Monday, December 28, 2009

Inbox - I am not an Italian and have no account with BancaEtruria - 2nd scam attempt!

Ci e arrivata una segnalazione di accredito di Euro 500,00.
L’accredito e stato temporaneamente bloccato a causa dell’incongruenza dei suoi dati.
Potra ora verificare i suoi dati e successivamente sara accreditato l’accredito ricevuto:

Clicca qui: Riattiva imediatamente il tuo conto.

Do not click on - andesstoreimports.com! purporting to be BancaEtruria

Cordiali saluti,
Banca Etruria

this time a credit of 500 euros not 100! Even though we do a check on the sender, they are probably using a botnet for their scams - Find sender > right click subject > archives > properties > details
Return-Path:
Received: from a.painless.aaisp.net.uk see below (a.painless.aaisp.net.uk [81.187.30.51])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBS8PmkL024023
for ; Mon, 28 Dec 2009 09:26:08 +0100
Received: from 49.239.187.81.in-addr.arpa ([81.187.239.49] helo=impact-im.co.uk)
by a.painless.aaisp.net.uk with esmtp (Exim 4.69)
(envelope-from )
id 1NPAuw-0006Ce-B9; Mon, 28 Dec 2009 08:25:30 +0000
Comments: Impact Mail Rule
Received: from [213.160.7.202] (account test HELO User)
by impact-im.co.uk (CommuniGate Pro SMTP 4.2.10)
with ESMTP id 1883037; Mon, 28 Dec 2009 08:25:27 +0000
From: "Banca Etruria"
Subject: Banca Etruria
Date: Mon, 28 Dec 2009 09:27:05 +0100
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
X-UIDL: 2f-"!kom!!PSb"!iJP!!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992478
X-EsetId: E74D982990713469F84B987C992478
X-EsetScannerBuild: 6279


IP Address Location results for 81.187.30.51
IP Address: 81.187.30.51 WhoIs Lookup IP BlackList Lookup

Ip address 81.187.30.51 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist - FOR NOW! the bot is in London for an Italian bank!!!!!!!!

Hostname: a.painless.aaisp.net.uk Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 81.187.30.51 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1371217459
IP to Hex [IP Address to hexadecimal]:
51bb1e33
IP to Bin [IP to binary]:
1010001101110110001111000110011

IP Address Lookup results for Europe
IP Address Continent: Europe
IP Continent Code:
(EU)
IP Continent Population:
731,000,000
IP Continent Area:
10,180,000 km²
IP Continent Total Population:
11%
IP Continent Density People:
70.00 per km²
IP Continent Latitude:
(48.69083)
IP Continent Longitude:
(9.1405)

IP Location Lookup results for United Kingdom
IP Country Name: United Kingdom
IP Country Capital:
London
IP Language:
English, Irish, Ulster Scots, Scottish Gaelic , Scots, Welsh, Cornish
IP Currency:
Pound sterling (GBP)
IP Country Latitude:
(54)
IP Country Longitude:
(-4.5)
IP Country Code:
GBR (GB)

IP Location Lookup results for 81.187.30.51 in Down
IP Address Region: Down
IP Address City:
Square
IP Address Latitude:
(54.2167)
IP Address Longtitude:
(-6.0333)

Additional IP Location information for 81.187.30.51
IP Address Organization: Blue square LAN
IP Address ISP:
Andrews & Arnold Ltd

Time zone for 81.187.30.51: Europe/London
Local time zone for 81.187.30.51:
Europe/London

-------------------------------------------------------------------------------------------------

AAISP - Home

- [ Traducir esta página ]Broadband Ethernet Telecoms. Tel 03333 400 000; Email info@aaisp.net.uk. Wake up to new high speed internet access from AAISP ...
www.aaisp.net.uk/ - En caché - Similares

Sunday, December 27, 2009

Inbox - PART-TIME JOB EMPLOYMENT NOTIFICATION For me a scam

Date: domingo, 27 de diciembre de 2009 15:37
From: Michael Art World Inc.

To: Ninguno
PART-TIME JOB EMPLOYMENT NOTIFICATION

MICHAEL ART WORLD

Hello,

Would you like to work online from home and get paid weekly?

