|
trampis
mad hatter


Registered: 01/01/06
Posts: 3,545
|
e-mail from the FBI.. wtf?
#14032435 - 02/26/11 08:05 PM (12 years, 10 months ago) |
|
|
so I checked my junk mail today and there is a letter, "Notice From FBI".
normally I would brush it off as bullshit immediately, but the e-mail address the letter came from was 'agentronald@fbi.gov'
The letter contains an rtf file I would have to download to read more (of course) so I am paranoid about downloading anything because it still seems shady.. other than that it just says..
"WE WOULD FIRST SEND A LETTER TO THE MAYOR OF THE CITY WHERE YOU RESIDE AND DIRECT THEM TO CLOSE YOUR BANK ACCOUNT UNTIL YOU HAVE BEEN JAILED AND ALL YOUR PROPERTIES WILL BE CONFISCATED BY THE FBI. READ BELOW MESSAGE ATTACHMENT FOR MORE INFORMATION AND GET BACK TO US."
seems like bullshit. I mean, like they would give someone a heads up about that kinda shit. Besides, I don't do anything that would give them reason to find me.. it just trips me out that the letter came from ''@fbi.gov'
any input?
--------------------
|
veggie

Registered: 07/25/04
Posts: 17,504
|
Re: e-mail from the FBI.. wtf? [Re: trampis]
#14032487 - 02/26/11 08:15 PM (12 years, 10 months ago) |
|
|
I wouldn't worry about it. Anyone can spoof an email address. It ended up in your junk mail for a good reason, it's junk. I get goofy crap like that all the time.
|
johnm214


Registered: 05/31/07
Posts: 17,582
Loc: Americas
|
Re: e-mail from the FBI.. wtf? [Re: trampis]
#14032492 - 02/26/11 08:16 PM (12 years, 10 months ago) |
|
|
Its nonsense. Only Nigerian idiots use allcaps.
http://scamoftheday.com/wordpress/2011/02/05/fbi-scam-alert-read-with-care-and-get-back-to-me/
You can complain if you like, but Nigeria apparently doesn't care, and their ISP's don't give a fuck either. If you want to figure out where it came from, you can either post the header here with your info removed, or send me a PM and I'll post where the thing originated from.
Its almost certainly a Nigerian dial-up ISP. Vodafone, ZoomNigeria, etcet
|
biologys
Mycologist in Trainning




Registered: 12/21/09
Posts: 4,622
|
Re: e-mail from the FBI.. wtf? [Re: veggie]
#14032496 - 02/26/11 08:17 PM (12 years, 10 months ago) |
|
|
agree'd someone is using more then likely a cgi, or winsock spammer and can manipulate the email address to anything they want..
|
trampis
mad hatter


Registered: 01/01/06
Posts: 3,545
|
Re: e-mail from the FBI.. wtf? [Re: biologys]
#14032550 - 02/26/11 08:26 PM (12 years, 10 months ago) |
|
|
yeah, it has to be bullshit.
"From: FEDERAL BUREAU OF INVESTIGATION (FBI) (agentronald@fbi.gov) "
I just noticed the "To:" is blank, there isn't even an address in that field..
I remember a long time ago getting some message about someone wanted to transfer billions of dollars to my account because bla bla bla..
--------------------
|
naum



Registered: 10/09/07
Posts: 4,069
|
Re: e-mail from the FBI.. wtf? [Re: trampis]
#14033483 - 02/26/11 11:01 PM (12 years, 10 months ago) |
|
|
If you know how or can figure out how, looking at the full email headers can easily allow you to peg a spoofed address. They may even give you an originating IP.
-------------------- Let's upgrade our security practices and move toward client-side PGP for encrypted PMs. My Public PGP Key: hxxps://www.shroomery.org/forums/showflat.php/Number/24002249#24002249
|
trampis
mad hatter


Registered: 01/01/06
Posts: 3,545
|
Re: e-mail from the FBI.. wtf? [Re: naum]
#14035181 - 02/27/11 10:45 AM (12 years, 10 months ago) |
|
|
looks like it came from Germany..
Received: from mout3.freenet.de ([195.4.92.93]) by SNT0-MC1-F5.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675)
--------------------
|
johnm214


