Friday, February 5, 2010

Friends do not believe me! Hello! Tatyana would not use invalid ID if she/he was real A SCAM

The scammer also sent the other email. How do I know? the photo tag had "Mi" included
Too much of a coincidence?


Comment: Scanned by ESET Smart Security
Return-Path: barracudaot08@recalldesign.com>
Received: from 61-64-85-14 invalid IP address-adsl-tai.dynamic.so-net.net.tw (61-64-85-14I P address-adsl-tai.dynamic.so-net.net.tw [61.64.85.14 IP address]
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o15FqCPN004954
for <xxxxx@xxxxxx>; Fri, 5 Feb 2010 16:52:43 +0100
Received: from 61.64.85.14 by mail.synect.com; Fri, 5 Feb 2010 23:51:59 +0800
From: "Miranda Holman" <barracudaot08@recalldesign.com>
To: <xxxxx@xxxxxx>
Subject: Hello!
Date: Fri, 5 Feb 2010 23:51:59 +0800
Message-ID: <000d01caa67b$26ee2550$6400a8c0@barracudaot08>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000E_01CAA67B.26EE2550"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2663
Importance: Normal
Hello!

My name is Tatyana !

I am an interesting, beautiful, kind and single young lady. I want to find my love, my half and want to marry him. I am looking for a man who will fall in love with me and I will fall in love with him. I have never been married but I dream about it. I am fond of children and I dream about a happy family with the beloved man. I am interested in music, cooking, reading, traveling and others. I know English very good and can easily speak it.

If you are interested in me please write me only to my personal e-mail: XXXXXXXXXXXXX

Please write me and I will send you my photos.

Please answer only to my personal e-mail:
Shaboldaya@yahoo.com

I wait for your letter very much

Tatyana

Inbox - 2nd Virus/TROJAN email sent to me today! Re: factura

Date: Fri, 05 Feb 2010 13:48:47 +0100
From:
To:
Subject: [virus Win32/Oficla.DF Troyano] Re: factura


Buenos dias webmaster@isoarquitec.es.

A su solicitud, le envio la factura de la compra.
Gracias por su cooperacion!


__________ Alerta de ESET NOD32 Antivirus, versiĆ³n de la base de firmas de virus 4838 (20100205) __________

Alerta, ESET NOD32 Antivirus ha encontrado las siguientes amenazas en este mensaje:

Factura028.zip - Win32/Oficla.DF Troyano - eliminado
Factura028.zip > ZIP > Factura028.Doc____________________________________________________________________________________.Doc.Exe - Win32/Oficla.DF Troyano - era parte de un objeto eliminado

http://www.eset.com

Inbox - UPS Delivery Problem NR 01139. the attachment contains a TROJAN

Return-Path:
Received: from dsl-243-120-226 invalid IP.telkomadsl.co.za (dsl-243-102-194.telkomadsl.co.za [41.243.102.194])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o156MSar003608
for ; Fri, 5 Feb 2010 07:22:54 +0100
Received: from 41.243.120.226 invalid IP by mailstore1.secureserver.net; Fri, 5 Feb 2010 08:22:02 +0200
Date: Fri, 5 Feb 2010 08:22:02 +0200
From: "UPS Manager Ursula Skinner"
X-Mailer: The Bat! (v3.60.07) Professional
Reply-To: hopewell30@AnswerMove.com
X-Priority: 3 (Normal)
Message-ID: <849403296.81159917168806@answermove.com>
To: xxxx@xxxxx
Subject: UPS Delivery Problem NR 01139.
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----------A711D3479E22B6"
X-UIDL: eK8!!0NI"!!GV!!G]N!!
Status: U
Old-X-EsetId: E74D982990713469F84B987C9E2072
X-EsetId: E74D982990713469F84B987C9E2072
X-EsetScannerBuild: 6533

Dear customer!

Unfortunately we were not able to deliver the package sent on the 4th of December in time
because the recipient’s address is wrong.
Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.