If yes,MICHAEL ART-WORLD Inc. is glad to offer you a job position in our company, MICHAEL ART-WORLD Inc. in conjuction with Ebay as part of our ongoing Multi Level Marketing Network,we seek capable individuals to work for us as our representative.

You can easily make $700-$2000 or more in a week by working

for us as a Sub-contractor in your geographical location,you will be incharge of collecting payment on behalf of our affiliates and Small business organizations that are registered under us.Does it sounds like your dream job? Well, it certainly for 10,000 current members who are making $700- $2,000 weekly online with this system. Note that no form of investment is needed from you and this job will take only 3-7 hours of your time per week.

Your tasks are:


===================

1. Receive payment from Customers via bank wire transfer.
2. Deduct 10% which will be your Commission/pay on Payment
processed and remit our balance to us either via Western Union Money Transfer or Money Gram
Note: This job takes only 3-7 hours per week. This job is very challenging and you should understand it. We are looking for capable, honest and open hearted individuals who satisfies our
requirements and that this willing and capable of handling this job position as a sub-contractor in his or her Geographical location.

To get Started, please provide the details below

Full Names:
Full Contact:
Age:
City:
Zip Code:
State:
Home Phone:
Cell Phone:
Gender:
Marital Status:
Occupation:

Thanks for your Co-operation.
Michael Caldwell


Find sender > right click subject > archives > properties > details
Return-Path:
Received: from server-cbe5c79b.smallbusiness.local (host86-19-static.30-87-b.business.telecomitalia.it [87.30.19.86])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBREcEmM014656
for ; Sun, 27 Dec 2009 15:39:12 +0100
Received: from User ([87.118.108.176]) by server-cbe5c79b.smallbusiness.local with Microsoft SMTPSVC(6.0.3790.3959);
Sun, 27 Dec 2009 15:39:32 +0100
Reply-To:
From: "Michael Art World Inc."
Subject: PART-TIME JOB EMPLOYMENT NOTIFICATION.
Date: Sun, 27 Dec 2009 14:37:40 -0000
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Message-ID:
X-OriginalArrivalTime: 27 Dec 2009 14:39:36.0734 (UTC) FILETIME=[69BFC3E0:01CA8702]
X-UIDL: BC1!!I-M"!g;Old-X-EsetId: E74D982990713469F84B987C992476
X-EsetId: E74D982990713469F84B987C992476
X-EsetScannerBuild: 6277


Inc is an american company and the e-mail originates from Italy so would not trust it!

Address Location results for 87.30.19.86 IP Address:
87.30.19.86 WhoIs Lookup IP BlackList Lookup

Ip address 87.30.19.86 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist

Hostname:
host86-19-static.30-87-b.business.telecomitalia.it Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 87.30.19.86 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1461588822
IP to Hex [IP Address to hexadecimal]:
571e1356
IP to Bin [IP to binary]:
1010111000111100001001101010110

IP Address Lookup results for Europe
IP Address Continent: Europe
IP Continent Code:
(EU)
IP Continent Population:
731,000,000
IP Continent Area:
10,180,000 km²
IP Continent Total Population:
11%
IP Continent Density People:
70.00 per km²
IP Continent Latitude:
(48.69083)
IP Continent Longitude:
(9.1405)

IP Location Lookup results for Italy
IP Country Name: Italy
IP Country Capital:
Rome
IP Language:
Italian
IP Currency:
Euro(€) (EUR)
IP Country Latitude:
(42.83)
IP Country Longitude:
(12.83)
IP Country Code:
ITA (IT)

IP Location Lookup results for 87.30.19.86 in Lombardia
IP Address Region: Lombardia
IP Address City:
Mandello Del Lario
IP Address Latitude:
(45.9)
IP Address Longtitude:
(9.3167)

Additional IP Location information for 87.30.19.86
IP Address Organization: Telecom Italia
IP Address ISP:
Telecom Italia

Time zone for 87.30.19.86: Europe/Rome
Local time zone for 87.30.19.86:
Europe/Rome
Лидия P # 8135 из Горловки Желаю вам счастливого Нового 2010 года в надежде, что однажды судьба сводит нас вместе http://bit.ly/1ECbyQ

Дороги не волнуйтесь, но я знаю, что сайт манипулировали своем последнем письме на мое имя от 12 октября, когда они поняли, что у меня проблемы с моей кредитной карты и, что нет больше денег, они идут от меня, так что сделал, что вы была безумно влюблена в Америке. В течение 7 дней они направили послание моим другом в Венесуэле, заявляя, что он отправить вам подарок, который подтвердил мои мысли, что www.uadreams.com изменил последний абзац Suite свои собственные финансовые жадности. Они не заинтересованы в людях формированию прочных связей и поиске своего единственного - они заинтересованы только в подкладку карманов с долларами!

