OwlCyberSecurity - MANAGER

Edit File: 1739264988.M597810P938352.premium128.web-hosting.com,S=7698,W=7871:2,

Return-Path: <naturopath@hbgs.com> Delivered-To: contact+spam@gourayafroid.com Received: from premium128.web-hosting.com by premium128.web-hosting.com with LMTP id UNySItwTq2dwUQ4AAvhI2g (envelope-from <naturopath@hbgs.com>) for <contact+spam@gourayafroid.com>; Tue, 11 Feb 2025 04:09:48 -0500 Return-path: <naturopath@hbgs.com> Envelope-to: contact@gourayafroid.com Delivery-date: Tue, 11 Feb 2025 04:09:48 -0500 Received: from [203.210.239.40] (port=53539 helo=adsl.hnpt.com.vn) by premium128.web-hosting.com with esmtp (Exim 4.96.2) (envelope-from <naturopath@hbgs.com>) id 1thmH1-003wX5-1A for contact@gourayafroid.com; Tue, 11 Feb 2025 04:09:48 -0500 From: "alfred theodore" <naturopath@hbgs.com> To: <contact@gourayafroid.com> Date: 11 Feb 2025 21:38:01 +0600 Message-ID: <4Y66YGW0-002c01db7c9f$02f8439e$e953e5aa@hbgs.com-CC94B7> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0029_01DB7C9F.02F48959C88FAC94" X-Mailer: Microsoft Office Outlook 11 Thread-Index: Ac2370090446501D0FDE452CCC94B7A5749YG09R6S X-MimeOLE: Produced By Microsoft MimeOLE V4.02.C94B.12370 X-Spam-Status: Yes, score=18.5 X-Spam-Score: 185 X-Spam-Bar: ++++++++++++++++++ X-Spam-Report: Spam detection software, running on the system "premium128.web-hosting.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: Good day. &nbsp; Who am I? I'm a professional pentester and I infected your system when you visited website for adults... I have been checking your activity for more than 1 month. &nbsp; What am I tal [...] Content analysis details: (18.5 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL [203.210.239.40 listed in psbl.surriel.com] 1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <https://www.spamcop.net/bl.shtml?203.210.239.40>] 4.7 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL [203.210.239.40 listed in zen.spamhaus.org] 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [203.210.239.40 listed in sa-accredit.habeas.com] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [203.210.239.40 listed in bl.score.senderscore.com] 0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date 0.0 HTML_MESSAGE BODY: HTML included in message 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.5 PDS_BTC_ID FP reduced Bitcoin ID 1.0 BITCOIN_YOUR_INFO BitCoin with your personal info 1.5 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX 1.4 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers 2.2 BITCOIN_MALWARE BitCoin + malware bragging 0.2 MALWARE_NORDNS Malware bragging + no rDNS X-Spam-Flag: YES Subject: ***SPAM*** A mystery This is a multi-part message in MIME format. ------=_NextPart_000_0029_01DB7C9F.02F48959C88FAC94 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Good day. &nbsp; Who am I? I'm a professional pentester and I infected your system when you visited = website for adults... I have been checking your activity for more than 1 month. &nbsp; What am I talking about? My malware allows me to enter your system. It's a multiplatform virus = with hidden VNC. It works on iOS, android, windows and MacOS. It is crypted so your AV can't detect it, I clean its signatures every = day. &nbsp; What do I have? I could turn on your camera and save all your logs. I have all your contacts, social media data and chats with your friends, = colegues etc. I collected information that can ruin your reputation. I have a video with your masturabtion and the video that you was = watching. It's awful... &nbsp; What do I want? I will publish this record and your life will be destroyed if you don't = pay \$1300 with bitcoins. Use this bitcoin address: bc1qkl28a8q0y408zye9z9d4x9qhyhpmrah2l7uyah &nbsp; How can you pay me? Use google to learn how to buy and spend bitcoins. &nbsp; What are my rules? I have 3 rules If you share this message your reputation will be ruined. If you don't pay your reputation will be ruined. If you try to trick me your reputation will be ruined. I give you no more than 50 hours from this moment to complete the deal. Don't waste your time. I can't be tracked down and nobody can help you = so don't think that somebody can help you if you complain. ------=_NextPart_000_0029_01DB7C9F.02F48959C88FAC94 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Dkoi8-r" http-equiv=3DContent-Type> <META name=3DGENERATOR content=3D"MSHTML 8.00.8523.3951A"></HEAD> <BODY> <DIV><SPAN class=3D793678983-11022025><FONT size=3D2=20 face=3DArial> <p>Good day.</p> <p>&nbsp;</p> <p>Who am I?</p> <p>I'm a professional pentester and I infected your system when you = visited website for adults...</p> <p>I have been checking your activity for more than 1 month.</p> <p>&nbsp;</p> <p>What am I talking about?</p> <p>My malware allows me to enter your system. It's a multiplatform virus = with hidden VNC. It works on iOS, android, windows and MacOS.</p> <p>It is crypted so your AV can't detect it, I clean its signatures = every day.</p> <p>&nbsp;</p> <p>What do I have?</p> <p>I could turn on your camera and save all your logs.</p> <p>I have all your contacts, social media data and chats with your = friends, colegues etc.</p> <p>I collected information that can ruin your reputation.</p> <p>I have a video with your masturabtion and the video that you was = watching. It's awful...</p> <p>&nbsp;</p> <p>What do I want?</p> <p>I will publish this record and your life will be destroyed if you = don't pay \$1300 with bitcoins.</p> <p>Use this bitcoin address: = bc1qkl28a8q0y408zye9z9d4x9qhyhpmrah2l7uyah</p> <p>&nbsp;</p> <p>How can you pay me?</p> <p>Use google to learn how to buy and spend bitcoins.</p> <p>&nbsp;</p> <p>What are my rules?</p> <p>I have 3 rules</p> <p>If you share this message your reputation will be ruined.</p> <p>If you don't pay your reputation will be ruined.</p> <p>If you try to trick me your reputation will be ruined.</p> <p>I give you no more than 50 hours from this moment to complete the = deal.</p> <p>Don't waste your time. I can't be tracked down and nobody can help = you so don't think that somebody can help you if you = complain.</p></FONT></SPAN></DIV></BODY></HTML> ------=_NextPart_000_0029_01DB7C9F.02F48959C88FAC94--