by Billy Jack
Sat Sep 13, 2014 1:27 am
This is an ongoing Scam, Email always makes same claim but links to
HSBC SPOOF Login Page - Yet HSBC is never mentioned, Scam is
usually claiming to be Bank of America, or Nigeria, even Chase.
**I have left the attachment out of this post as it is just an ip address
that changes with each new Scam attempt.
==============================================================================
From: SUNTRUST BANK <[email protected]>
Date: Fri, Sep 12, 2014 at 3:42 PM
Subject: YOUR TRANSFER NOTIFICATION
To:
This is to inform you that we have concluded plans to finally transfer your fund to you but we cannot make this transfer without hearing from you and confirming that you are ready to accept the fund.We are also aware of the issues you had with the various department asking for money which has been resolved at the moment and we would advise you get back to this office immediately so that we can move ahead for the transfer.You are not expected to make anymore payment whatsoever on this transfer for any reason because as we speak the fund is ready to be transferred to any of your nominated Bank account or delivered to your doorstep as you wished.
Please download the attachment and make sure you login this your email ID and Password to confirm you are the through beneficiary of the funds.You should not worry for this file is encrypted and your information is secured.We therefore urge you to proceed now and login this your email information and every other email information you have been scammed from and then you will get access too your transfer code number which you will go to your bank with for them to confirm you are expecting a transfer.Please make sure you use the correct email information t login in.Congratulations Attached is your transfer slip.
Ip Address Provider City Country
* 194.102.194.153 Gmb Computers Srl Constanta Romania
91.146.105.137 Uk Webhosting Ltd n/a United Kingdom
Delivered-To:[email protected]
Received: by 10.114.20.198 with SMTP id p6csp789274lde;
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
X-Received: by 10.194.95.8 with SMTP id dg8mr15684824wjb.1.1410568051582;
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
Return-Path: <[email protected]>
Received: from piersaitman.servers.eqx.misp.co.uk (piersaitman.servers.eqx.misp.co.uk. [91.146.105.137])
by mx.google.com with ESMTPS id g4si5469246wib.102.2014.09.12.17.27.30
for <multiple recipients>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=91.146.105.137;
Authentication-Results: mx.google.com;
spf=neutral (google.com: [email protected] does not designate permitted sender hosts) [email protected]
Message-Id: <[email protected]>
Received: from [194.102.194.153] (port=41226 helo=User)
by piersaitman.servers.eqx.misp.co.uk with esmtpa (Exim 4.82)
(envelope-from <[email protected]>)
id 1XSZXl-00034z-MK; Fri, 12 Sep 2014 23:42:18 +0100
Reply-To: <[email protected]>
From: "SUNTRUST BANK"<[email protected]>
Subject: YOUR TRANSFER NOTIFICATION
Date: Fri, 12 Sep 2014 23:42:47 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_004D_01C2A9A6.412639E8"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - piersaitman.servers.eqx.misp.co.uk
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - suntrustbank.com
X-Get-Message-Sender-Via: piersaitman.servers.eqx.misp.co.uk: authenticated_id: [email protected]
This is a multi-part message in MIME format.
HSBC SPOOF Login Page - Yet HSBC is never mentioned, Scam is
usually claiming to be Bank of America, or Nigeria, even Chase.
**I have left the attachment out of this post as it is just an ip address
that changes with each new Scam attempt.
==============================================================================
From: SUNTRUST BANK <[email protected]>
Date: Fri, Sep 12, 2014 at 3:42 PM
Subject: YOUR TRANSFER NOTIFICATION
To:
This is to inform you that we have concluded plans to finally transfer your fund to you but we cannot make this transfer without hearing from you and confirming that you are ready to accept the fund.We are also aware of the issues you had with the various department asking for money which has been resolved at the moment and we would advise you get back to this office immediately so that we can move ahead for the transfer.You are not expected to make anymore payment whatsoever on this transfer for any reason because as we speak the fund is ready to be transferred to any of your nominated Bank account or delivered to your doorstep as you wished.
Please download the attachment and make sure you login this your email ID and Password to confirm you are the through beneficiary of the funds.You should not worry for this file is encrypted and your information is secured.We therefore urge you to proceed now and login this your email information and every other email information you have been scammed from and then you will get access too your transfer code number which you will go to your bank with for them to confirm you are expecting a transfer.Please make sure you use the correct email information t login in.Congratulations Attached is your transfer slip.
Ip Address Provider City Country
* 194.102.194.153 Gmb Computers Srl Constanta Romania
91.146.105.137 Uk Webhosting Ltd n/a United Kingdom
Delivered-To:[email protected]
Received: by 10.114.20.198 with SMTP id p6csp789274lde;
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
X-Received: by 10.194.95.8 with SMTP id dg8mr15684824wjb.1.1410568051582;
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
Return-Path: <[email protected]>
Received: from piersaitman.servers.eqx.misp.co.uk (piersaitman.servers.eqx.misp.co.uk. [91.146.105.137])
by mx.google.com with ESMTPS id g4si5469246wib.102.2014.09.12.17.27.30
for <multiple recipients>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Fri, 12 Sep 2014 17:27:31 -0700 (PDT)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=91.146.105.137;
Authentication-Results: mx.google.com;
spf=neutral (google.com: [email protected] does not designate permitted sender hosts) [email protected]
Message-Id: <[email protected]>
Received: from [194.102.194.153] (port=41226 helo=User)
by piersaitman.servers.eqx.misp.co.uk with esmtpa (Exim 4.82)
(envelope-from <[email protected]>)
id 1XSZXl-00034z-MK; Fri, 12 Sep 2014 23:42:18 +0100
Reply-To: <[email protected]>
From: "SUNTRUST BANK"<[email protected]>
Subject: YOUR TRANSFER NOTIFICATION
Date: Fri, 12 Sep 2014 23:42:47 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_004D_01C2A9A6.412639E8"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - piersaitman.servers.eqx.misp.co.uk
X-AntiAbuse: Original Domain - gmail.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - suntrustbank.com
X-Get-Message-Sender-Via: piersaitman.servers.eqx.misp.co.uk: authenticated_id: [email protected]
This is a multi-part message in MIME format.
