We don't think so. Most of the people just ignore these messages considering them as dangerous and they are absolutely right. Let's look inside this message. It's very easy to get a little more info if you know how. If you are still using Outlook Express with your Windows XP you can simply take a look at the Source Code of this email message. If you are using Outlook you can simply open the Message Options. Almost any email program can let you look inside your email message, and this is what we need to do now. We intentionally didn't change anything inside this text below. From the very first view this info looks strange, but let's go step by step and see what we can get from this info.
Return-Path: profsanusilmd0@gmail.com
Delivery-Date: Thu, 08 Jul 2010 08:49:52 -0400
Received-SPF: neutral (mxus0: 69.167.140.24 is neither permitted nor denied by domain of gmail.com) client-ip=69.167.140.24; envelope-from=profsanusilmd0@gmail.com; helo=cloud.smokyhosts.net;
Received: from cloud.smokyhosts.net ([69.167.140.24]) by mx.perfora.net (node=mxus0) with ESMTP (Nemesis) id 0M8f2B-1PJKZ12kwV-00vbSh for support@PCYouTrust.com; Thu, 08 Jul 2010 08:49:52 -0400
Received: from localhost ([127.0.0.1]:52776 helo=ismyw.com)
by cloud.smokyhosts.net with esmtpa (Exim 4.69) (envelope-from profsanusilmd0@gmail.com)
id 1OWqWe-0005Ai-E5; Thu, 08 Jul 2010 08:48:24 -0400
Received: from 41.211.227.154 ([41.211.227.154]) (SquirrelMail authenticated user savation@kidportal.ismywebsite.com) by ismyw.com with HTTP;
Thu, 8 Jul 2010 08:48:24 -0400essage-ID: lt;b31fb02a040046762bcca16f1794e243.squirrel@ismyw.com>
Date: Thu, 8 Jul 2010 08:48:24 -0400
Subject: FROM THE DESK OF MALLAM SANUSI LAMIDO AMINU
/// PAYMENT RELEASED
From: "MR.LAMIDO SANUSI" <profsanusilmd0@gmail.com>
Reply-To: <profsanusilmd0@gmail.com>
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - cloud.smokyhosts.net
X-AntiAbuse: Original Domain - pcyoutrust.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - gmail.com
X-Source:
X-Source-Args:
X-Source-Dir:
Envelope-To: support@PCYouTrust.com
Delivery-Date: Thu, 08 Jul 2010 08:49:52 -0400
Received-SPF: neutral (mxus0: 69.167.140.24 is neither permitted nor denied by domain of gmail.com) client-ip=69.167.140.24; envelope-from=profsanusilmd0@gmail.com; helo=cloud.smokyhosts.net;
Received: from cloud.smokyhosts.net ([69.167.140.24]) by mx.perfora.net (node=mxus0) with ESMTP (Nemesis) id 0M8f2B-1PJKZ12kwV-00vbSh for support@PCYouTrust.com; Thu, 08 Jul 2010 08:49:52 -0400
Received: from localhost ([127.0.0.1]:52776 helo=ismyw.com)
by cloud.smokyhosts.net with esmtpa (Exim 4.69) (envelope-from profsanusilmd0@gmail.com)
id 1OWqWe-0005Ai-E5; Thu, 08 Jul 2010 08:48:24 -0400
Received: from 41.211.227.154 ([41.211.227.154]) (SquirrelMail authenticated user savation@kidportal.ismywebsite.com) by ismyw.com with HTTP;
Thu, 8 Jul 2010 08:48:24 -0400essage-ID: lt;b31fb02a040046762bcca16f1794e243.squirrel@ismyw.com>
Date: Thu, 8 Jul 2010 08:48:24 -0400
Subject: FROM THE DESK OF MALLAM SANUSI LAMIDO AMINU
/// PAYMENT RELEASED
From: "MR.LAMIDO SANUSI" <profsanusilmd0@gmail.com>
Reply-To: <profsanusilmd0@gmail.com>
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - cloud.smokyhosts.net
X-AntiAbuse: Original Domain - pcyoutrust.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - gmail.com
X-Source:
X-Source-Args:
X-Source-Dir:
Envelope-To: support@PCYouTrust.com
What do we see here? To make a long story short, take a closer look at the
Received From: string. Here is the IP address that we can check:
41.211.227.154. There are many free services on the
Internet like this one here:
www.whoisip.com. You can actually Google for the IP address above and Google
will provide you many searching engines telling you many details about the
address that you requested. We can use it and make a quick database search at:
https://ws.arin.net/whois/index.html. Below is what we got.
OrgName: African Network Information Center
OrgID: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
NetRange: 41.0.0.0 - 41.255.255.255
CIDR: 41.0.0.0/8
NetName: NET41
NetHandle: NET-41-0-0-0-1
Parent:
NetType: Allocated to AfriNIC
NameServer: NS1.AFRINIC.NET
NameServer: NS-SEC.RIPE.NET
NameServer: NS2.LACNIC.NET
NameServer: TINNIE.ARIN.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
Comment:
RegDate: 2005-04-12
Updated: 2009-05-27
OrgID: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
NetRange: 41.0.0.0 - 41.255.255.255
CIDR: 41.0.0.0/8
NetName: NET41
NetHandle: NET-41-0-0-0-1
Parent:
NetType: Allocated to AfriNIC
NameServer: NS1.AFRINIC.NET
NameServer: NS-SEC.RIPE.NET
NameServer: NS2.LACNIC.NET
NameServer: TINNIE.ARIN.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
Comment:
RegDate: 2005-04-12
Updated: 2009-05-27
OrgAbuseHandle: GENER11-ARIN
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
It is easy to notice that this email message has nothing to Nigeria as it was claimed. Instead, it's absolutely clear where this message came from. We used the Red color above to show that. The country is called Mauritius, the name of the city is Ebene, and even the mail addresses of the Internet Service Provider is available. The best you can do for this person is to send a complaint to his Internet Service Provider (ISP). The Police will be happy to take care of this guy if the ISP forwards the report to them. At least the ISP will simply disable this customer cutting his Internet connection off. The email address to send our complaint is usually on the file when we check the IP address using the method like this one above:
OrgAbuseEmail: abusepoc@afrinic.net
So if you send a short email notice to the ISP including the reason why you are writing, the copy of the original email message, and the copy of the technical info from the email message header, you can make the world a little cleaner. Please never answer these messages if you are not absolutely sure in what you
are doing. There are several examples when people after answering these or similar messages lost everything, like one American man several years ago. He was promised several millions of dollars (usually around $10,000,000 written in digits and words to make the email message more real). All he needed to do was a very simple thing - to send the info about himself, then to transfer some amount
of money to help the attorney to get the money from the bank, then to buy a ticket to meet with this attorney.., then... To make this long story short - he had to sell his own house to send these smart guys several hundreds of thousands of dollars and, when he finally realized that he was tricked and contacted the Police, it was too late. Don't be like him!
are doing. There are several examples when people after answering these or similar messages lost everything, like one American man several years ago. He was promised several millions of dollars (usually around $10,000,000 written in digits and words to make the email message more real). All he needed to do was a very simple thing - to send the info about himself, then to transfer some amount
of money to help the attorney to get the money from the bank, then to buy a ticket to meet with this attorney.., then... To make this long story short - he had to sell his own house to send these smart guys several hundreds of thousands of dollars and, when he finally realized that he was tricked and contacted the Police, it was too late. Don't be like him!
No comments:
Post a Comment