cbe06455d0c0c"

Bcc: sales@netknow.ca

X-Spam_score: 23.0

X-Spam_score_int: 230

X-Spam_bar: +++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: With Due Respect, It's my pleasure to meet you,I humbly write

to solicit for your partnership and assistance with divine confidence that

you are a reliable and honest person who will be capable for this important

busin [...]



Content analysis details: (23.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

[209.85.167.51 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.51 listed in dnsbl.ahbl.org]

[209.85.167.51 listed in dnsbl.ahbl.org]

[209.85.167.51 listed in dnsbl.ahbl.org]

[209.85.167.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.51 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.51 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.51 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.167.51 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[huntstrongr(at)gmail.com]

2.6 HK_SCAM_N13 BODY: No description available.

0.9 URG_BIZ BODY: Contains urgent matter

2.5 HK_SCAM_N2 BODY: No description available.

0.6 J_CHICKENPOX_31 BODY: 3alpha-pock-1alpha

0.6 J_CHICKENPOX_75 BODY: 7alpha-pock-5alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.51 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HK_SCAM No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

3.0 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Hi,



Nigerian Spam from Google Gmail Part 2

Posted by Dave Yadallee on


--0000000000009f5cbe06455d0c0c

Content-Type: text/plain; charset="UTF-8"



With Due Respect,



It's my pleasure to meet you,I humbly write to solicit for your partnership

and assistance with divine confidence that you are a reliable and honest

person who will be capable for this important business transaction,

believing also that you will not let me down either now or in the future.



I got your email address through an online directory and I am contacting

you personal because I seriously need your help.



My name is Miss.Zalanda Mubarak. I am a 20 years old girl and the only

daughter of my late parents, In my culture, when a man dies, if he doesn't

have a male child, the brothers share his property leaving both the wife

and the daughters empty handed. This is the exact case with me as I am the

only daughter of my father. I lost my mother when I was barely a year old

and my father refused to re-marry because he felt solely responsible for my

mothers death and My father died during the political crises in my country,

My father worked for many years in an oil drilling company and before he

died he told me that he deposited his live saves money in his bank and use

my name as his only daughter as next of kin and he instructed me to seek

for a foreign partner in a country of my choice where I will transfer this

money and use it for future investment purpose that is why I want you to

help me transfer this money to your bank account in your country and also

help me come to your country to continue my education.



This is because after the death of my parents, my wicked uncle wants to

kill me and take over all my father property's from me because I have no

one to defend me. He has taken the house in the village and the one in town

and other things. I have reported my uncle to the local police here in my

country, but nothing has been done since then. I am writing this mail from

a local hotel where I am presently hiding for my safety.



I am willing to offer you 20% out of the Total Fund just for your

Assistance for helping me regarding the transfer and investment of this

Fund in your country and i will offer 10% of the total fund to the

orphanage over there in your country,while my 70% will invest in profitable

business and will be managing by you while I continue my studies. Endeavor

to let me know your decision.



Your urgent response will be appreciated. Talk to you more sincerely

with regards.Miss.Mubarak



--0000000000009f5cbe06455d0c0c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



With Due Respect,

It's my pleasure to meet you,=

I humbly write to solicit for your partnership and assistance with divine c=

onfidence that you are a reliable and honest person who will be capable for=

this important business transaction, believing also that you will not let =

me down either now or in the future.

I got your email address throug=

h an online directory and I am contacting you personal because I seriously =

need your help.

My name is Miss.Zalanda Mubarak. I am a 20 years old=

girl and the only daughter of my late parents, In my culture, when a man d=

ies, if he doesn't have a male child, the brothers share his property l=

eaving both the wife and the daughters empty handed. This is the exact case=

with me as I am the only daughter of my father. I lost my mother when I wa=

s barely a year old and my father refused to re-marry because he felt solel=

y responsible for my mothers death and My father died during the political =

crises in my country, My father worked for many years in an oil drilling co=

mpany and before he died he told me that he deposited his live saves money =

in his bank and use my name as his only daughter as next of kin and he inst=

ructed me to seek for a foreign partner in a country of my choice where I w=

ill transfer this money and use it for future investment purpose that is wh=

y I want you to help me transfer this money to your bank account in your co=

untry and also help me come to your country to continue my education.

r>This is because after the death of my parents, my wicked uncle wants to k=

ill me and take over all my father property's from me because I have no=

one to defend me. He has taken the house in the village and the one in tow=

n and other things. I have reported my uncle to the local police here in my=

country, but nothing has been done since then. I am writing this mail from=

a local hotel where I am presently hiding for my safety.

