OwlCyberSecurity - MANAGER
Edit File: 1719077460.M441319P1053461.premium128.web-hosting.com,S=10644,W=10866:2,
Return-Path: <lojxcbi@ebuc.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id yI3DGFQKd2YVExAAAvhI2g (envelope-from <lojxcbi@ebuc.com>) for <contact+spam@gourayafroid.com>; Sat, 22 Jun 2024 13:31:00 -0400 Return-path: <lojxcbi@ebuc.com> Envelope-to: contact@gourayafroid.com Delivery-date: Sat, 22 Jun 2024 13:31:00 -0400 Received: from cm-93-156-211-61.telecable.es ([93.156.211.61]:59713) by premium128.web-hosting.com with esmtp (Exim 4.96.2) (envelope-from <lojxcbi@ebuc.com>) id 1sL4Zi-004QAY-22 for contact@gourayafroid.com; Sat, 22 Jun 2024 13:31:00 -0400 From: "benito sina" <lojxcbi@ebuc.com> To: <contact@gourayafroid.com> Date: 22 Jun 2024 19:54:10 +0100 Message-ID: <004901dac4da$0249d1f7$9d29cdb1$@ebuc.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0046_01DAC4DA.02460EC9" X-Mailer: Microsoft Outlook 15.0 Thread-Index: Ac550674iv9e2blc550674iv9e2blc== Content-Language: en-us X-Spam-Status: Yes, score=34.2 X-Spam-Score: 342 X-Spam-Bar: ++++++++++++++++++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Good day! Here is the last warning. Your system has been cracked. We have copied the entire information from your device to our servers. Besides, we have recorded the video from your camera with you w [...] Content analysis details: (34.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 4.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL [93.156.211.61 listed in zen.spamhaus.org] 3.6 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <https://www.spamcop.net/bl.shtml?93.156.211.61>] 1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL, https://senderscore.org/blocklistlookup/ [93.156.211.61 listed in bl.score.senderscore.com] 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [93.156.211.61 listed in sa-trusted.bondedsender.org] 2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL [93.156.211.61 listed in psbl.surriel.com] 0.0 HTML_MESSAGE BODY: HTML included in message 2.5 BITCOIN_SPAM_03 BitCoin spam pattern 03 2.6 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 8.5 KAM_CRIM Extortion Email 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.5 PDS_BTC_ID FP reduced Bitcoin ID 1.0 PDS_BAD_THREAD_QP_64 Bad thread header - short QP 2.3 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin 0.8 HELO_DYNAMIC_DHCP Relay HELO'd using suspicious hostname (DHCP) 1.4 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers X-Spam-Flag: YES Subject: ***SPAM*** Re: This is a multi-part message in MIME format. ------=_NextPart_000_0046_01DAC4DA.02460EC9 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Good day! Here is the last warning. Your system has been cracked. We have copied the entire information from = your device to our servers. Besides, we have recorded the video from = your camera with you watching a porn movie. My virus has infected your device via an adult website that you recently = visited. I can share details in case if you don’t know how it works. A = Trojan virus grants me entire access and control over your device. As a = result, I can see your screen, activate the camera and the microphone = and you won’t even know about it. I have captured a video from your screen and the camera and have made a = video where one part of a screen demonstrates you masturbating, and = another part shows a porn video that you were watching at that time. I can see the entire list of your contacts in the phone and the social = networks. I can send this video to all the contacts in your phone, the E-mail and = the social networks in a single click. Moreover, I can send the data of = your E-mail and your messengers to anybody. This would ruin your reputation once and for all. In case if you wish to prevent such consequences, do the following- Transfer 1300 USD (American dollars) to my Bitcoin- wallet. (If you do not know how to do this, write in a search string in Google: = «Buy bitcoin"). My Bitcoin Wallet (BTC Wallet): 18qTeVDY4LwxjcwtGD76JuDj5fbhVRrpy Immediately after crediting of payment I shall erase your video and = shall not bother you anymore. You have 50 hours (a little more than 2 days) to make the payment. I receive an automatic notification of reading of this letter. The timer = will also