Мои обещания, как вы знаете, я всегда держу :-)

Ваше "Дон Кихот"

Saturday, December 26, 2009

In previous post this e-mail address came up lena@intelkom.ru so Googled it!

  1. Incoming mail

    - [ Traducir esta página ]
    ... Received: from [82.128.20.143] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru (CommuniGate Pro SMTP 5.1.11) with ESMTPA id 8135247; Wed, ...
    niet.com/message_info.php?id=359927 - En caché -
  2. Incoming mail

    - [ Traducir esta página ]
    ... by SQLgrey-1.7.6 Received: from vhost.intelkom.ru (unknown [83.102.197.44]) ... [41.189.3.219] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru ...
    niet.com/message_info.php?id=340072 - En caché -
    1. Incoming mail

      ... Received: from [82.128.20.143] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru (CommuniGate Pro SMTP 5.1.11) with ESMTPA id 8107447; Wed, ...
      niet.com/message_info.php?id=359924 - En caché
    2. Incoming mail

      ... by SQLgrey-1.7.6 Received: from vhost.intelkom.ru (unknown [83.102.197.44]) ... [41.189.3.219] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru ...
      niet.com/message_info.php?id=340070 - En caché
    3. Incoming mail

      2 Dec 2009 ... vhost.intelkom.ru (unknown [83.102.197.44]) by mail.dubbele.com (Postfix) ... (account lena@intelkom.ru HELO User) by vhost.intelkom.ru ...
      niet.com/message_info.php?id=359926 - En caché
    4. Incoming mail

      ... Received: from [62.60.136.28] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru (CommuniGate Pro SMTP 5.1.11) with ESMTPA id 8236353; Thu, ...
      niet.com/message_info.php?id=360506 - En caché
    5. Incoming mail

      ... by SQLgrey-1.7.6 Received: from vhost.intelkom.ru (unknown [83.102.197.44]) ... [82.128.22.26] (account lena@intelkom.ru HELO User) by vhost.intelkom.ru ...
      niet.com/message_info.php?id=353970 - En caché

Friday, December 25, 2009

Inbox - [SPAM] GOOD DAY 22/12/09: $5,000,000 Xmas present! No way scammer

Date: lunes, 21 de diciembre de 2009 12:41
From: JOHNSON WOOD Staff sergeant Johnson Wood received from
intelkom.ru using a yahoo.co.jp. I am sure the American military would be interested in this e-mail!
To: Ninguno
Subject:
[SPAM] GOOD DAY 22/12/09:

Dear Sir/Madam

My name is (staff Sgt.) Johnson Wood; i am an American soldier, serving in the Military with the army's 3rd infantry division. i have a very desperate need for Assistance and have summed up courage to contact you.

I found your contact particulars in an address journal and I am seeking your kind Assistance to move the sum of Five million United States dollars (us$5,000,000) to you In your country, as far as I can be assured that my share will be safe in your care Until i complete my service here.

SOURCE OF MONEY
Some money in various currencies were discovered in barrels at a Farmhouse near one of saddam’s old palaces in tikrit-iraq during a rescue operation, and it was agreed by Staff Sgt.. Kenneth buff and i that some part of this money be shared Between us. My own share of the money is Five Million United State Dollars, which I want moved out immediately.

One Passionate appeal i will make to you is not to discuss this matter with anybody, should You have reasons to reject this offer, please and please destroy this message as any Leakage of this information will be too bad for the u.s. soldier's here in Iraq.

I do not know how long we will remain here; month of May was the deadliest month for us out Here. Totally, we lost 127 men and i have been shot, wounded and survived two suicides Bomb attacks by the special grace of God.

