Anti-Scam - Erik Gilliam <daniel.layman@croda.com> <michael.kane@health.utah.edu> <info@basba.eu>

Template wählen:

Sprache wählen:

Anti-Scam › sonstige SCAM-Kontakte › Phishing und Geldwäsche › Erik Gilliam <daniel.layman@croda.com> <michael.kane@health.utah.edu> <info@basba.eu>

‹ Vorheriges Thema | Nächstes Thema ›

Seiten: 1

Thema versenden

Erik Gilliam <daniel.layman@croda.com> <michael.kane@health.utah.edu> <info@basba.eu> (Gelesen: 1739 mal)

Uli Themenstarter General Counsel Offline Beiträge: 30400 Mitglied seit: 17. Januar 2008 Geschlecht:	Erik Gilliam <daniel.layman@croda.com> <michael.kane@health.utah.edu> <info@basba.eu> 08. November 2010 um 16:15
	Der Text sieht zunächst sehr unscheinbar aus. Googelt man allerdings die Telefonnummer 1-801-461-5023, dann kommt man zu interessanten Infos! Der Text wird im Browser zwar richtig dargestellt, der Originaltext hat aber einige merkwürdige Veränderungen, die hervorgerufen sind durch versteckten Text. Vorsichtshalber werde ich nur den Text ohne die versteckten Bereiche veröffentlichen. Zur besseren Kenntlichmachung als Zitat: The webbrowser shows the text without cryptical parts. But if you look at the sourcecode you'll find a lot of strange parts. The following quotation shows how the browser will show the text. Zitat: Hey Family! Just wanted to write you, and let you know, how the degree program I tried out went. Well, six weeks later, I graduated, finished & received my Masters Degree with no study required and %100 verifiable. Yeah mom, I know you and Dad doubted it at first, but this turned out to be %100 legit. This opportunity was given to me because of the professional experience and previos course work I had accumulated. I’m so excited mom and dad, this was a life altering opportunity & for once in my life I took advantage of it. I already have jobs, that wouldn’t have given me a chance before, now they are calling offf the hook! This really is a godsend. Tell Susan and Cousin Joey that they better hurry up and call that # I gave them the other day. Again these are the degrees they offer, BA, BSC, MA, MSC, MBA and PhD, and the number to call is 1-801-461-5023, tell them to leave a brief message with their name, the degree they are interested in and their day and evening phone numbers. They will contact you soon after, Anyway, much love, and tell the rest of the family I said hello Love, Your son, John P.s. Mom, why don’t you send this email to a few of your friends? My professor told me that if we send over referrals the school can give us a scholarship. Wenn ich etwas Zeit habe, dann versuche ich mal den kryptischen Text zu entschlüsseln. Vermutlich soll damit etas untergejubelt werden. Ich halte die Mail für gefährlich! If I have a little time I'll try to encrypt the text. Possibly they try to send a virus. I think this mail is dangerous! Spoiler: Return-Path: <daniel.layman@croda.com> X-Original-To: xxx Delivered-To: xxx Received: from xxx (localhost.localdomain [127.0.0.1]) by xxx (Postfix) with ESMTP id 5C17DE24569 for <xxx>; Mon, 8 Nov 2010 15:46:04 +0100 (CET) Received: from chello062178016179.6.11.vie.surfer.at (chello062178016179.6.11.vie.surfer.at [62.178.16.179]) by xxx (Postfix) with ESMTP for <xxx>; Mon, 8 Nov 2010 15:46:04 +0100 (CET) Received: from [62.178.16.179] by croda.com.s8b2.psmtp.com; Mon, 8 Nov 2010 06:40:20 -0800 Date: Mon, 8 Nov 2010 06:40:20 -0800 From: "Erik Gilliam" <daniel.layman@croda.com> X-Mailer: The Bat! (v3.62.03) Professional Reply-To: daniel.layman@croda.com X-Priority: 3 (Normal) Message-ID: <639810376.05453789365479@croda.com> To: xxx Subject: Mon, 8 Nov 2010 06:40:20 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----------9DAAAA3EC842C842" ------------9DAAAA3EC842C842 Content-Type: text/plain; charset=windows-1250 Content-Transfer-Encoding: 7bit Code IP-Adresse: 62.178.16.179 Ländercode der IP: AT Land der IP: ip address flag Austria Bundesland der IP: Wien Stadt der IP: Vienna Breitengrad der IP: 48.2000 Längengrad der IP: 16.3667 Provider der IP: Chello Broadband GmbH Organisation: Chello Broadband GmbH Host der IP: chello062178016179.6.11.vie.surfer.at
	« Zuletzt geändert: 08. November 2010 um 16:50 von Uli »