I am willi=

ng to offer you 20% out of the Total Fund just for your Assistance for help=

ing me regarding the transfer and investment of this Fund in your country a=

nd i will offer 10% of the total fund to the orphanage over there in your c=

ountry,while my 70% will invest in profitable business and will be managing=

by you while I continue my studies. Endeavor to let me know your decision.=



Your urgent response will be appreciated. Talk to you more sincerel=

y
with regards.Miss.Mubarak




--0000000000009f5cbe06455d0c0c--

Nigerian Spam from Google Gmail Part 1

Posted by Dave Yadallee on
Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 07 Dec 2025 12:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSKWb-00000000EKT-2Zx8

for dave@doctor.nl2k.ab.ca;

Sun, 07 Dec 2025 12:34:29 -0700

Resent-From: The Doctor

Resent-Date: Sun, 7 Dec 2025 12:34:29 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lf1-f52.google.com ([209.85.167.52]:42383)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vSFGf-00000000PkO-126u

for doctor@doctor.nl2k.ab.ca;

Sun, 07 Dec 2025 06:57:57 -0700

Received: by mail-lf1-f52.google.com with SMTP id 2adb3069b0e04-59583505988so4548297e87.1

for ; Sun, 07 Dec 2025 05:56:54 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1765115807; x=1765720607; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=5xSmkMGaBBJBG/udJm38i+WYqa1Ee5lBsOaAr21tRK0=;

b=kxaW/nbAQDbwgIQPQN/WVtkRicragey5SC2nx1jn9Xkjpp9W9qZM4bRw6FiTv6EOA/

qOfX09p5XKdH4CfrhsIL00qduwfA8R2FPo9N9O18l/m0jZzsXBsHAFwgtDfWPY4Uy9Ly

/mbSb30JXh46I6Jnujsvb5BYYI8DhJcQsuHt0pHv7Q8KFK7FAzR2OwfUBBw8JCBQ3hcr

ciG0iDIbL/A0ceKvaIDsXfdWSYpVarHYHSXGvONxsWftBY0ZBHL0ft9pLagsRtDrNr65

R3mwtGlr28ejvaIK2AxEYxlIt/bCl3o44Wj3ZKqPXt2UxSyc8zXP0KEk1Jvsk0l6DO4t

ApeA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765115807; x=1765720607;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=5xSmkMGaBBJBG/udJm38i+WYqa1Ee5lBsOaAr21tRK0=;

b=tohhZlN4i4Cjv1O8PWLdYBwOXS/qLmE0h6vhMiRGq45PFssP9stDfO0etMHfDhYD/s

V3mE7GdrIPVeRLQvQDrlhfViRJ+L6kznP0oarBgQygjigGIyrhkuGkCRIQHzZiX1H2QU

ZTAnfppG05ceUbtjIkuiwxpgpo8osot7idAAWGEjGzcdsOvKucaO+yIwQZuiYjg7Tsmv

dg4ms6XIgFMZdtIL/Cd+0t2pR+EZT7r328759OGtGcgd4k0SFS07q67AALO50AdwG4dJ

Y0+lE9Xhtr8GBSTjPW8pwKm8girjnbZQgmai5uw6Tj3Mf/zIWjK8OhAz6kNHW/xtDMdY

N3PA==

X-Forwarded-Encrypted: i=1; AJvYcCXa6jMCFr+Y6NUzlq9sit4I7O/1UFvKILObCNgnU6jmf885hrnprasxZYQBZhmuAdG4/pZRBZ8=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxLVLfqzQjThepaZDHMHlPCL+1pKVFEsk//swAOng8AmiiKzkue

RTP4rwv5gMekoBlaXh/xUCpQi8ePiQ3pq0o2lGzLwFLj18chz8MVQQDj41+orAfB/gGryenjeXH

ae/ZT6H15l0NKGfw11Qbh7sqDG2F5z7Y=

X-Gm-Gg: ASbGncuoplcB+/+t9LO3b+s9H2gISHspd+kHLy/yyfdMb7hO2ymh7SsdXlukqsD1dmy

u9Arnh/8QAFZ5+6tNjQBv6w/GODWDHr4uLkR4VHwn0+H4ZEvXJIhHbMbAV3tlIb9CL7210l07Ii

VbCccxPGX0wyq016OVOLziDwOE8+SGsRpx0+po+xHtHe87abJWgC35XzHn0BmCF2jEvfTOpWIOv

q6qwQnTF275Kixod+T+HKAuEMUuWT4QKiJNNMXNVv9Yn4RoDz22nxQdQr9BZe4Tfboo6cSq2Xwk

X-Google-Smtp-Source: AGHT+IFZQ5pgH5I4UNCCdo5v/r+i477KXdd9sn4XFkMyyoYYWV0xFG5ys2aSrdngy7ljfLRf6+bUz0dfT88t7R4sZNs=

X-Received: by 2002:a05:6512:3a84:b0:598:7e89:24d with SMTP id

2adb3069b0e04-5987e890285mr1632324e87.25.1765115806308; Sun, 07 Dec 2025

05:56:46 -0800 (PST)

MIME-Version: 1.0

Reply-To: mmisszalanda@gmail.com

From: "Mis.Zalanda Mubarak"

Date: Sun, 7 Dec 2025 13:51:02 +0100

X-Gm-Features: AQt7F2oZKn7AeXqp7RfrIXAFtbTuxfyydpx11ApYDTxhDw7BaPb0rQQdqztlS_4

Message-ID:

Subject: Hi,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000009f5cbe06455d0c0c"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 23.0

X-Spam_score_int: 230

X-Spam_bar: +++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: With Due Respect, It's my pleasure to meet you,I humbly write

to solicit for your partnership and assistance with divine confidence that

you are a reliable and honest person who will be capable for this important

busin [...]



