419 scam: "Intelligence Monitoring Network System"<dr.franciswilliams@live.com> *****SPAM***** RE: DEAR BENEFICIARY!!! not contacting youePŒë¸"

joewein.de LLC
fighting spam and scams on the Internet

Try our spam filter!
Free trial for 30 days

Home

About Us

Spam

419/Nigeria

Fraud

Contact

"419" Scam – Advance Fee / Fake Lottery Scam

The so-called "419" scam is a type of fraud dominated by criminals from Nigeria and other countries in Africa. Victims of the scam are promised a large amount of money, such as a lottery prize, inheritance, money sitting in some bank account, etc.

Victims never receive this non-existent fortune but are tricked into sending their money to the criminals, who remain anonymous. They hide their real identity and location by using fake names and fake postal addresses as well as communicating via anonymous free email accounts and mobile phones.

Keep in mind that scammers DO NOT use their real names when defrauding people.
The criminals either abuse names of real people or companies or invent names or addresses.
Any real people or companies mentioned below have NO CONNECTION to the scammers!

Read more about such scams here or in our 419 FAQ. Use the Scam-O-Matic to verify suspect emails.

Click here to report a problem with this page.

Some comments by the Scam-O-Matic about the following email:

This email message is a 419 scam. Please see our 419 FAQ for more details on such scams.

Fraud email example:

From: "Intelligence Monitoring Network System"<dr.franciswilliams@live.com>
Reply-To: <drfrancis0@gmail.com>
Date: Thu, 18 Sep 2008 23:43:36 +0100
Subject: *****SPAM***** RE: DEAR BENEFICIARY!!!

Spam detection software, running on the system "mail.tugab.bg", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
The administrator of that system for details.

Content preview: ATM SWIFT CARD CENTER, J. Edgar. Hoover Building Washington
D.C, Tel : 206-666-6052. [...]

Content analysis details: (19.3 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.9 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
[82.128.9.155 listed in zen.spamhaus.org]
1.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL
0.0 MISSING_MID Missing Message-Id: header
2.1 SUBJ_ALL_CAPS Subject is all capitals
1.3 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
[score: 0.5273]
1.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.5 RAZOR2_CF_RANGE_E4_51_100 Razor2 gives engine 4 confidence level
above 50%
[cf: 100]
0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.0 XMAILER_MIMEOLE_OL_1ECD5 XMAILER_MIMEOLE_OL_1ECD5
0.0 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.1 RDNS_DYNAMIC Delivered to trusted network by host with
dynamic-looking rDNS
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
2.0 FAKE_REPLY_C FAKE_REPLY_C
0.5 DYN_RDNS_SHORT_HELO_HTML Sent by dynamic rDNS, short HELO, and HTML
3.1 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
2.8 DOS_OE_TO_MX Delivered direct to MX with OE headers

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.

Anti-fraud resources:

What can you do when you receive 419 spam