Registered: 05/31/07
Posts: 17,582
Loc: Americas
|
Re: e-mail from the FBI.. wtf? [Re: trampis]
#14035775 - 02/27/11 12:41 PM (12 years, 10 months ago) |
|
|
I sent you a PM as well, but based on the info you sent me:
The computer which sent the spam was connected to IP 178.33.149.181 through OVH, a large French ISP that has a ton of infected spambots on it. It seems that particular IP range was assigned to a company called "Santrex" that offers private servers and so forth
inetnum: 178.33.149.160 - 178.33.149.191 netname: Santrex-Internet descr: VPS Services country: FR org: ORG-SA868-RIPE admin-c: OTC2-RIPE tech-c: OTC2-RIPE status: ASSIGNED PA mnt-by: OVH-MNT source: RIPE # Filtered
organisation: ORG-SA868-RIPE org-name: SANTREX org-type: OTHER address: PO Box 66387 address: London E14 1LR address: UK
The computer at 178.33.149.181 sent the spam through Microsoft Outlook Express v 6, which probably is the infected program causing them to spam, to the freenet.de email service, which routed the mail to you.
In this case the computer sending the spam at 178.33.149.181 is probably someone with a malware infection- a virus or worm that has made them controllable by the spammer, probably through their email client, Outlook Express v 6, an old and presumably very insecure program. The spammer uses these infected computers to send out spam for free from a bunch of different sources, to make it harder to catch them.
The attachment, which you shouldn't open as they often contain attempts to infect you or instructions that if followed would result in infection, contained the actual scam. The text of the email itself was just to get you worried enough to open the attachment. You'll notice the attachment isn't readable when looking at the source itself, this is because it was encoded in base64. Probably just to make it slightly more difficult for it to be caught by a spam filter, as the words are encoded.
When unencoded, the attachment says this:
Quote:
{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fswiss\fprq2\fcharset0 Trebuchet MS;}} {\*\generator Msftedit 5.41.21.2508;}\viewkind4\uc1\pard\f0\fs18\par \par \par \par \par \par \par \par THIS IS THE (F.B.I) \par FBI HEADQUARTERS IN WASHINGTON, D.C. \par FEDERAL BUREAU OF INVESTIGATION \par J. EDGAR HOOVER BUILDING \par 935 PENNSYLVANIA AVENUE, \par NW WASHINGTON, D.C. 20535-0001 \par E=MAIL: ( washingtonfbi@washington.usa.com) \par FEDERAL BUREAU OF INVESTIGATION (FBI) \par \par \par \par ATTENTION DEAR THIS IS THE FINAL WARNING YOU ARE GOING TO RECIEVE FROM ME DO YOU GET ME???? I HOPE YOU\rquote RE UNDERSTAND HOW MANY TIMES THIS MESSAGE HAS BEEN SENT TO YOU?. \par \par \par WE HAVE WARNED YOU SO MANY TIME AND YOU HAVE DECIDED TO IGNORE OUR E-MAILS OR BECAUSE YOU BELIEVE WE HAVE NOT BEEN INSTRUCTED TO GET YOU ARRESTED, AND TODAY IF YOU FAIL TO RESPOND BACK TO US WITH THE PAYMENT THEN, WE WOULD FIRST SEND A LETTER TO THE MAYOR OF THE CITY WHERE YOU RESIDE AND DIRECT THEM TO CLOSE YOUR BANK ACCOUNT UNTIL YOU HAVE BEEN JAILED AND ALL YOUR PROPERTIES WILL BE CONFISCATED BY THE FBI. \par \par \par \par WE WOULD ALSO SEND A LETTER TO THE COMPANY/AGENCY THAT YOU ARE WORKING FOR SO THAT THEY COULD GET YOU FIRED UNTIL WE ARE THROUGH WITH OUR INVESTIGATIONS BECAUSE A SUSPECT IS NOT SUPPOSE TO BE WORKING FOR THE GOVERNMENT OR ANY PRIVATE ORGANIZATION. \par \par \par \par YOUR ID WHICH WE HAVE IN OUR DATABASE BEEN SENT TO ALL THE CRIMES AGENCIES IN AMERICA FOR THEM TO INSET YOU IN THEIR WEBSITE AS AN INTERNET FRAUDSTERS AND TO WARN PEOPLE FROM HAVING ANY DEALS WITH YOU. \par \par \par \par THIS WOULD HAVE BEEN SOLVED ALL THIS WHILE IF YOU HAD GOTTEN THE CERTIFICATE SIGNED, ENDORSED AND STAMPED AS YOU WHERE INSTRUCTED IN THE E-MAIL BELOW. \par \par \par THIS IS THE FEDERAL BUREAU OF INVESTIGATION (FBI) AM WRITING IN RESPONSE TO THE E-MAIL YOU SENT TO US \par \par \par \par AND AM USING THIS MEDIUM TO INFORM YOU THAT THERE IS NO MORE TIME LEFT TO WASTE BECAUSE YOU HAVE BEEN GIVEN FROM THE 3RD OF JANUARY. AS STATED EARLIER TO HAVE THE DOCUMENT ENDORSED, SIGNED AND STAMPED WITHOUT FAILURE AND YOU MUST ADHERE TO THIS DIRECTIVES TO