Part two of the Sampling 419 Advance Fee Scams Activity series, once again aims to provide actionable real-time threat intelligence on a fraudulent segment that continues tricking hundreds of thousands of average Internet users into thinking that they have pending payments, have won the lottery, or someone is basically interested in doing multi-million dollar business with them.
The format of the data obtained over the past 24 hours, is return email plus the original IP of the sender, most of which can be geolocated to African countries.
hsuehyun@ncut.edu.tw - 116.206.139.254
peterjohnson299@yahoo.co.jp - 41.218.232.158
ekwesa@aol.com - 41.138.164.52
info.hsbcbanktransfer@gmail.com - 41.218.251.239
SarinaJensB@web.de - 77.70.128.160
paulmohammed37@yahoo.com - 41.155.81.129
henriondaniellepaulette@yahoo.fr - 81.91.228.78
mainstreamfirm001@gmail.com - 41.155.72.26
wilson201105@hotmail.com - 187.16.224.70
westernun888union@hotmail.com - 41.191.85.209
bt.telecomsgroup@live.co.uk - 202.137.234.123
eco.bankplc.ecobankpl@gmail.com - 41.216.50.26
kwameowus@aol.com - 41.218.233.50
richardjsphs@yahoo.co.jp - 190.213.185.93
mainstreamfirm001@gmail.com - 212.76.68.39
benardodigor@yahoo.com - 41.211.229.23
groupbanofafrica@hotmail.com - 189.86.87.204
wellcometrustloans@post.com - 182.63.1.192
lindominic04@rediffmail.com - 41.28.113.153
rep_leonbecker@yahoo.cn - 41.218.197.240
agwa_james@yahoo.it - 82.128.1.217
mrsmarriogloria@yahoo.co.jp - 41.66.8.132
ralphkoon@yahoo.co.jp - 124.120.130.145
directorofremittance.centralba@gmail.com - 89.221.175.11
legalclaimsdepartment2@lankaemail.com - 41.58.67.161
drbbs@live.com - 111.172.36.231
pn2812768@gmail.com - 77.246.67.82
husainali40@gmail.com - 212.52.152.113
bensonibori@yahoo.com.hk - 82.128.36.25
mraabull@att.net - 41.210.43.36
info@westernu.co.uk - 199.255.209.74
claim_dptupdate@live.com - 82.128.88.173
alhussein.raisin@yahoo.co.nz - 86.97.120.18
adrianyrann5@att.net - 70.39.119.122
dr_larry_west1970@qatar.io - 41.222.192.89
mrgarypalmercode@gmail.com - 41.71.147.248
diplomaticericb78@globomail.com - 81.91.230.137
treasuryoffice@cantv.net - 41.0.52.62
infoun19@oued.org - 41.189.2.105
fbi_54327@hotmail.com - 82.128.109.76
s.b.mail@web.de - 74.115.3.69
maria200495@hotmail.com - 115.132.173.171
ceckamokai@gmail.com - 41.241.148.81
ff123ff69@yahoo.co.nz - 75.126.137.6
mr.colesify@yahoo.co.uk - 115.118.239.95
benkofi003@aol.com - 41.218.239.140
investigationcommite2011@gmail.com - 41.211.229.26
wiesner.heiko@web.de - 41.138.167.198
kwameowus@aol.com - 41.218.245.220
kamaruddinabdullah@w.cn - 120.141.67.94
benobiego@rediffmail.com - 67.247.201.204
See also:
- 419 scammers using Dilbert.com
- 419 scammers using NYTimes.com 'email this feature
- Protection tips for the upcoming FIFA World Cup themed cybercrime campaigns
Historical OSINT remains an inseparable part of the CYBERINT gathering practices, hence the continuation of the Sampling 419 Advance Fee Scams Activity series.
This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.
No comments:
Post a Comment