RESERVE BANK OF INDIA <[email protected]>

Header Analysis Quick Report<br>Originating IP: 115.241.146.0<br>Originating ISP: Bses Telecom Limited<br> City: Mumbai<br>Country of Origin: India<br>* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.54.202 with SMTP id l10csp209861pdp;
Wed, 30 Oct 2013 01:20:40 -0700 (PDT)
X-Received: by 10.50.67.46 with SMTP id k14mr1471294igt.16.1383121240064;
Wed, 30 Oct 2013 01:20:40 -0700 (PDT)
Return-Path: <>
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com. [184.154.1.124])
by mx.google.com with ESMTPS id ut2si3446156icb.60.2013.10.30.01.20.39
for <snipped>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Wed, 30 Oct 2013 01:20:39 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of r8-chicago.webserversystems.com designates 184.154.1.124 as permitted sender) client-ip=184.154.1.124;
Authentication-Results: mx.google.com;
spf=pass (google.com: best guess record for domain of r8-chicago.webserversystems.com designates 184.154.1.124 as permitted sender) smtp.mail=
Received: from alpha.cactusgraphics.com ([64.33.49.105]:50675)
by r8-chicago.webserversystems.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.80)
id 1VbR13-0004fD-N7
for <snipped>; Wed, 30 Oct 2013 03:20:38 -0500
X-ClientAddr: 115.241.146.0
Received: from [115.241.146.0] ([115.241.146.0])
(authenticated bits=0)
by alpha.cactusgraphics.com (8.13.8/8.13.8 ) with ESMTP id r9KILhQK019201;
Sun, 20 Oct 2013 14:37:05 -0400
Message-Id: <[email protected]>
Content-Type: multipart/mixed; boundary="===============1177172958=="
MIME-Version: 1.0
To: Recipients <>
From: "Reserve Bank Of India"<>
Date: Mon, 21 Oct 2013 00:16:22 +0530
Reply-To: [email protected]
X-cactusgraphics_com-MailScanner-Information: Please contact the ISP for more information
X-cactusgraphics_com-MailScanner: Found to be clean
X-cactusgraphics_com-MailScanner-From:
X-Spam-Status: No
X-Spam-Status: Yes, score=18.9
X-Spam-Score: 189
X-Spam-Bar: ++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: CHECK YOUR ATTACHMENT FOR MORE DETAILS -- This message has
been scanned for viruses and dangerous content by MailScanner, and is believed
to be clean. [...]

Content analysis details: (18.9 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
2.1 TO_MALFORMED To: has a malformed address
1.1 FH_FROMEML_NOTLD E-mail address doesn't have TLD (.com, etc.)
0.8 FROM_NO_USER From: has no local-part before @ sign
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[64.33.49.105 listed in psbl.surriel.com]
1.5 SUBJ_ALL_CAPS Subject is all capitals
2.0 BAYES_80 BODY: Bayes spam probability is 80 to 95%
[score: 0.9299]
4.0 FSL_MISSP_REPLYTO Mis-spaced from and Reply-to
4.7 FROM_MISSP_PHISH Malformed, claims to be from financial organization
- possible phish
0.0 LOTTO_DEPT Claims Department
X-Spam-Flag: YES
Subject: ***SPAM*** REQUIRED DOCUMENTS BY THE PAYMENT DEPARTMENT
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r8-chicago.webserversystems.com
X-AntiAbuse: Original Domain - scamwarners.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: r8-chicago.webserversystems.com: none
X-Source:
X-Source-Args:
X-Source-Dir:

You will not see this in a MIME-aware mail reader.
--===============1177172958==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body

CHECK YOUR ATTACHMENT FOR MORE DETAILS
--=20
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


--===============1177172958==
Content-Type: application/octet-stream
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="R.B.I.docx"

CHECK YOUR ATTACHMENT FOR MORE DETAILS

Contents of the attachment:

If there are images in this attachment, they will not be displayed. Download the original attachment


FOREIGN REMITTANCE DEPARTMENT

ONLINE BANKING UNIT

6, SANSAND MARG,-110001

New Delhi, India.

IMMEDIATE PAYMENT

Email- [email protected]



Attention: Beneficiary,

Congratulations, we have received the sum of $2,000.000 USD (Two Million United States Dollars) from the World Bank of Switzerland, for transfer to your local bank account as compensation for internet and cyber crime and the reduction of poverty. Your Email ID was luckily chosen among the four (4) beneficiaries who have been approved of this payment. Please you are to immediately fill and submit the below details to us with your passport photo id proof in order for payment to commence immediately into your bank account.

1 FULL NAME:

2 CONTACT ADDRESS:

3 STATES:

4 COUNTRY:

5 AGE/SEX:

6 MOBILE NUMBERS:

7 OCCUPATIONS:

8 MARITAL STATUS:

9 EMAIL ID:

10 HOW DO YOU FEEL?

11 BANK NAME:

12 BANK ACCOUNT NO:



We are going to forward your details to the Supreme Court of India for immediate release of the approved documents that will back up the transfer of your fund. As soon as we receive those documents from the Supreme Court of India, your fund of $2,000.000 USD ( 2 Million United States Dollars) will be wired into your bank account without delay. This document is going to cost you Rs 18, 800 INR. You will be required to make only payment of $341.799 USD Equivalent and converted to Rs18, 800 INR (Eighteen Thousand Eight hundred Indian Rupees) to the Supreme Court of India for the release of the legal and approved documents that will back up the transfer of your fund.

YOURS SINCERELY,




RESERVE BANK OF INDIA

TRANSFER MANAGER.



MRS. SUNITA ROY.