Two scam emails received on my two separate email addresses on the same day, yesterday.

I have absolutely no debt whatsoever to anyone, so they can go and f**k themselves. I replied to one of them asking for further details (there was no way I was going to open up their links) but my email bounced back.

I can maybe understand them trying this sort of thing on with large companies, but a private individual? Surely no one is going to fall for this as they must know something about their finances.

By the way, both links have viruses on them so please DON'T ATTEMPT to open them!!

Dear Hercules,
Regarding the amount due 416.96 GBP, we act on behalf of Kongsberg Norcontrol IT Ltd in order to collect the outstanding account value of your debt.
We would like to remind you that the amount above was due for payment on 26.03.16 but as no payment has been received, your invoice is now considered as overdue. Please find a printable version of your invoice at the following link: http://www.littlebigdev.nowhere/index.php?mo=5-3017e9&cico=jcpex6c Original invoice will be sent out to:
In order to avoid further costs, please forward the payment to us and transfer the amount due not later than 15.04.16
Best regards,
Jeremy Mullins

Dear Hercules,

Regarding the amount due 1138.78 GBP, we act on behalf of Grammer Seating Systems Ltd in order to collect the outstanding account value of your debt.

We would like to remind you that the amount above was due for payment on 24.03.16 but as no payment has been received, your invoice is now considered as overdue. Please find a printable version of your invoice at the following link: http://bomhuset.nowhere/index.php?so=5-3017&y=e9jcpex6c

Original invoice will be sent out to:

In order to avoid further costs, please forward the payment to us and transfer the amount due not later than 10.04.16

Yours sincerely,
Gary Watts

I keep getting emails saying my Hotmail account is to be closed. It really irritates me to the point of wishing I could come face to face with the bastards and pit the heid in them. Some poor souls may be taken in and click on the link. Today's email was particularly badly written. The other regular is about my Paypal account, which doesn't exist and never has.

Hercules' message above are examples of this deadly email.

H G-T I suggest that you edit your example above to ensure those links if clicked go to a non-existent place, just in case anyone id daft enough to click one. e.g. change the .net and ,dk to .nowhere

~~~~~~~~~~~~~~~~~~~~~~

Beware of emails containing invoices from unexpected companies! Even if the email has your correct address!. Do not open attachments or click links as they lead to deadly ransomware MAKTUB which could encrypt your files and demand a ransom in Bitcoins to undo the encryption.

See more information on the BBC website: http://www.bbc.co.uk/news/technology-35996408

I do not know yet if this can also affect Apple Mac Computers, iPhones, Smartphones, Android or Linux, but it might.

There is NO CURE if you get infected other than paying the ransom or wiping your entire system and reloading it from your backups so it is VITAL to keep your backups up to date.

Quote: billwill @ 8th April 2016, 3:28 PM BST

Hercules' message above are examples of this deadly email.

H G-T I suggest that you edit your example above to ensure those links if clicked go to a non-existent place, just in case anyone id daft enough to click one. e.g. change the .net and ,dk to .nowhere

View original

Thanks Bill, and yes you never know if someone is curious so have done what you suggest.

These two arrived yesterday within minutes of each other so I presume are connected. I have changed a couple of letters in each link just in case somebody is curious and tries to pop one - I will be informing Amazon as this seems to be a new scam:-

This is the mail system at host smtprelay-h21.telenor.se which is relaying messages sent by customers to Telenor Sverige AB and its subsidiaries Bredbandsbolaget and Glocalnet.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

<carlspeirs@aob.com>: host mailin-01.mx.aol.com[152.163.0.68] said: 550 5.1.1
<carlspeirs@aob.com>: Recipient address rejected: aol.com (in reply to RCPT
TO command)

Dear Hercules,

We are sorry to let you know that your email(s) below cannot be delivered. The recipients have decided to leave the Amazon.co.uk platform or are not eligible to receive any further email communications.

For answers to any further questions please visit our online help:

http://www.amazom.co.uk/gp/help/customer/display.html?nodeId=200389640

We hope our online resources meet all your needs. If you have explored the above link but still need to get in touch with us, please use the Contact-Us form in our online Help department.

The messages affected are:

To: l0fppb7mbv6fhmr@marketplace.amazom.co.uk
Sent: 17/04/16 02:52:50 o'clock GMT
Fw: new important message

Warmest Regards,
Amazon.co.uk http://www.amazom.co.uk

I've just had 2 in a row telling me I'm 'aligible' for a tax refund, and one purporting to be from Visa (I don't have Visa) saying if I ignore the message it'll be at my own 'risc'.

Received thirteen (!!) of these this morning and some are quoting email addresses of people I know and are in my address book but who I haven't contacted for ages.

"This message was created automatically by mail delivery software.

{revised}
Probably many others in your contact list have been sent spam/scam emails; then the mail server of the rogue hit a mailing-rate limit and it stopped sending them out. The error messages were sent to the apparent sender, which was you.

Evidently your contact list has been hacked into somewhere.

Possibilities:
a) A web based email system & a password too simple
b) Malware on your computer
c) An old computer that you discarded without rigorously wiping the hard disk.
d) A malicious app on a smart phone

The list goes on...........

