| Current Path : /home/ift/mails/38/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //home/ift/mails/38/1543661430.zrspam.389772_2018_12_01 |
From christian.gabriel@shortnote.de Sat Dec 1 11:50:30 2018
Return-Path: <christian.gabriel@shortnote.de>
X-Original-To: cgabriel@ift-informatik.de
Delivered-To: cgabriel@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id CDC193D20009D; Sat, 1 Dec 2018 11:50:30 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Sat, 01 Dec 2018 11:50:30 +0100
From: christian.gabriel@shortnote.de
To: christian.gabriel@shortnote.de
Subject: *****SPAM***** christian.gabriel@shortnote.de has password XnBlrvgq. Password must be changed
Date: Thu, 29 Nov 2018 17:11:26
Message-Id: <1725462218.20181129171126@shortnote.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: ***************
X-Spam-Status: Yes, score=15.5 required=5.0 tests=BAYES_00,
DATE_IN_FUTURE_03_06,FROM_IN_TO_AND_SUBJ,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,
MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,
RDNS_DYNAMIC,TO_EQ_FM_HTML_ONLY,TO_IN_SUBJ,URIBL_BLOCKED autolearn=no
autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5C026776.8D22EA73"
This is a multi-part message in MIME format.
------------=_5C026776.8D22EA73
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello! I'm a programmer who cracked your email account and
device about half year ago. You entered a password on one of the insecure
site you visited, and I catched it. Your password from christian.gabriel@shortnote.de
on moment of crack: XnBlrvgq [...]
Content analysis details: (15.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[84.209.51.186 listed in psbl.surriel.com]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?84.209.51.186>]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: shortnote.de]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[84.209.51.186 listed in bl.score.senderscore.com]
3.0 DATE_IN_FUTURE_03_06 Date: is 3 to 6 hours after Received: date
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
1.0 FROM_IN_TO_AND_SUBJ From address is in To and Subject
2.9 TO_IN_SUBJ To address is in Subject
3.0 TO_EQ_FM_HTML_ONLY To == From and HTML only
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_5C026776.8D22EA73
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from mx.gmail.com (cm-84.209.51.186.getinternet.no [84.209.51.186])
by ift-informatik.de (Postfix) with ESMTP id A81AE3D200056
for <christian.gabriel@shortnote.de>; Sat, 1 Dec 2018 11:50:28 +0100 (CET)
Received: from shortnote.de ([192.168.0.99])
by mx.gmail.com (mx.gmail.com)
(MDaemon PRO v9.6.1)
with ESMTP id md50000570109.msg;
Thu, 29 Nov 2018 16:11:31 +0300
Date: Thu, 29 Nov 2018 17:11:26
Content-Type: text/html; charset=utf-8
From: christian.gabriel@shortnote.de
To: christian.gabriel@shortnote.de
Subject: christian.gabriel@shortnote.de has password XnBlrvgq. Password must be changed
X-Mailer: The Bat! (v4.1) Home
Reply-To: christian.gabriel@shortnote.de
MIME-Version: 1.0
X-Priority: 3 (Normal)
Message-ID: <1725462218.20181129171126@shortnote.de>
Content-Type: text/html; charset=utf-8
X-Spam-Processed: mx.gmail.com, Thu, 29 Nov 2018 16:11:31 +0300
(not processed: spam filter heuristic analysis disabled)
X-MDRemoteIP: 192.168.0.99
X-Return-Path: christian.gabriel@shortnote.de
X-Envelope-From: christian.gabriel@shortnote.de
X-MDaemon-Deliver-To: christian.gabriel@shortnote.de
Hello!<br>
<br>
I'm a programmer who cracked your email account and device about half year ago.<br>
You entered a password on one of the insecure site you visited, and I catched it.<br>
Your password from christian.gabriel@shortnote.de on moment of crack: XnBlrvgq<br>
<br>
Of course you can will change your password, or already made it.<br>
But it doesn't matter, my rat software update it every time.<br>
<br>
Please don't try to contact me or find me, it is impossible, since I sent you an email from your email account.<br>
<br>
Through your e-mail, I uploaded malicious code to your Operation System.<br>
I saved all of your contacts with friends, colleagues, relatives and a complete history of visits to the Internet resources.<br>
Also I installed a rat software on your device and long tome spying for you.<br>
<br>
You are not my only victim, I usually lock devices and ask for a ransom.<br>
But I was struck by the sites of intimate content that you very often visit.<br>
<br>
I am in shock of your reach fantasies! Wow! I've never seen anything like this!<br>
I did not even know that SUCH content could be so exciting!<br>
<br>
So, when you had fun on intime sites (you know what I mean!)<br>
I made screenshot with using my program from your camera of yours device.<br>
After that, I jointed them to the content of the currently viewed site.<br>
<br>
Will be funny when I send these photos to your contacts! And if your relatives see it?<br>
BUT I'm sure you don't want it. I definitely would not want to ...<br>
<br>
I will not do this if you pay me a little amount.<br>
I think $820 is a nice price for it!<br>
<br>
I accept only Bitcoins.<br>
My BTC wallet: 1JrzjKrGDNH7C3tBFqRKu9RXHBMW2ncQvx<br>
<br>
If you have difficulty with this - Ask Google "how to make a payment on a bitcoin wallet". It's easy.<br>
After receiving the above amount, all your data will be immediately removed automatically.<br>
My virus will also will be destroy itself from your operating system.<br>
<br>
My Trojan have auto alert, after this email is looked, I will be know it!<br>
<br>
You have 2 days (48 hours) for make a payment.<br>
If this does not happen - all your contacts will get crazy shots with your dirty life!<br>
And so that you do not obstruct me, your device will be locked (also after 48 hours)<br>
<br>
Do not take this frivolously! This is the last warning!<br>
Various security services or antiviruses won't help you for sure (I have already collected all your data).<br>
<br>
Here are the recommendations of a professional:<br>
Antiviruses do not help against modern malicious code. Just do not enter your passwords on unsafe sites!<br>
<br>
I hope you will be prudent.<br>
Bye.<br>
------------=_5C026776.8D22EA73--