	IP gespeichert

Indikation

Uli Themenstarter General Counsel Offline Beiträge: 30400 Mitglied seit: 17. Januar 2008 Geschlecht:	Re: Erik Gilliam <daniel.layman@croda.com> Antwort #1 - 08. November 2010 um 16:27
	Habe gerade gesehen, dass es eine ähnliche Mail in unserem Postfach gibt von einer Tisha Snider <michael.kane@health.utah.edu>! Beinhaltet ebenfalls verborgenen Text. Nearly same text we got from Tisha Snider <michael.kane@health.utah.edu>! Has also cryptic text! Spoiler: Return-Path: <michael.kane@health.utah.edu> X-Original-To: xxx Delivered-To: xxx Received: from xxx(localhost.localdomain [127.0.0.1]) by xxx (Postfix) with ESMTP id F118DE24569 for <xxx>; Mon, 8 Nov 2010 13:25:24 +0100 (CET) Received: from 77.30.76.220.dynamic.saudi.net.sa (unknown [77.30.76.220]) by xxx (Postfix) with ESMTP for <xxx>; Mon, 8 Nov 2010 13:25:24 +0100 (CET) Received: from [77.30.76.220] by ipohsc.utah.edu; Mon, 8 Nov 2010 04:19:36 -0800 Date: Mon, 8 Nov 2010 04:19:36 -0800 From: "Tisha Snider" <michael.kane@health.utah.edu> X-Mailer: The Bat! (v2.00.2) Business Reply-To: michael.kane@health.utah.edu X-Priority: 3 (Normal) Message-ID: <483584202.25450055597668@health.utah.edu> To: xxx Subject: (no subject) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----------B256E3C09888FB" Code IP-Adresse: 77.30.76.220 Ländercode der IP: SA Land der IP: ip address flag Arabia Bundesland der IP: Ar Riyad Stadt der IP: Riyadh Breitengrad der IP: 24.6408 Längengrad der IP: 46.7728 Provider der IP: SaudiNet Organisation: SaudiNet Host der IP: 77.30.76.220.dynamic.saudi.net.sa
	« Zuletzt geändert: 08. November 2010 um 16:35 von Uli »

	IP gespeichert

Uli Themenstarter General Counsel Offline Beiträge: 30400 Mitglied seit: 17. Januar 2008 Geschlecht:	Re: Erik Gilliam <daniel.layman@croda.com> <michael.kane@health.utah.edu> Antwort #2 - 08. November 2010 um 16:37
	Noch einmal gleichen Text haben wir von Denny Blue <info@basba.eu> bekommen. Spoiler: Return-Path: <info@basba.eu> X-Original-To: xxx Delivered-To: xxx Received: from xxx (localhost.localdomain [127.0.0.1]) by xxx (Postfix) with ESMTP id A3C57E24569 for <xxx>; Mon, 8 Nov 2010 09:07:12 +0100 (CET) Received: from adsl86-34-238-61.romtelecom.net (unknown [86.34.238.61]) by xxx (Postfix) with ESMTP for <xxx>; Mon, 8 Nov 2010 09:07:12 +0100 (CET) Received: from [86.34.238.61] by basba.eu; Mon, 8 Nov 2010 10:01:25 +0200 Date: Mon, 8 Nov 2010 10:01:25 +0200 From: "Denny Blue" <info@basba.eu> X-Mailer: The Bat! (v3.51) Home Reply-To: info@basba.eu X-Priority: 3 (Normal) Message-ID: <596562319.23346809714451@basba.eu> To: xxx Subject: Privacy MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----------1DAE16E167CB6E1" ------------1DAE16E167CB6E1 Content-Type: text/plain; charset=Windows-1252 Content-Transfer-Encoding: 7bit Code IP-Adresse: 86.34.238.61 Ländercode der IP: RO Land der IP: ip address Romania Bundesland der IP: Bucuresti Stadt der IP: Bucharest Breitengrad der IP: 44.4333 Längengrad der IP: 26.1000 Provider der IP: ROMTelecom S.A. Organisation: Romtelecom Data Network Host der IP: adsl86-34-238-61.romtelecom.net


	IP gespeichert

Seiten: 1

Thema versenden

‹ Vorheriges Thema | Nächstes Thema ›

Link zu diesem Thema

HTML Code:
BBCode:
URL:

« Übersicht ‹ Forum Top