AVOID YOU BLAMING YOURSELF AT LAST WHEN WE MUST HAVE ARRESTED AND JAILED YOU FOR LIFE AND ALL YOUR PROPERTIES CONFISCATED. \par \par \par \par YOU FAILED TO COMPLY WITH OUR DIRECTIVES AND THAT WAS THE REASON WHY WE DIDN'T HEAR FROM YOU ON THE \par \par \par 3RD AS OUR DIRECTOR HAS ALREADY BEEN NOTIFIED ABOUT YOU GET THE PROCESS COMPLETED YESTERDAY AND RIGHT NOW THE WARRANT OF ARREST HAS BEEN SIGNED AGAINST YOU AND IT WILL BE CARRIED OUT IN THE NEXT 48HOURS AS STRICTLY SIGNED BY THE FBI DIRECTOR. \par \par \par WE HAVE INVESTIGATED AND FOUND OUT THAT YOU DIDN'T HAVE ANY IDEA WHEN THE FRAUDULENT DEAL WAS COMMITTED WITH YOUR INFORMATION'S/IDENTITY AND RIGHT NOW IF YOU ID IS PLACED ON OUR WEBSITE AS A WANTED PERSON, I BELIEVE YOU KNOW THAT IT WILL BE A SHAME TO YOU AND YOUR ENTIRE FAMILY BECAUSE AFTER THEN IT WILL BE ANNOUNCE IN ALL THE LOCAL CHANNELS THAT YOU ARE WANTED BY THE FBI. \par \par \par \par AS A GOOD CHRISTIAN AND A HONEST MAN, I DECIDED TO SEE HOW I COULD BE OF HELP TO YOU BECAUSE I WOULD NOT BE HAPPY TO SEE YOU END UP IN JAIL AND ALL YOUR PROPERTIES CONFISCATED ALL BECAUSE YOUR INFORMATION'S WAS USED TO CARRY OUT A FRAUDULENT TRANSACTIONS, I CALLED THE EFCC AND THEY DIRECTED ME TO A PRIVATE ATTORNEY WHO COULD HELP YOU GET THE PROCESS DONE AND HE STATED THAT HE WILL ENDORSE, SIGN AND STAMP THE DOCUMENT AT THE SUM OF $220 USD ONLY AND I BELIEVE THIS PROCESS IS CHEAPER FOR YOU. \par \par \par YOU NEED TO DO EVERYTHING POSSIBLE WITHIN TODAY AND TOMORROW TO GET THIS PROCESS DONE BECAUSE OUR DIRECTOR HAS CALLED TO INFORM ME THAT THE WARRANT OF ARREST HAS BEEN SIGNED AGAINST YOU AND ONCE IT HAS BEEN APPROVED, THEN THE ARREST WILL BE CARRIED OUT, AND FROM OUR INVESTIGATIONS WE LEARNT THAT YOU WERE THE PERSON THAT FORWARDED YOUR IDENTITY TO ONE IMPOSTOR/FRAUDSTERS IN NIGERIA LAST YEAR WHEN HE HAD A DEAL WITH YOU ABOUT THE TRANSFER OF SOME ILLEGAL FUNDS INTO YOUR BANK ACCOUNT WHICH IS VALUED AT THE SUM OF $10.500,000.00 USD. \par \par \par I PLEADED ON YOUR BEHALF SO THAT THIS AGENCY COULD GIVE YOU THE 2011/02/26 SO THAT YOU COULD GET \par \par \par THIS PROCESS DONE BECAUSE I LEARNT THAT YOU WERE SENT SEVERAL E-MAIL WITHOUT GETTING A RESPONSE FROM YOU, PLEASE BEAR IT IN MIND THAT THIS IS THE ONLY WAY THAT I CAN BE ABLE TO HELP YOU AT THIS MOMENT OR YOU WOULD HAVE TO FACE THE LAW AND ITS CONSEQUENCES ONCE IT HAS BEFALL ON YOU. \par \par \par YOU WOULD MAKE THE PAYMENT THROUGH MONEY GRAM TRANSFER OR WESTERN UNION MONEY TRANSFER WITH THE BELOW \par DETAILS. \par \par \par RECEIVER NAME ==== PAUL UBA \par COUNTRY========== NIGERIA \par CITY============== LAGOS\par TEXT QUESTION==== URGENT \par TEXT ANSWER===== MATTER \par AMOUNT=====$220 USD \par SENDERS NAME====== \par \par \par SEND THE PAYMENT DETAILS TO ME WHICH ARE SENDERS NAME AND ADDRESS, MTCN NUMBER, TEXT QUESTION AND ANSWER USED AND THE AMOUNT SENT. \par \par \par MAKE SURE THAT YOU DIDN'T HESITATE MAKING THE PAYMENT DOWN TO THE AGENCY BY TODAY SO THAT THEY COULD HAVE THE CERTIFICATE ENDORSED, SIGNED AND STAMPED IMMEDIATELY WITHOUT ANY FURTHER DELAY. \par \par \par \par AFTER ALL THIS PROCESS HAS BEEN CARRIED OUT, THEN WE WOULD HAVE TO PROCEED TO THE BANK FOR THE TRANSFER OF YOUR COMPENSATION FUNDS WHICH IS VALUED AT THE SUM OF $10,500,000.00 USD WHICH WAS SUPPOSE TO HAVE BEEN TRANSFERRED TO YOU ALL THIS WHILE. \par \par \par \par NOTE/ ALL THE CRIMES AGENCIES HAS BEEN CONTACTED ON THIS REGARDS AND WE SHALL TRACE AND ARREST YOU IF YOU DISREGARD THIS INSTRUCTIONS. \par \par \par You are given a grace TODAY to make the payment for the document after which your failure to do that will attract a maximum arrest and finally you will be appearing in court for act of terrorism, money laundering and drug trafficking charges, so be warned not to try any thing funny because you are been watched. \par \par \par \par THANKS AS I WAIT FOR YOUR RESPONSE \par \par \par \par RESPECTIVELY \par AGENT RONALD T. HOSKO.\par EMAIL: fbiagent2@usa.com \par FEDERAL BUREAU OF INVESTIGATION (FBI) \par }
As you can see, apparently "Agent Ronald" and the "FBI" take payments through Western Union in Lagos, Nigera
|
Stonehenge
Alt Center

