advance fee fraud spam source at if-liban.com

Mail server distributing advance fee fraud (‘419’) spam, probably thanks to a compromised password.

mail.if-liban.com. 300 IN A 116.202.192.198

============================================================================
Return-Path: <ketty.abboud@if-liban.com>
Received: from mail.if-liban.com (HELO mail.if-liban.com) (116.202.192.198)
by x (x) with (AES256-SHA encrypted) ESMTPS; Sun, 09 Jan 2022 xx:xx:xx +0000
Received: from mail.if-liban.com (localhost.localdomain [127.0.0.1])
by mail.if-liban.com (Postfix) with ESMTP id x
for <x>; Sun, 9 Jan 2022 xx:xx:xx +0200 (EET)
X-Virus-Scanned: amavisd-new at mail.if-liban.com
X-Spam-Flag: YES
X-Spam-Score: 11.653
X-Spam-Level: ***********
X-Spam-Status: Yes, score=11.653 tagged_above=2 required=6.2
tests=[ADVANCE_FEE_5_NEW_MONEY=0.001, ALL_TRUSTED=-1,
BIGNUM_EMAILS_FREEM=0.001, FORM_FRAUD_5=0.001,
FREEMAIL_FORGED_REPLYTO=2.503, FREEMAIL_REPLYTO=1,
FREEMAIL_REPLYTO_END_DIGIT=0.25, FROM_MISSP_FREEMAIL=0.001,
HK_LOTTO=1, HK_WIN=0.999, JM_SOUGHT_FRAUD_3=3, LOTS_OF_MONEY=0.001,
LOTTERY_1=1.488, LOTTO_AGENT=0.001, MILLION_HUNDRED=0.001,
MISSING_MID=0.14, MONEY_FRAUD_8=0.001, MONEY_FREEMAIL_REPTO=0.756,
SUBJ_ALL_CAPS=0.5, T_FILL_THIS_FORM_SHORT=0.01,
XFER_LOTSA_MONEY=0.999] autolearn=no autolearn_force=no
Received: from mail.if-liban.com ([127.0.0.1])
by mail.if-liban.com (mail.if-liban.com [127.0.0.1]) (amavisd-new, port 10026)
with ESMTP id x for <x>;
Sun, 9 Jan 2022 xx:xx:xx +0200 (EET)
Received: from [103.153.79.225] (unknown [103.153.79.225])
by mail.if-liban.com (Postfix) with ESMTPSA id x
for <x>; Sun, 9 Jan 2022 xx:xx:xx +0200 (EET)
Content-Type: text/plain; charset=»utf-8″
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body
Subject: CONGRATULATIONS REPLY ASAP.
To: x
From: LOTTERY <ketty.abboud@if-liban.com>
Date: Sat, 08 Jan 2022 xx:xx:xx -0800
Reply-To: officemail655@gmail.com
Message-Id: <x@mail.if-liban.com>

[…]
You hereby have been approved a lump sum of US$1,200,000.00 (DOLLARS) in cash credit file ref ILP/HW 47509/02 from the total cash prize of US$9,600,000.00(NINE MILLION SIX HUNDRED THOUSAND DOLLARS), shared among eight lucky winners in this category.
[…]
HOW TO CLAIM YOUR PRIZE, Simply contact Our fiduciary agent, NAME: MR. BARRISTER WILLIAMS MOORE EMAIL: barristermoore83@gmail.com to file for your claim.
[…]

Опубликовано
В рубрике hetzner.de

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *