OwlCyberSecurity - MANAGER

Edit File: 1700666087.M754394P2897182.premium128.web-hosting.com,S=9337,W=9491:2,

Return-Path: <lexi@olwase.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id IEu0K+caXmUeNSwAAvhI2g (envelope-from <lexi@olwase.com>) for <contact+spam@gourayafroid.com>; Wed, 22 Nov 2023 10:14:47 -0500 Return-path: <lexi@olwase.com> Envelope-to: contact@gourayafroid.com Delivery-date: Wed, 22 Nov 2023 10:14:47 -0500 Received: from naval.olwase.com ([88.209.206.239]:40059) by premium128.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.1) (envelope-from <lexi@olwase.com>) id 1r5ow6-00Cjlu-0D for contact@gourayafroid.com; Wed, 22 Nov 2023 10:14:47 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=olwase.com; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding; i=lexi@olwase.com; bh=rhsJdvP0POYrGFyRh1xodZpjaV8=; b=RhK7kge7j6edfR4gdVnf0k4DTP0eLaau9lSUlMszARN8yLAveKEHW0cfifL1s/ZS0hig6mx7GfiQ mkzhtgfCtD9uiydAetUL99F0iGQIh4Tx04KCOSYuH12mAJYynSuP4KuiJoSWDS7cWUHgKyE8X7Vf 84FY2Mrxh2yitgeZiHyeMZiv+FTHaHuMIknCVwTQt0UY9LT0L2EJQ3G9Z3I+y+RbAASgW1tz8ZLP Z4HbkP6PCZg1uHLCWZPx8FQBBFcNIOHXyARYpFxWnl1d2AAPFZHSaKpZe16GjvAkoMj7LzUIOCyw /kjy8u7G8xIu2ejoJ8D+Z3e6H7tFb+l3y0lB0Q== DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=dkim; d=olwase.com; b=n6Oc/6fElSKfjEeAbY5mswR1Ui3KvoKMOsNfT4hRsSLBzF831Al/VI1XAnLZSTUQvgMP5bhmMSWs BxOwY5H0OstUIakMAVLNWPf0VTR6pjZFvSFQR/q8deC7ySVYWhLSxpLF0STl8ZXpteYPddoP6hJN FHDgA7EAv1rHE+0cXnG4eIQWuVuy9MYVa+eAEBDEi3sXl+yBFBxe1Xorl2y9VsoFe2aV+XRcbUKT uIAUC95noO8n1iHcWFidNx3SzSC7CZ/P/0e9uVIh8VJuwOVBZJP6j0Fy02Vzq9jKKX4L5NxsWdka NBAzq4XUa644oYljxpCXJubVHzwrIpkZubL+dg==; From: gourayafroid.com <lexi@olwase.com> To: contact@gourayafroid.com Date: 22 Nov 2023 10:13:59 -0500 Message-ID: <20231122101359.5ADB030B9A083F47@olwase.com> MIME-Version: 1.0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Spam-Status: Yes, score=17.0 X-Spam-Score: 170 X-Spam-Bar: +++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Greetings! I have got two not really pleasant news for you. I have been monitoring your internet activities for some time by now. The only person to blame in this situation is you, since you are a big fan of adult websites and also have got an uncontrollable desire to indulge yourself with another orgasm. Simply speaking, all yo [...] Content analysis details: (17.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: olwase.com] 2.5 URIBL_DBL_MALWARE Contains a malware URL listed in the Spamhaus DBL blocklist [URIs: olwase.com] 0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS blocklist [URIs: olwase.com] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 2.0 PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain -0.0 T_SCC_BODY_TEXT_LINE No description available. 8.5 KAM_CRIM Extortion Email 1.5 PDS_FRNOM_TODOM_NAKED_TO Naked to From name equals to Domain 0.5 PDS_BTC_ID FP reduced Bitcoin ID 2.0 MIXED_HREF_CASE Has href in mixed case X-Spam-Flag: YES Subject: ***SPAM*** Outstanding Payment <HTML><HEAD> <META name=3DGENERATOR content=3D"MSHTML 11.00.10570.1001"></HEAD> <body> <P>Greetings!<BR><BR>I have got two not really pleasant news for you.<BR>I = have been monitoring your internet activities for some time by now.<BR><BR>= The only person to blame in this situation is you, since you are a big fan = of adult websites and also have got an uncontrollable desire to indulge you= rself with another orgasm.<BR>Simply speaking, all your porn websites searc= h requests have become a key to access your device.<BR> The thing is that I work in a company that provides services related to sec= urity and performance of email providers, including gourayafroid.com as wel= l.<BR><BR>During the pandemic outbreak a lot of providers have faced diffic= ulties in maintaining a huge number of staff in their offices and so they h= ave decided to use outsourcing instead.