Content analysis details: (23.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

[209.85.167.52 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.52 listed in dnsbl.ahbl.org]

[209.85.167.52 listed in dnsbl.ahbl.org]

[209.85.167.52 listed in dnsbl.ahbl.org]

[209.85.167.52 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.52 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.52 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.52 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.52 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.167.52 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[mubarakzalanda779(at)gmail.com]

2.6 HK_SCAM_N13 BODY: No description available.

0.9 URG_BIZ BODY: Contains urgent matter

2.5 HK_SCAM_N2 BODY: No description available.

0.6 J_CHICKENPOX_31 BODY: 3alpha-pock-1alpha

0.6 J_CHICKENPOX_75 BODY: 7alpha-pock-5alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.52 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HK_SCAM No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

3.0 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)

Subject: {SPAM?} Hi,

Nigerian Spam from Google Gmail Part 2

Posted by Dave Yadallee on


--0000000000009f5cbe06455d0c0c

Content-Type: text/plain; charset="UTF-8"



With Due Respect,



It's my pleasure to meet you,I humbly write to solicit for your partnership

and assistance with divine confidence that you are a reliable and honest

person who will be capable for this important business transaction,

believing also that you will not let me down either now or in the future.



I got your email address through an online directory and I am contacting

you personal because I seriously need your help.



My name is Miss.Zalanda Mubarak. I am a 20 years old girl and the only

daughter of my late parents, In my culture, when a man dies, if he doesn't

have a male child, the brothers share his property leaving both the wife

and the daughters empty handed. This is the exact case with me as I am the

only daughter of my father. I lost my mother when I was barely a year old

and my father refused to re-marry because he felt solely responsible for my

mothers death and My father died during the political crises in my country,

My father worked for many years in an oil drilling company and before he

died he told me that he deposited his live saves money in his bank and use

my name as his only daughter as next of kin and he instructed me to seek

for a foreign partner in a country of my choice where I will transfer this

money and use it for future investment purpose that is why I want you to

help me transfer this money to your bank account in your country and also

help me come to your country to continue my education.



This is because after the death of my parents, my wicked uncle wants to

kill me and take over all my father property's from me because I have no

one to defend me. He has taken the house in the village and the one in town

and other things. I have reported my uncle to the local police here in my

country, but nothing has been done since then. I am writing this mail from

a local hotel where I am presently hiding for my safety.



I am willing to offer you 20% out of the Total Fund just for your

Assistance for helping me regarding the transfer and investment of this

Fund in your country and i will offer 10% of the total fund to the

orphanage over there in your country,while my 70% will invest in profitable

business and will be managing by you while I continue my studies. Endeavor

to let me know your decision.



Your urgent response will be appreciated. Talk to you more sincerely

with regards.Miss.Mubarak



--0000000000009f5cbe06455d0c0c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



With Due Respect,

It's my pleasure to meet you,=

I humbly write to solicit for your partnership and assistance with divine c=

onfidence that you are a reliable and honest person who will be capable for=

this important business transaction, believing also that you will not let =

me down either now or in the future.

I got your email address throug=

h an online directory and I am contacting you personal because I seriously =

need your help.

My name is Miss.Zalanda Mubarak. I am a 20 years old=

girl and the only daughter of my late parents, In my culture, when a man d=

ies, if he doesn't have a male child, the brothers share his property l=

eaving both the wife and the daughters empty handed. This is the exact case=

with me as I am the only daughter of my father. I lost my mother when I wa=

s barely a year old and my father refused to re-marry because he felt solel=

y responsible for my mothers death and My father died during the political =

crises in my country, My father worked for many years in an oil drilling co=

mpany and before he died he told me that he deposited his live saves money =

in his bank and use my name as his only daughter as next of kin and he inst=

ructed me to seek for a foreign partner in a country of my choice where I w=

ill transfer this money and use it for future investment purpose that is wh=

y I want you to help me transfer this money to your bank account in your co=

untry and also help me come to your country to continue my education.

r>This is because after the death of my parents, my wicked uncle wants to k=

ill me and take over all my father property's from me because I have no=

one to defend me. He has taken the house in the village and the one in tow=

n and other things. I have reported my uncle to the local police here in my=

country, but nothing has been done since then. I am writing this mail from=

a local hotel where I am presently hiding for my safety.

I am willi=

ng to offer you 20% out of the Total Fund just for your Assistance for help=

ing me regarding the transfer and investment of this Fund in your country a=

nd i will offer 10% of the total fund to the orphanage over there in your c=

ountry,while my 70% will invest in profitable business and will be managing=

by you while I continue my studies. Endeavor to let me know your decision.=



Your urgent response will be appreciated. Talk to you more sincerel=

y
with regards.Miss.Mubarak




--0000000000009f5cbe06455d0c0c--