~~~~~~~~~~~~~~~~~~

The data for the sending domain is:

muratyamac.com.tr registry whois
Updated 1 second ago - Refresh
** Registrant:
Murat Yamaç
Cumhuriyet Bulvar? No:123 May?s ?? Merkezi
Kat:5 Daire:503 Alsancak
?zmir,
Türkiye
email@akikllc.com
+ 90-546-7476762-
+ 90-232-4210578-

** Administrative Contact:
NIC Handle : wds2-metu
Organization Name : Web Design Services LLC
Address : Hidden upon user request
Phone : Hidden upon user request
Fax : Hidden upon user request

** Technical Contact:
NIC Handle : wds2-metu
Organization Name : Web Design Services LLC
Address : Hidden upon user request
Phone : Hidden upon user request
Fax : Hidden upon user request

** Billing Contact:
NIC Handle : wds2-metu
Organization Name : Web Design Services LLC
Address : Hidden upon user request
Phone : Hidden upon user request
Fax : Hidden upon user request

** Domain Servers:
ns1.akikhost.net
ns2.akikhost.net

** Additional Info:
Created on..............: 2008-Jul-23.
Expires on..............: 2016-Jul-22.

Quote: billwill @ 28th April 2016, 2:21 PM BST

{revised}
Probably many others in your contact list have been sent spam/scam emails; then the mail server of the rogue hit a mailing-rate limit and it stopped sending them out. The error messages were sent to the apparent sender, which was you.

Evidently your contact list has been hacked into somewhere.

Possibilities:
a) A web based email system & a password too simple
b) Malware on your computer
c) An old computer that you discarded without rigorously wiping the hard disk.
d) A malicious app on a smart phone

The list goes on...........

~~~~~~~~~~~~~~~~~~

The data for the sending domain is:

View original

Thanks for that Bill

Re your a to c, only one applies so will change my password even though the original is not a simple one.

Wow, a WitchDoctor, what next

Hello,

I am by name Dr Michael Nagari ( The spell caster) I am a witch doctor who helps people to retrieve back their husbandS, wife, boyfriend, girlfriend. I am well known as one of the best witch doctor accross the world. Is a gift from my father to help those that are in serious spiritual problem. Do u want your ex relationship back? Are you searching for true love? Are you afraid of loosing your lover and u want to put that ultimate stamp on your love relationship? Or you have been dissapointed in ur day to day life? You need that supernatural breakthrough in your finances? All you have to do is to contact me at my Email: censored@gmail.com

I have been giving the power from God to save His people from difficulties and I know you can't contact me without having a solution from GOD to put an end to your problems. I hope to hear from you soon if ready to get out of that problem.

Best wishes ,
Dr Michael Nagari
Email: censored@gmail.com

That's brilliant! The man deserves a prize.

Really!

A Witch Doctor who believes in God instead of the spirits of nature?

If you get an e mail saying that it's still Leevils birthday do not open it
It is not his Birthday anymore despite what the front page of the BCG says

I've seen a large number of emails with what I'm sure are dangerous zip files attached, but they've always been sent to an address that I haven't used in years and they usually claim to contain receipts, estimates or bills. This is the first one I've received at my "real" address and it appears that they've stepped up their game by threatening to have me arrested.

The Russian address, poor grammar and lack of details are dead giveaways, but I can see how threats of arrest could cause gullible people to open the attachment.

From: Tena Hepworth <HepworthTena51@asutpforum.ru>
Subject: Court Meeting on June, 17, 2016
Date: May 27, 2016 at 7:58:38 AM CDT
To: Me

Good day,
You are obligated to attend a court meeting on June, 17, 2016.
If you do not appear in court on the date stated in the attached summons, the court may issue a warrant for your arrest to bring you to court.
For more information please refer to the document enclosed.

EDIT: I just received another variation of the court summons at my "regular" SPAM address. I also received one with a zip file claiming to contain "photos." They must be cranking these out by the millions.

This is an interesting one. The thing is it is supposedly from someone on a dating site - but we've been already going out together for nearly 5 months.

Hi can you give me your mobile number or your email address.. Am currently in south Africa.. I have some consignment coming from China soon. I was give a contract by the company i'm with to supply the rural area in south Africa some hospital equipment, the reason I didn't order it from the u.s or u,k is bcos the cheaper the equipment the more profile I will make. I was told to supply 100 each for 1. Refurbished-Datascope Pas
2. Infant Resuscitator
3. ECG Automated Machine
4. CT Scanner
5. PCR Machine
6. E.Microscopes
7. Centrfuges
8. Laboratory Reagents etc the first face of my contract is to give vaccine and the second face is to lecture the young on how to use condom when having sex and as I told you, I employed some worker to help me do the job so it will be faster and easier for me

i was 40% of the total sum agreed then I have to complete the 60% with my personal money ...once I'm done with project supplying the equipment and given the kids vaccine they will then pay me the remainder 60%..That's how the project works.. My subscription ends today and am not renewing it..