This and other reasons i will mention later has prompted me to reach out for help. I honestly want this matter to be resolved immediately, please contact me as soon as Possible with my private e-mail address which is my only way of communication (e-mail: johnson1wood@yahoo.co.jp)

May God bless you and your family.

Regards,

Johnson Wood.


Find sender > right click subject > archives > properties > details
Return-Path:
Received: from vhost.intelkom.ru ([93.189.120.254])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBPBUYnP021159
for ; Fri, 25 Dec 2009 12:30:55 +0100
X-Spam-Status: Yes, hits=24.8 required=1.1 tests=ADVANCE_FEE_1,
ADVANCE_FEE_2,ADVANCE_FEE_3,ADVANCE_FEE_4,ALL_TRUSTED,AWL,BAYES_99,
DATE_IN_PAST_24_48,DEAR_SOMETHING,FORGED_MUA_OUTLOOK,MILLION_USD,
NA_DOLLARS,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CHECK,
SUBJ_ALL_CAPS,SUBJ_HAS_SPACES,TO_CC_NONE
X-Spam-Flag: Yes
X-Spam-Level: ************************
Received: from [82.128.33.200] (account lena@intelkom.ru HELO User)
by vhost.intelkom.ru (CommuniGate Pro SMTP 5.1.11)
with ESMTPA id 10828666; Tue, 22 Dec 2009 14:42:52 +0300
Reply-To:
From: "JOHNSON WOOD"
Subject: [SPAM] GOOD DAY 22/12/09:
Date: Mon, 21 Dec 2009 12:41:53 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID:
X-UIDL: d'-!!N61"!f4d"!;(-"!
Old-X-EsetId: E74D982990713469F84B987C992670
Old-X-EsetId: E74D982990713469F84B987C992670
X-EsetScannerBuild: 6271
Old-X-EsetId: E74D982990713469F84B987C992578
X-EsetId: E74D982990713469F84B987C992470

Address Location results for 102.102.66.189 IP Address: 102.102.66.189 WhoIs Lookup IP BlackList Lookup

Ip address 102.102.66.189 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist
For Now

Hostname:
102.102.66.189 Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 102.102.66.189 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1717977789
IP to Hex [IP Address to hexadecimal]:
666642bd
IP to Bin [IP to binary]:
1100110011001100100001010111101

IP Address Lookup results for
IP Address Continent: Unknown Warning sign
IP Continent Code: Unknown
IP Continent Population: Unknown
IP Continent Area: Unknown
IP Continent Total Population: Unknown
IP Continent Density People: Unknown
IP Continent Latitude: Unknown
IP Continent Longitude: Unknown

IP Location Lookup results for
IP Country Name: Unknown
IP Country Capital: Unknown
IP Language: Unknown
IP Currency: Unknown
IP Country Latitude: Unknown
IP Country Longitude: Unknown
IP Country Code: Unknown

IP Location Lookup results for 102.102.66.189 in
IP Address Region: No data found for 102.102.66.189
IP Address City: No data found for 102.102.66.189
IP Address Latitude: Unknown
IP Address Longtitude: Unknown

Additional IP Location information for 102.102.66.189
IP Address Organization: No data found for 102.102.66.189
IP Address ISP: No data found for 102.102.66.189

Time zone for 102.102.66.189: Unknown
Local time zone for 102.102.66.189:
Unknown

The second IP information
82.128.33.200
IP Address: 82.128.33.200 WhoIs Lookup IP BlackList Lookup

Ip address 82.128.33.200 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist FOR NOW

Hostname:
82.128.33.200 Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 82.128.33.200 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1384128968
IP to Hex [IP Address to hexadecimal]:
528021c8
IP to Bin [IP to binary]:
1010010100000000010000111001000

IP Address Lookup results for Africa
IP Address Continent: Africa
IP Continent Code:
(AF)
IP Continent Population:
922,011,000
IP Continent Area:
30,221,532 km²
IP Continent Total Population:
14%
IP Continent Density People:
30.51 per km²
IP Continent Latitude:
(7.18805)
IP Continent Longitude:
(21.09361)

IP Location Lookup results for Nigeria
IP Country Name: Nigeria
IP Country Capital:
Abuja
IP Language:
English, Hausa, Igbo, Yoruba, Languages of Nigeria
IP Currency:
Nigerian naira (NGN)
IP Country Latitude:
(10)
IP Country Longitude:
(8)
IP Country Code:
NGA (NG)

IP Location Lookup results for 82.128.33.200 in Lagos
IP Address Region: Lagos
IP Address City:
Lagos
IP Address Latitude:
(6.4531)
IP Address Longtitude:
(3.3958)

Additional IP Location information for 82.128.33.200
IP Address Organization: Multi-Links Telecommunications Limited
IP Address ISP:
Multi-Links Telecommunications Limited

Time zone for 82.128.33.200: Africa/Lagos
Local time zone for 82.128.33.200:
Africa/Lagos




Thursday, December 24, 2009

Inbox - Your Credit Score decreased to 506 - For me a scam!

Date: Wed, 23 Dec 2009 20:59:12 -0330
From: "Federal Credit Bureau" <important@fcbureau.org>
To:
Subject: Your Credit Score decreased to 506.
This is a multi-part message in MIME format.

Your Credit Score decreased to 506. You need to download your credit history file from Federal Credit Bureau website and carefully review it. Use your personal hyperlink. do not click this link

Find sender > right click subject > archives > properties > details
Return-Path:
Received: from Return-Path:
Received: from 102.102.66.189.isp.timbrasil.com.br ([187.99.151.214])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBO0TDN8014407
for ; Thu, 24 Dec 2009 01:29:34 +0100
Received: from 187.99.151.214 by mail.santacruz.org; Wed, 23 Dec 2009 20:59:12 -0330
From: "Federal Credit Bureau"
To:
Subject: Your Credit Score decreased to 506.
Date: Wed, 23 Dec 2009 20:59:12 -0330
Message-ID: <000d01ca8430$1d769dd0$6400a8c0@turningyso4>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01CA8430.1D769DD0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Importance: Normal
X-UIDL: kk*"!R%H"!GR'!!/FE"!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992670
X-EsetId: E74D982990713469F84B987C992670
X-EsetScannerBuild: 6251


IP Address Location results for 102.102.66.189
IP Address: 102.102.66.189 WhoIs Lookup IP BlackList Lookup

Ip address 102.102.66.189 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist
Ip address 187.99.151.214 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist

Hostname:
102.102.66.189 Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 102.102.66.189 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1717977789
IP to Hex [IP Address to hexadecimal]:
666642bd
IP to Bin [IP to binary]:
1100110011001100100001010111101

IP Address Lookup results for
IP Address Continent: Unknown
IP Continent Code: Unknown
IP Continent Population: Unknown
IP Continent Area: Unknown
IP Continent Total Population: Unknown
IP Continent Density People: Unknown
IP Continent Latitude: Unknown
IP Continent Longitude: Unknown

IP Location Lookup results for
IP Country Name: Unknown
IP Country Capital: Unknown
IP Language: Unknown
IP Currency: Unknown
IP Country Latitude: Unknown
IP Country Longitude: Unknown
IP Country Code: Unknown

IP Location Lookup results for 102.102.66.189 in
IP Address Region: No data found for 102.102.66.189
IP Address City: No data found for 102.102.66.189
IP Address Latitude: Unknown
IP Address Longtitude: Unknown

Additional IP Location information for 102.102.66.189
IP Address Organization: No data found for 102.102.66.189
IP Address ISP: No data found for 102.102.66.189

Time zone for 102.102.66.189: Unknown
Local time zone for 102.102.66.189:
Unknown

Wednesday, December 23, 2009

Inbox - haga el favor de confirmar sus datos (message id: 4578117860) pero no soy cliente!

Date: Tue, 22 Dec 2009 21:00:46 -0500
From: "BBVAresponde@grupobbva.com" <BBVAresponde@grupobbva.com>
To: <adi-sl@adi-sl.net>
Subject: haga el favor de confirmar sus datos (message id: 4578117860)

Estimado cliente,

Servicio técnico del banco BBVA renovó el software para mejorar el servicio de los clientes del banco.

