/home/smartonegroup/mail/.spam/new/1754645579.M938543P1066300.server11.hhost.eg,S=7451,W=7572
Return-Path: <hjkim@smartonegroup.com>
Delivered-To: smartonegroup+spam@server11.hhost.eg
Received: from server11.hhost.eg
	by server11.hhost.eg with LMTP
	id 4PSJN0vElWg8RRAAq0RAHw
	(envelope-from <hjkim@smartonegroup.com>)
	for <smartonegroup+spam@server11.hhost.eg>; Fri, 08 Aug 2025 09:32:59 +0000
Return-path: <hjkim@smartonegroup.com>
Envelope-to: hjkim@smartonegroup.com
Delivery-date: Fri, 08 Aug 2025 09:32:59 +0000
Received: from [41.59.41.241] (port=34433)
	by server11.hhost.eg with esmtp (Exim 4.98.2)
	(envelope-from <hjkim@smartonegroup.com>)
	id 1ukJT8-00000004TVo-0Y8t
	for hjkim@smartonegroup.com;
	Fri, 08 Aug 2025 09:32:59 +0000
Message-ID: <260C5C1EA8764EEAC090D264BA82260C@MGW4YI8O>
From: <hjkim@smartonegroup.com>
To: <hjkim@smartonegroup.com>
Date: 8 Aug 2025 10:24:13 +0000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-3"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931
X-Spam-Status: Yes, score=24.6
X-Spam-Score: 246
X-Spam-Bar: ++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server11.hhost.eg",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Greetings!<br> Have you seen lately my e-mail to you from
   an account of yours?<br> Yeah, that merely confirms that I have gained a complete
    access to device of yours.<br> <br> Within the past several [...] 
 Content analysis details:   (24.6 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
                [Blocked - see <https://www.spamcop.net/bl.shtml?41.59.41.241>]
  0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to
                             zen.spamhaus.org was blocked due to usage of an
                              open resolver. See
                             https://www.spamhaus.org/returnc/pub/
                             [41.59.41.241 listed in zen.spamhaus.org]
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [41.59.41.241 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [41.59.41.241 listed in sa-accredit.habeas.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                           [41.59.41.241 listed in sa-trusted.bondedsender.org]
  0.0 T_SPF_TEMPERROR        SPF: test of record failed (temperror)
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  0.2 KAM_DMARC_NONE         DKIM has Failed or SPF has failed on the message and
                             the domain has no DMARC policy
  0.0 BITCOIN_VISTA          Bitcoin + old MSFT msgid format
  1.8 BITCOIN_SPAM_07        BitCoin spam pattern 07
  8.5 KAM_CRIM               Extortion Email
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  1.3 HDR_ORDER_FTSDMCXX_NORDNS Header order similar to spam
                             (FTSDMCXX/boundary variant) + no rDNS
  0.0 PDS_BTC_MSGID          Bitcoin ID with T_MSGID_NOFQDN2
  3.5 BITCOIN_TOEQFM         Bitcoin + To same as From
  0.5 PDS_BTC_ID             FP reduced Bitcoin ID
  0.0 TO_EQ_FM_DIRECT_MX     To == From and direct-to-MX
  1.3 BITCOIN_XPRIO          Bitcoin + priority
  0.0 MIMEOLE_DIRECT_TO_MX   MIMEOLE + direct-to-MX
  3.1 DOS_OE_TO_MX           Delivered direct to MX with OE headers
  1.1 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
                             (FTSDMCXX/boundary variant) + direct-to-MX
X-Spam-Flag: YES
Subject:  ***SPAM***  Pending for payment.

Greetings!<br>
Have you seen lately my e-mail to you from an account of yours?<br>
Yeah, that merely confirms that I have gained a complete access to device of yours.<br>
<br>
Within the past several months, I was observing you.<br>
Are you still surprised how could that happen? Frankly speaking, malware has infected your devices and it's coming from an adult website, which you used to visit. <br>
Although all this stuff may seem unfamiliar to you, but let me try to explain that to you.<br>
<br>
With aid of Trojan Viruses, I managed to gain full access to any PC or other types of devices.<br>
That merely means that I can watch you whenever I want via your screen just by activating your camera as well as microphone, while you don't even know about that. <br>
Moreover, I have also received access to entire contacts list as well as full correspondence of yours.<br>
<br>
You may be wondering, "However, my PC is protected by a legitimate antivirus, so how could that happen? Why couldn't I get any alerts?" <br>
To be honest, the reply is quite straightforward: malware of mine utilizes drivers, which update the signatures on 4-hourly basis, <br>
which turns them to become untraceable, and hereby making your antivirus remain idle.<br>
<br>
I have collected a video on the left screen where you enjoy wanking, while the video on the right screen shows the video you were watching at that point of time.<br>
Still puzzled how much damage could that cause? One mouse click is enough for me to share this video to your social networks, as well as e-mail contacts of yours.<br>
In addition, I am also able to gain access to all e-mail correspondence as well as messengers used by you.<br>
<br>
Below are simple steps required for you to undertake in order to avoid that from occurring - transfer $1550 in Bitcoin equivalent to my wallet <br>
(if you don't know how to complete that, just open your browser and make a google search: "Buy Bitcoin").<br>
<br>
My bitcoin wallet address (BTC Wallet) is:12bkAGB57xThvBC2w4sDcAHevcF3qin8dq<br>
<br>
Once the payment has been confirmed, I shall remove the video without delay, and that is end of story - afterwards you won't hear about me again for sure.<br>
The time for you to perform the transaction is 2 days (48 hours).<br>
After this e-mail is opened by you, I will get an automatic notice, which will start my timer.<br>
<br>
Any effort to complain will not change anything at all, because this e-mail is simply untraceable, just like my bitcoin address.<br>
I have been developing these plans for quite an extended period of time; so, don't expect any mistake from my side. <br>
<br>
If, get to know that you tried to send this message to anyone else, I will distribute your video as described earlier.<br>
Path: home/smartonegroup/mail/.spam/new