These seem to come regularly and we have exposted them but no harm in advising our visitors again. IP Check for what it is worth as they could be using BOTS
http://www.find-ip-address.org/ip-address-locator.php

Checking withboth IP´s are invalid - this is a crime!

Do not open attachment if you do download in error. I could have erased it on my server using JBMail

Inbox - I will not be replying to this email - My name is Anastasiya or Maria Hale

andpn@ms21.hinet.net>
Received: from 93-44-40-207.ip95.fastwebnet.it (93-44-40-207.ip95.fastwebnet.it [93.44.40.207]
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id o14L5lW5032392
for <xxxxxx@xxxxxx>; Thu, 4 Feb 2010 22:06:08 +0100
Received: from 93.44.40.207 by ms21a.hinet.net; Thu, 4 Feb 2010 22:06:07 +0100
From: "Maria Hale so why are you posing as Anastasiya - warning sign!" <andpn@ms21.hinet.net>
To: "<"<xxxxx@xxxxx>
Subject: Come va?
Date: Thu, 4 Feb 2010 22:06:07 +0100
Message-ID: <01caa5e6$401a5890$5dc4ff27@andpn>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000E_01CAA5E6.401A5890"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
Importance: Normal
X-UIDL: W5"#!_5:!!b'b!!(X1!!
Status: U
Old-X-EsetId: E74D982990713469F84B987C9E2072
X-EsetId: E74D982990713469F84B987C9E2072
X-EsetScannerBuild: 6533

Remember a girl is not going to write to you out of the blue so it is probably a scam and quite possibly the author is a man



Ciao amico mio!

Spero di poter nome che "il mio amico"?

My name is Anastasiya.

Scusa, ho mal conoscono l'italiano.

Ho chiesto all'Ufficio conoscenza al fine di trovare il mio amore.
Mi auguro che questo ufficio mi aiutera a soddisfare il mio amore e un uomo del mio sogno.
Ho in programma, per creare una famiglia heathy amichevole con un uomo serio, che sarebbe l'amore e mi proteggera.

Se siete soli e vogliono trovare una donna amorosa si Scrivimi

e siamo in grado di associare a ogni altro.

Se siete interessati nella mia vita mi scrivi sulla mia e-mail:
kerpanamila@rambler.ru

Io vi rispondo e invio i miei molte foto.

Sono una donna bella e intelligente.

Sarete felici di sapere di me.


Check IP
93-44-40-207

IP Address Location results for 93.44.40.207
IP Address: 93.44.40.207 WhoIs Lookup IP BlackList Lookup
Hostname: 93-44-40-207.ip95.fastwebnet.it Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 93.44.40.207 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1563175119
IP to Hex [IP Address to hexadecimal]: 5d2c28cf
IP to Bin [IP to binary]: 1011101001011000010100011001111

IP Address Lookup results for Europe
IP Address Continent: Europe
IP Continent Code:(EU)
IP Continent Population: 731,000,000
IP Continent Area: 10,180,000 km²
IP Continent Total Population: 11%
IP Continent Density People: 70.00 per km²
IP Continent Latitude: (48.69083)
IP Continent Longitude: (9.1405)

IP Location Lookup results for Italy
IP Country Name: Italy
IP Country Capital: Rome
IP Language: Italian
IP Currency: Euro(€) (EUR)
IP Country Latitude: (42.83)
IP Country Longitude: (12.83)
IP Country Code: ITA (IT)

IP Location Lookup results for 93.44.40.207 in Campania
IP Address Region: Campania
IP Address City: Naples
IP Address Latitude: (40.8333)
IP Address Longtitude: (14.25)

Additional IP Location information for 93.44.40.207
IP Address Organization: Fastweb
IP Address ISP: Fastweb

Time zone for 93.44.40.207: Europe/Rome
Local time zone for 93.44.40.207: Europe/Rome