<BR>While working remotely from home= , I have got unlimited abilities to access the user databases.<BR><BR> I can easily decrypt passwords of users, access their chat history and onli= ne traffic with help of cookie-files.<BR>I have decided to analyse users tr= affic related to adult websites and adult content.<BR>I was truly shocked t= o discover that nearly 75% of users regularly access porn websites or parti= cipates in sex chats.<BR><BR>I have filtered out the worst perverts from th= e list. Yeah, you are one of them. Not everyone chooses to watch such hardc= ore videos...<BR> Basically, I have infected your device with one of the best Trojan viruses = in the market. It was relatively easy, since I have access to your email ad= dress (&nbsp;<A href=3D"mailto:haider@trustmediq.com" rel=3D"noopener noref= errer" target=3D_blank>contact@gourayafroid.com</A>).<BR>It was sufficient = to prepare one of your routine emails asking you to click the harmful link.= =2E.<BR><BR> My spyware functions as a driver. Hence, I can fully control your device an= d have access to your microphone, camera, cursor and set of symbols.<BR>Gen= erally speaking, your device is some sort of my remote PC.<BR>Since this sp= yware is driver-based, then I can constantly update its signatures, so that= no antivirus can detect it.<BR>While digging through your hard drive, I ha= ve saved your entire contact list, social media access, chat history and me= dia files.<BR><BR> One week ago, I have montaged a videoclip, which shows you masturbating on = one side of the screen and on the other side a porn video<BR>that you were = watching at that moment of time - recently this type of exotic stuff is rea= lly popular on the internet!<BR>Don't worry, I will need just a few mouse c= licks in order to share this video with your entire contact list and upload= it to some porn website, like Bigle.<BR> I believe that you would not like this to happen, since a long holiday seas= on is just about to start soon -<BR>just imagine the number of silly jokes = and loud laughter that would get provoked by your video all over the neighb= ourhood bars and pubs...<BR><BR>I am offering a simple and reasonable solut= ion:<BR>All you need to do is transfer an amount equivalent to $1750 (USA D= ollars) to my bitcoin wallet and we both forget about this silly story fore= ver.<BR> All your data and this video will be deleted by me once and for all. You ha= ve my honest word!<BR>You've got to agree, this amount is really insignific= ant. Just imagine how much time and resources I have spent to get this done= =2E..<BR>If you don't know how to operate the cryptocurrency - you can alwa= ys search for assistance online. It is that simple.<BR><BR>Here is my bitco= in wallet (BTC): bc1qg2yj3uu33wum9valr5l00xgmxrp2s838l4wy9w<BR><BR> You have exactly 2 days (48 hours) from the moment of opening this email.<B= R>I can easily track when you have opened this email (my software will noti= fy me about it). Once you complete the transaction - I will be able to see = and confirm that.<BR>Please, do not try replying me via this email - there = is no point in that (I have generated the header of this email as well as r= eturn address).<BR><BR> Remember that there is no point to complain anywhere, since I cannot be fou= nd (Bitcoin system is anonymous and I am also using I2P network in order to= access your device).<BR>I have considered all the small details.<BR>In cas= e, if 48 hours after you have opened this email,<BR>I still don't receive t= he required amount of money, then your videoclip will be automatically sent= to all your contact list and uploaded to public websites.<BR><BR>Good luck= and please don't hate me too much!<BR><BR> This is life! You are merely out of luck this time.<BR>Who knows, maybe nex= t time you will get lucky at something else...</P></BODY></HTML>