Post by kas on Jun 30, 2013 14:19:33 GMT -5
Return-Path: <vcamp@fibertel.com.ar>
Received: from avas-mr07.fibertel.com.ar (avas-mr07.fibertel.com.ar. [24.232.0.220])
Received: from [10.10.10.172] (Forwarded-For: [24.232.0.162]) by
stov3.fibertel.com.ar (mshttpd); Sun, 30 Jun 2013 21:28:38 +0500
From: <vcamp@fibertel.com.ar>
Reply-To: jub213@hotmail.co.uk
Date: Sun, 30 Jun 2013 21:28:38 +0500
X-Mailer: Sun Java(tm) System Messenger Express 6.1 HotFix 0.11 (built
Jan 28 2005)
MIME-Version: 1.0
Content-Language: es
X-Accept-Language: es
X-Fib-Al-From: vcamp@fibertel.com.ar
To: unlisted-recipients:; (no To-header on input)
The Lump sum of 1,000,000.00 has been given to you by the British Jumbo Group. send your Names and Country to Email: jub213@hotmail.co.uk
Received: from avas-mr07.fibertel.com.ar (avas-mr07.fibertel.com.ar. [24.232.0.220])
Received: from [10.10.10.172] (Forwarded-For: [24.232.0.162]) by
stov3.fibertel.com.ar (mshttpd); Sun, 30 Jun 2013 21:28:38 +0500
From: <vcamp@fibertel.com.ar>
Reply-To: jub213@hotmail.co.uk
Date: Sun, 30 Jun 2013 21:28:38 +0500
X-Mailer: Sun Java(tm) System Messenger Express 6.1 HotFix 0.11 (built
Jan 28 2005)
MIME-Version: 1.0
Content-Language: es
X-Accept-Language: es
X-Fib-Al-From: vcamp@fibertel.com.ar
To: unlisted-recipients:; (no To-header on input)
The Lump sum of 1,000,000.00 has been given to you by the British Jumbo Group. send your Names and Country to Email: jub213@hotmail.co.uk
Doing a Google Search resulted in one page giving this error by Google Chrome's AntiMalware extension:
Danger: Malware Ahead!
Google Chrome has blocked access to this page on www.newsletter-online.it.
Content from www.pensieriparole.it, a known malware distributor, has been inserted into this web page. Visiting this page now is very likely to infect your computer with malware.
Malware is malicious software that causes things like identity theft, financial loss, and permanent file deletion.
Google Chrome has blocked access to this page on www.newsletter-online.it.
Content from www.pensieriparole.it, a known malware distributor, has been inserted into this web page. Visiting this page now is very likely to infect your computer with malware.
Malware is malicious software that causes things like identity theft, financial loss, and permanent file deletion.
And another page is a block most likely created free by the scammer:
bit2pri.blogspot.ca/2013/06/your-email-id-has-won-1000000.html
Which simply says on the page:
Wednesday, 5 June 2013
Your Email Id has Won 1,000,000.00 Pounds From JUMBO 2013 NEW YEAR DRAW, Held on JUNE 1st, 2013 attached with draw number "244". You are to contact our claim agent on this Email: ( jub213@hotmail.co.uk ) with the below details for claims.
Full Name:
Address:
Mobile Number:
Age:
Country:
Contact Person: Mr. John Carrick
Contact Email: jub213@hotmail.co.uk
Posted by guru at 08:27
Your Email Id has Won 1,000,000.00 Pounds From JUMBO 2013 NEW YEAR DRAW, Held on JUNE 1st, 2013 attached with draw number "244". You are to contact our claim agent on this Email: ( jub213@hotmail.co.uk ) with the below details for claims.
Full Name:
Address:
Mobile Number:
Age:
Country:
Contact Person: Mr. John Carrick
Contact Email: jub213@hotmail.co.uk
Posted by guru at 08:27
If he is the one who created it, reading through his pages it seems that his information is as follows:
Shanu (on Facebook)
seth_19880@rediffmail.com (on Facebook)
seth_19880@rediff.com (on Facebook)
sumit seth (on Twitter)
Guru (on Blogspot)
iertbittu@gmail.com (on Facebook)
119.252.147.126
City: Allahabad. State: U.P. Country: INDIA.
Mobile No : 9695362470
and he uses www.gotomypc.com via his mobile to access his files with the login name of seth_19880@rediff.com
Looking at older posts, these accounts might be his multiple accounts or they might be victim accounts he has stolen.
It also looks like he copies the code from many different sites and posts them on his blog and then uses them to scam people.