Para asegurar la integridad de sus datos Usted tiene que rellenar el Formulario de cliente.

Para empezar a rellenar el formulario pulse en el vínculo:

http://formulario.bbva.es/DFAUTH/DFServlet/LogonServlet.php?id=872386369080917176147905837796403539509826162996995094143548104&email=adi-sl@adi-sl.net

Esto es un mensaje automático, no hace falta que respondas.

Reciba un cordial saludo,

Grupo BBVA.


************************************ DISCLAIMER *****************************************
This message is intended exclusively for the named person. It may contain
confidential, propietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission. If you receive this
message in error, please immediately delete it and all copies of it from your system,
destroy any hard copies of it and notify the sender. Your must not, directly or
indirectly, use, disclose, distribute, print, or copy any part of this message if you are not
the intended recipient. Any views expressed in this message are those of the
individual sender, except where the message states otherwise and the sender is
authorised to state them to be the views of GrupoBBVA. Please note that internet e-mail
neither guarantees the confidentiality nor the proper receipt of the message sent.
If the addressee of this message does not consent to the use of internet e-mail,
please communicate it to us immediately.

****************************** AVISO LEGAL ***********************************************
Este mensaje es solamente para la persona a la que va dirigido. Puede
contener información confidencial o legalmente protegida. No hay renuncia a
la confidencialidad o privilegio por cualquier transmisión mala/errónea Si
usted ha recibido este mensaje por error, le rogamos que borre de su sistema
inmediatamente el mensaje asi como todas sus copias, destruya todas las
copias del mismo de su disco duro y notifique al remitente. No debe, directa o
indirectamente, usar, revelar, distribuir, imprimir o copiar ninguna de las
partes de este mensaje si no es usted el destinatario. Cualquier opinión expresada en
este mensaje proviene del remitente, excepto cuando el mensaje establezca lo
contrario y el remitente está autorizado para establecer que dichas opiniones
provienen de GrupoBBVA. Nótese que el correo electrónico via Internet no permite asegurar
ni la confidencialidad de los mensajes que se transmiten ni la correcta recepción
de los mismos. En el caso de que el destinatario de este mensaje no consintiera la
utilización del correo electrónico via Internet, rogamos lo ponga en nuestro
conocimiento de manera inmediata.

***********************************************************************************************
Return-Path:
Received: from dsldevice.lan (dsl-189-152-126-40-dyn.prod-infinitum.com.mx [189.152.126.40] (may be forged))
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBN20nGD025778;
Wed, 23 Dec 2009 03:01:16 +0100
Message-ID: <000d01ca8373$bdab7a90$6400a8c0@pimplerv2>
From: "BBVAresponde@grupobbva.com"
To:
Subject: haga el favor de confirmar sus datos (message id: 4578117860)
Date: Tue, 22 Dec 2009 21:00:46 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01CA8373.BDAB7A90"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
X-UIDL: dAY"!]0+"!1-k!!Q/##!
Status: RO
Old-X-EsetId: E74D982990713469F84B987C992670
X-EsetId: E74D982990713469F84B987C992670
X-EsetScannerBuild: 6251

Find sender > right click subject > Archives > Properties > Details
P Address Location results for 189.152.126.40 IP Address: 189.152.126.40 WhoIs Lookup IP BlackList Lookup

IP address 189.152.126.40 seems to belong to a Suspicious (1) with threat level 8, last malicious activity 2 days ago

Hostname: dsl-189-152-126-40-dyn.prod-infinitum.com.mx Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 189.152.126.40 to Hex & to Dec
IP to Dec [IP Address to decimal]: 3180887592
IP to Hex [IP Address to hexadecimal]:
bd987e28
IP to Bin [IP to binary]:
10111101100110000111111000101000

IP Address Lookup results for North America
IP Address Continent: North America
IP Continent Code:
(NA)
IP Continent Population:
528,720,588
IP Continent Area:
24,709,000 km²
IP Continent Total Population:
8%
IP Continent Density People:
22.9 per km²
IP Continent Latitude:
(46.07305)
IP Continent Longitude:
(-100.546)

IP Location Lookup results for Mexico
IP Country Name: Mexico
IP Country Capital:
Mexico City
IP Language:
Spanish
IP Currency:
Peso (MXN)
IP Country Latitude:
(23)
IP Country Longitude:
(-102)
IP Country Code:
MEX (MX)

IP Location Lookup results for 189.152.126.40 in Nuevo Leon
IP Address Region: Nuevo Leon
IP Address City:
Guadalupe
IP Address Latitude:
(25.6833)
IP Address Longtitude:
(-100.25)

Additional IP Location information for 189.152.126.40
IP Address Organization: Uninet S.A. de C.V.
IP Address ISP:
Uninet S.A. de C.V.