automatically launch right after you read this E-mail. Don’t try to complain anywhere- my BTC –wallet cannot be = traced and an E-mail that sent you the letter is created = automatically-any response would be senseless. Should you try to share this E-mail with somebody, the system will = automatically send a request to the servers and they will start sending = the entire information to social networks. The change of passwords of social networks, an E-mail and the device = would be senseless either as the whole data has already been downloaded = to cluster of my servers. I wish you luck and don’t do something stupid. Consider your = reputation. ------=_NextPart_000_0046_01DAC4DA.02460EC9 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META = HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 15 = (filtered medium)"><style><!-- /* Font Definitions */ @font-face =09{font-family:"Cambria Math"; =09panose-1:0 0 0 0 0 0 0 0 0 0;} @font-face =09{font-family:Calibri; =09panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal =09{margin:0in; =09margin-bottom:.0001pt; =09font-size:11.0pt; =09font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink =09{mso-style-priority:99; =09color:#0563C1; =09text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed =09{mso-style-priority:99; =09color:#954F72; =09text-decoration:underline;} span.EmailStyle17 =09{mso-style-type:personal-compose; =09font-family:"Calibri","sans-serif"; =09color:windowtext;} .MsoChpDefault =09{mso-style-type:export-only; =09font-family:"Calibri","sans-serif";} @page WordSection1 =09{size:8.5in 11.0in; =09margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 =09{page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US = link=3D"#0563C1" vlink=3D"#954F72"><div class=3DWordSection1><p = class=3DMsoNormal><p>Good day!</p> <p>Here is the last warning.</p> <p>Your system has been cracked. We have copied the entire information = from your device to our servers. Besides, we have recorded the video = from your camera with you watching a porn movie.</p> <p>My virus has infected your device via an adult website that you = recently visited.</p> <p>I can share details in case if you don’t know how it works. A = Trojan virus grants me entire access and control over your device. As a = result, I can see your screen, activate the camera and the microphone = and you won’t even know about it.</p> <p>I have captured a video from your screen and the camera and have made = a video where one part of a screen demonstrates you masturbating, and = another part shows a porn video that you were watching at that time.</p> <p>I can see the entire list of your contacts in the phone and the = social networks.</p> <p>I can send this video to all the contacts in your phone, the E-mail = and the social networks in a single click. Moreover, I can send the data = of your E-mail and your messengers to anybody.</p> <p>This would ruin your reputation once and for all.</p> <p>In case if you wish to prevent such consequences, do the = following-</p> <p>Transfer 1300 USD (American dollars) to my Bitcoin- wallet.</p> <p>(If you do not know how to do this, write in a search string in = Google: «Buy bitcoin").</p> <p>My Bitcoin Wallet (BTC Wallet): 18qTeVDY4LwxjcwtGD76JuDj5fbhVRrpy</p> <p>Immediately after crediting of payment I shall erase your video and = shall not bother you anymore.</p> <p>You have 50 hours (a little more than 2 days) to make the = payment.</p> <p>I receive an automatic notification of reading of this letter. The = timer will also automatically launch right after you read this = E-mail.</p> <p>Don’t try to complain anywhere- my BTC –wallet cannot be = traced and an E-mail that sent you the letter is created = automatically-any response would be senseless.</p> <p>Should you try to share this E-mail with somebody, the system will = automatically send a request to the servers and they will start sending = the entire information to social networks.</p> <p>The change of passwords of social networks, an E-mail and the device = would be senseless either as the whole data has already been downloaded = to cluster of my servers.</p> <p>I wish you luck and don’t do something stupid. Consider your = reputation.</p><o:p></o:p></p></div></body></html> ------=_NextPart_000_0046_01DAC4DA.02460EC9--