Registered: 06/20/04
Posts: 14,850
Loc: S.E.
|
Re: e-mail from the FBI.. wtf? [Re: johnm214]
#14036009 - 02/27/11 01:28 PM (12 years, 10 months ago) |
|
|
Gee, i didn't know the fbi had an office in nigeria. You learn something new every day.
Opening attachments is a good way to pick up malware.
-------------------- “A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves largesse from the public treasury. From that moment on, the majority always votes for the candidates promising the most benefits from the public treasury with the result that a democracy always collapses over loose fiscal policy, always followed by a dictatorship.” (attributed to Alexis de Tocqueville political philosopher Circa 1835) Trade list http://www.shroomery.org/forums/showflat.php/Number/18047755
|
johnm214


Registered: 05/31/07
Posts: 17,582
Loc: Americas
|
Re: e-mail from the FBI.. wtf? [Re: Stonehenge]
#14036527 - 02/27/11 03:16 PM (12 years, 10 months ago) |
|
|
Quote:
Stonehenge said:
Opening attachments is a good way to pick up malware.
translating base 64 text to ascii isn't going to infect anyone, and it was useful to demonstrate to the original poster that the quizzical email body was simply a setup for a 419 advance-fee scam.
Its also useful to laugh at the ignorance of the scammers. You really gotta wonder why they couldn't get someone with even a teency bit of knowledge to write these things
|
Trufflicious
Truffle Hunter


Registered: 09/25/10
Posts: 60
Loc: Central California
Last seen: 10 years, 3 months
|
Re: e-mail from the FBI.. wtf? [Re: johnm214]
#14057998 - 03/03/11 12:54 AM (12 years, 10 months ago) |
|
|
hilarious
-------------------- “He is like a man using a candle to look for the sun”
|
lol573
Stranger

Registered: 02/01/11
Posts: 38
Last seen: 12 years, 6 months
|
Re: e-mail from the FBI.. wtf? [Re: Trufflicious]
#14058985 - 03/03/11 09:48 AM (12 years, 10 months ago) |
|
|
agent ronald? The FBI doesn't have time to send out warning e-mails lol.
|
|