Content-Description: original message before SpamAssassin Content-Disposition: inline
From XXXXXXXXXXXXXX.com Wed Jan 18 21:10:25 2017 Content-Description: Mail message body Subject: Investment Proposal To: Recipients <XXXXXXXXXXXXXX.com> From: "Mr. P Bodi" <XXXXXXXXXXXXXX.com> Date: Thu, 19 Jan 2017 03:31:15 +0200
I am a private investor based in U.S, Chicago Illinois. A group of government officials from South Africa contacted me with an offer. I am to solicit and state their offer, if your Interest is genuine; you can contact me for further briefing.
I need to engage with you to discuss a high return investment opportunity. You will be made a beneficiary of a very huge sum of money ($120MIL) and it will be transferred to you. A high Compensation of 20% awaits you, the remaining balance (minus the interest, handling and tax clearance charges, which will be offset by us and deducted from the transfer sum) to a Nominated bank account in Cayman Island or your account.
I do not think I need to spell out the importance of secrecy in this matter considering what is involved. Let me state clearly here that the account you will be providing does not need to have funds in it; it is only needed to be active and can receive the funds in question.
I need your quick response to this mail to indicate your intent, by getting in touch with me right away.
This is important as we would need to talk and have a meeting to discuss the modalities of this offer. Let me know your interest if you can come to me or I can come to you in Person. For further clarification please contact me through my private telephone number.
I am here In London now, here are my contact details +447700309005. Or better still my email, XXXXXXXXXXXXXXX.com
Yours sincerely,
Mr Pat Bodi
From XXXXXXXXXXXXXX.com Wed Jan 18 21:10:40 2017
X-Original-To: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Delivered-To: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
From: "Mr. P Bodi" <XXXXXXXXXXXXXX.com>
To: Recipients <XXXXXXXXXXXXXX.com>
Subject: [SPAM] Investment Proposal
Date: Thu, 19 Jan 2017 03:31:15 +0200
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
atrium61.its.brooklyn.cuny.edu
X-Spam-Flag: YES
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.5 required=5.0 tests=ADVANCE_FEE_3_NEW_MONEY,
BAYES_50,DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,FREEMAIL_REPLYTO,
LOTS_OF_MONEY,MISSING_MID,MONEY_FRAUD_5,NML_ADSP_CUSTOM_MED,RDNS_NONE,
SPOOFED_FREEM_REPTO autolearn=no version=3.3.1
Part 1:
Content-Disposition: inline
Spam detection software, running on the system "atrium61.its.brooklyn.cuny.edu", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear Sir/Madam, I am a private investor based in U.S, Chicago
Illinois. A group of government officials from South Africa contacted me
with an offer. I am to solicit and state their offer, if your Interest is
genuine; you can contact me for further briefing. [...]
Content analysis details: (8.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(XXXXXXXX[at]XXXXX.com)
0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is
CUSTOM_MED
2.0 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.4998]
0.5 MISSING_MID Missing Message-Id: header
0.0 LOTS_OF_MONEY Huge... sums of money
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
0.9 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list
2.5 SPOOFED_FREEM_REPTO Forged freemail sender with freemail reply-to
0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases
0.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
This is to officially inform you that we have written to you before without getting respond from you and we believe that our previous mail did not get to you therefore we write you again. We are contacting you concerning the release of your inheritance fund / Draft /Cheque /ATM Card which have been delayed for transfer by some officials who claim to be in position of your fund thereby extorting money from you in one way or the other.Your Fund has finally been approved for transfer by the West Africa Fund Monitoring Unit. Your fund will be transfer to you via ATM Visa Card which is cash-able in any ATM machine or Bank anywhere in the world.
We hereby inform you that the ATM card worth US$4.8,million US dollars has been credited in your favour as the first part payment of your inheritance fund which has been delayed by these officers who claim to be in position of your fund.Therefore you are warned to stop any further communication with anybody concerning your inheritance fund.
Your fund to be released via MasterCard ATM in act to uphold the rule of law which we represent.You have to reconfirm the informations below for security reasons. And also be informed that delivery agent will leave this country as soon as you comply with (Courier)Company requirement
Send them the following information of yours for the conclusion of your Atm Card: DHL director, Mr.Dehung Piarre, Phone:+229 62318047
Thanks for your antispation.
From Mrs. Juliet Odmma
From elpana@ngi.it Wed Jan 18 10:11:03 2017 Return-Path: <elpana@ngi.it> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on XXXXXXXXXXXXXXXXXXXXXXXXXX X-Spam-Level: * X-Spam-Status: No, score=1.2 required=5.0 tests=ADVANCE_FEE_5_NEW_FRM_MNY, DEAR_BENEFICIARY,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FILL_THIS_FORM, FILL_THIS_FORM_LONG,FREEMAIL_FORGED_REPLYTO,HTML_MESSAGE,LOTS_OF_MONEY, MONEY_FORM,MONEY_FRAUD_5,RP_MATCHES_RCVD,T_HK_NAME_MR_MRS autolearn=disabled version=3.4.0 X-Original-To: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Delivered-To: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX X-Virus-Scanned: amavisd-new at XXXXXXXXXXXXXXXXXXXXX Authentication-Results: XXXXXXXXXXXXXXXXXXXXXXXXXX (amavisd-new); dkim=pass (1024-bit key) header.d=ngi.it DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ngi.it; s=dkim; t=1484752246; bh=ZQaUNxtFWYvA1eZZmBXk9qF0ulNw9LwALK0EE+85mBw=; h=From:Reply-To:To:Subject:Date:From; b=P8HdUCk8ijctBEK0oA8uboCmqU1pNzcUpSHzksBCb8iQU09VkGUGeyO5GMWSfiu8X uGRgT4PtQmDPfnhOzsyYVboz5BvFWLJXLzNI9Ix+8FT4lbLaJhZUbDwIB88TmV1diR aVkf3QbQm3sZCgs3htj/dpGm+VD5JjO7/4GLJc9w= From: "Mrs. Juliet Odmma" <elpana@ngi.it> Reply-To: "Mrs. Juliet Odmma" <drddhungpierree@gmail.com> To: mailwebbserve@gmail.com X-Mailer: Eolo webmail X-Originating-IP: 41.138.91.232 Subject: Dear Beneficiary,Our Ref: FJD /DHL/STB, Date: Wed, 18 Jan 2017 16:10:20 +0100 Content-Type: multipart/alternative; boundary="=_64bd920e94d11ba0967fbd57f2c3b3bd" X-UID: 20331 Content-Length: 4758 Status: RO Content-Type: text/plain; charset=UTF-8