/home/smartonegroup/mail/.spam/new/1728887010.M139164P15430.server12.hhost.eg,S=9768,W=9985
Return-Path: <lq2129@wkady.com>
Delivered-To: smartonegroup+spam@server12.hhost.eg
Received: from server12.hhost.eg
	by server12.hhost.eg with LMTP
	id ADTxB+K4DGdGPAAAOMpsuw
	(envelope-from <lq2129@wkady.com>)
	for <smartonegroup+spam@server12.hhost.eg>; Mon, 14 Oct 2024 06:23:30 +0000
Return-path: <lq2129@wkady.com>
Envelope-to: gthorne@smartonegroup.com
Delivery-date: Mon, 14 Oct 2024 09:23:30 +0300
Received: from [187.253.204.87] (port=30894)
	by server12.hhost.eg with esmtp (Exim 4.96.2)
	(envelope-from <lq2129@wkady.com>)
	id 1t0EUK-0004Ze-2L
	for gthorne@smartonegroup.com;
	Mon, 14 Oct 2024 09:23:30 +0300
From: "clinton danh" <lq2129@wkady.com>
To: <gthorne@smartonegroup.com>
Date: 13 Oct 2024 14:51:47 -0800
Message-ID: <001701db1dc6$06d9c622$af18e59e$@wkady.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0014_01DB1DC6.06D55266"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Ac56h7glq9mjd07556h7glq9mjd075==
Content-Language: en-us
X-Spam-Status: Yes, score=29.8
X-Spam-Score: 298
X-Spam-Bar: +++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server12.hhost.eg",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Hello! I am a hacker who has access to your operating system.
    I also have full access to your account. I've been watching you for a few
    months now. The fact is that you were infected with malware through an adult
    site that you visited. 
 Content analysis details:   (29.8 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  3.6 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
                             [187.253.204.87 listed in zen.spamhaus.org]
  4.7 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
  1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
                             bl.spamcop.net
              [Blocked - see <https://www.spamcop.net/bl.shtml?187.253.204.87>]
  1.1 DATE_IN_PAST_06_12     Date: is 6 to 12 hours before Received: date
  0.0 HTML_MESSAGE           BODY: HTML included in message
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                            [187.253.204.87 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
                             The query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                         [187.253.204.87 listed in sa-trusted.bondedsender.org]
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  0.0 BITCOIN_SPAM_03        BitCoin spam pattern 03
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  8.5 KAM_CRIM               Extortion Email
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  2.9 RATWARE_NO_RDNS        Suspicious MsgID and MIME boundary + no rDNS
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  0.2 PDS_BTC_ID             FP reduced Bitcoin ID
  0.0 FSL_BULK_SIG           Bulk signature with no Unsubscribe
  1.2 BITCOIN_EXTORT_01      Extortion spam, pay via BitCoin
  1.4 DOS_OUTLOOK_TO_MX      Delivered direct to MX with Outlook headers
X-Spam-Flag: YES
Subject:  ***SPAM***  Fwd:

This is a multi-part message in MIME format.

------=_NextPart_000_0014_01DB1DC6.06D55266
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hello!

I am a hacker who has access to your operating system.
I also have full access to your account.

I've been watching you for a few months now.
The fact is that you were infected with malware through an adult site =
that you visited.

If you are not familiar with this, I will explain.
Trojan Virus gives me full access and control over a computer or other =
device.
This means that I can see everything on your screen, turn on the camera =
and microphone, but you do not know about it.

I also have access to all your contacts and all your correspondence.

Why your antivirus did not detect malware?
Answer: My malware uses the driver, I update its signatures every 4 =
hours so that your antivirus is silent.

I made a video showing how you satisfy yourself in the left half of the =
screen, and in the right half you see the video that you watched.
With one click of the mouse, I can send this video to all your emails =
and contacts on social networks.
I can also post access to all your e-mail correspondence and messengers =
that you use.

If you want to prevent this,
transfer the amount of $1400 to my bitcoin address (if you do not know =
how to do this, write to Google: "Buy Bitcoin").

My bitcoin address (BTC Wallet) is: =
bc1q7qlm57psphv0gs99pyz7s55pmp2s2vwyk00026

After receiving the payment, I will delete the video and you will never =
hear me again.
I give you 50 hours (more than 2 days) to pay.
I have a notice reading this letter, and the timer will work when you =
see this letter.

Filing a complaint somewhere does not make sense because this email =
cannot be tracked like my bitcoin address.
I do not make any mistakes.

If I find that you have shared this message with someone else, the video =
will be immediately distributed.

Best regards!

------=_NextPart_000_0014_01DB1DC6.06D55266
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META =
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 15 =
(filtered medium)"><style><!--
/* Font Definitions */
@font-face
=09{font-family:"Cambria Math";
=09panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
=09{font-family:Calibri;
=09panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
=09{margin:0in;
=09margin-bottom:.0001pt;
=09font-size:11.0pt;
=09font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
=09{mso-style-priority:99;
=09color:#0563C1;
=09text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
=09{mso-style-priority:99;
=09color:#954F72;
=09text-decoration:underline;}
span.EmailStyle17
=09{mso-style-type:personal-compose;
=09font-family:"Calibri",sans-serif;}
.MsoChpDefault
=09{mso-style-type:export-only;
=09font-family:"Calibri",sans-serif;}
@page WordSection1
=09{size:8.5in 11.0in;
=09margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
=09{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US =
link=3D"#0563C1" vlink=3D"#954F72"><div class=3DWordSection1><p =
class=3DMsoNormal><p>Hello!<br /><br />I am a hacker who has access to =
your operating system.<br />I also have full access to your account.<br =
/><br />I've been watching you for a few months now.<br />The fact is =
that you were infected with malware through an adult site that you =
visited.<br /><br />If you are not familiar with this, I will =
explain.<br />Trojan Virus gives me full access and control over a =
computer or other device.<br />This means that I can see everything on =
your screen, turn on the camera and microphone, but you do not know =
about it.<br /><br />I also have access to all your contacts and all =
your correspondence.<br /><br />Why your antivirus did not detect =
malware?<br />Answer: My malware uses the driver, I update its =
signatures every 4 hours so that your antivirus is silent.<br /><br />I =
made a video showing how you satisfy yourself in the left half of the =
screen, and in the right half you see the video that you watched.<br =
/>With one click of the mouse, I can send this video to all your emails =
and contacts on social networks.<br />I can also post access to all your =
e-mail correspondence and messengers that you use.<br /><br />If you =
want to prevent this,<br />transfer the amount of $1400 to my bitcoin =
address (if you do not know how to do this, write to Google: "Buy =
Bitcoin").<br /><br />My bitcoin address (BTC Wallet) is: =
bc1q7qlm57psphv0gs99pyz7s55pmp2s2vwyk00026<br /><br />After receiving =
the payment, I will delete the video and you will never hear me =
again.<br />I give you 50 hours (more than 2 days) to pay.<br />I have a =
notice reading this letter, and the timer will work when you see this =
letter.<br /><br />Filing a complaint somewhere does not make sense =
because this email cannot be tracked like my bitcoin address.<br />I do =
not make any mistakes.<br /><br />If I find that you have shared this =
message with someone else, the video will be immediately distributed.<br =
/><br />Best regards!</p><o:p></o:p></p></div></body></html>
------=_NextPart_000_0014_01DB1DC6.06D55266--
Path: home/smartonegroup/mail/.spam/new