Time zone for 189.152.126.40: America/Cancun
Local time zone for 189.152.126.40:
America/Cancun



Tuesday, December 22, 2009

Inbox - Suntrust Bank is in Forida USA so why does e-mail come from Romania?

De: SunTrust
Fecha: martes, 22 de diciembre de 2009 18:45
Para: xxxxxx
Asunto: important notice from SunTrust [message ref: 6562794573]

Reference Number: 20093758813155

Digital Certificate Creation.

Dear Customer,

You need to create your own Digital Certificate for SunTrust Online Treasury Manager service.

Begin certificate request by using this hyperlink.



SunTrust Bank, Member FDIC. © 2009 SunTrust Banks, Inc. SunTrust is a federally registered service mark of SunTrust Banks, Inc.
Live Solid. Bank Solid. is a service mark of SunTrust Banks, Inc.

This email was sent on behalf of SunTrust Customer Care, 1575 Lemon Farris Road, Cookeville, TN 38506.

Find where e-mail came from - Right click Subject > Archives > Properties > Details
Return-Path:
Received: from NJKCGQFGSF ([109.96.224.238])
by mailer.ran.es (8.14.2/8.13.8) with ESMTP id nBMHk1CR002465
for ; Tue, 22 Dec 2009 18:46:22 +0100
Received: from 109.96.224.238 by gw2.smart-server.net; Tue, 22 Dec 2009 19:45:58 +0200
From: "SunTrust"
To:
Subject: important notice from SunTrust [message ref: 6562794573]
Date: Tue, 22 Dec 2009 19:45:58 +0200
Message-ID: <000d01ca832e$9e712570$6400a8c0@endocrine54>
MIME-Version: 1.0

IP Address Location results for 109.96.224.238
IP Address: 109.96.224.238 WhoIs Lookup IP BlackList Lookup

Ip address 109.96.224.238 is NOT listed in RBL (Real-time Blackhole List) database and it is not on any Spam Blacklist (yet)

Hostname:
109.96.224.238 Reverse DNS
[See complete information about your system with our IP Information tool!]

IP Address Conversion - IP Convert for 109.96.224.238 to Hex & to Dec
IP to Dec [IP Address to decimal]: 1835065582
IP to Hex [IP Address to hexadecimal]:
6d60e0ee
IP to Bin [IP to binary]:
1101101011000001110000011101110

IP Address Lookup results for Europe
IP Address Continent: Europe
IP Continent Code:
(EU)
IP Continent Population:
731,000,000
IP Continent Area:
10,180,000 km²
IP Continent Total Population:
11%
IP Continent Density People:
70.00 per km²
IP Continent Latitude:
(48.69083)
IP Continent Longitude:
(9.1405)

IP Location Lookup results for Romania
IP Country Name: Romania
IP Country Capital:
Bucharest
IP Language:
Romanian
IP Currency:
Leu(L) (RON)
IP Country Latitude:
(46)
IP Country Longitude:
(25)
IP Country Code:
ROU (RO)

IP Location Lookup results for 109.96.224.238 in Bucuresti
IP Address Region: Bucuresti
IP Address City:
Bucharest
IP Address Latitude:
(44.4333)
IP Address Longtitude:
(26.1)

Additional IP Location information for 109.96.224.238
IP Address Organization: Romtelecom Data Network
IP Address ISP: No data found for 109.96.224.238

Time zone for 109.96.224.238: Europe/Bucharest
Local time zone for 109.96.224.238:
Europe/Bucharest
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0006_01CA832E.9E712570"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
Importance: Normal
X-UIDL: %7M!!E^\"!O?