| Linux server.clickboxgo.com 3.10.0 #1 SMP Mon Sep 30 15:36:27 MSK 2024 x86_64 Path : /home/clickboxgo/mail/new/ |
| Current File : /home/clickboxgo/mail/new/1756519836.M660977P29024.server.clickboxgo.com,S=10899,W=11116 |
Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from server.clickboxgo.com
by server.clickboxgo.com with LMTP
id qOi7JpxdsmhgcQAA2xCSNQ
(envelope-from <[email protected]>)
for <[email protected]>; Fri, 29 Aug 2025 22:10:36 -0400
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Fri, 29 Aug 2025 22:10:36 -0400
Received: from syn-024-103-077-102.biz.spectrum.com ([24.103.77.102]:12951)
by server.clickboxgo.com with esmtp (Exim 4.98.1)
(envelope-from <[email protected]>)
id 1usB34-000000007XY-3B0Y
for [email protected];
Fri, 29 Aug 2025 22:10:36 -0400
Message-ID: <793BD7256595C997D539CB8B7B27793B@9CJW7YHVAHX>
From: "vern ramchandra" <[email protected]>
To: <[email protected]>
Date: 29 Aug 2025 16:36:51 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0036_01DC1931.022C2E16"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-Spam-Status: Yes, score=31.0
X-Spam-Score: 310
X-Spam-Bar: +++++++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server.clickboxgo.com",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Consider this message as your last warning. We hacked your
system! We have copied all the data from your device to our own servers.
Curious videos were recorded from your camera and your actions while [...]
Content analysis details: (31.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
The query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[24.103.77.102 listed in sa-accredit.habeas.com]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[24.103.77.102 listed in bl.score.senderscore.com]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?24.103.77.102>]
1.6 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
0.0 HTML_MESSAGE BODY: HTML included in message
1.8 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
2.6 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
8.5 KAM_CRIM Extortion Email
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
0.0 BITCOIN_VISTA Bitcoin + old MSFT msgid format
1.2 BITCOIN_SPAM_03 BitCoin spam pattern 03
1.0 KAM_HTMLNOISE Spam containing useless HTML padding
0.0 BITCOIN_SPAM_09 BitCoin spam pattern 09
0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
Alignment
0.9 BITCOIN_XPRIO Bitcoin + priority
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.5 PDS_BTC_ID FP reduced Bitcoin ID
2.0 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP
addr 1)
0.0 PDS_BTC_MSGID Bitcoin ID with T_MSGID_NOFQDN2
0.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX
0.0 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
(FTSDMCXX/boundary variant) + direct-to-MX
0.1 BITCOIN_DEADLINE BitCoin with a deadline
2.5 DOS_OE_TO_MX Delivered direct to MX with OE headers
X-Spam-Flag: YES
Subject: ***SPAM*** Fwd:
This is a multi-part message in MIME format.
------=_NextPart_000_0036_01DC1931.022C2E16
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Consider this message as your last warning.
We hacked your system!
We have copied all the data from your device to our own servers.
Curious videos were recorded from your camera and your actions while =
watching porn.
Your device was infected with our virus when you visited the porn site.
The Trojan virus gives us full access, allows us to control your device.
The virus allows not only to see your screen, but also to turn on your =
camera, microphone, without your knowledge.
We took over the video from your screen and camera, then we mounted a =
video in which you can see you watching porn in one part of the screen =
and masturbating in the other.
But that’s not all! We have access to all the contacts in your =
phone book and social networks.
It won’t take us long to send this video to your friends, family =
and friends on social networks, messengers and email in minutes.
We have a lot of audio recordings of your personal conversations, where =
a lot of “interesting” things are revealed!
This information can destroy your reputation once and for all in a =
matter of minutes.
You have an opportunity to prevent irreversible consequences.
To do this:
Transfer 1300 $ USD (US dollars) to our bitcoin wallet.
Don’t know how to make a transfer? Enter the query “Buy =
bitcoins” into the search field.
Our bitcoin wallet bc1qny9ycp7lmfljjzcptknk3qxu09qpu08740vug2
After making the payment, your video and audio recordings will be =
completely destroyed and you can be 100% sure that we won’t bother =
you again.
You have time to think about it and make the transfer - 50 hours!
After you read this letter, we will get an automatic notification. From =
that moment on, the timer will start.
It is useless to complain, because bitcoin-wallets cannot be tracked, as =
well as the mail from which the letter arrived to you.
We also do not advise you to send this letter to anybody.
In this case the system will automatically send a request to the server, =
and all data will be published in social networks and messengers.
You will not be able to solve the problem by changing passwords in =
social networks, as all the information is already downloaded to the =
cluster of our servers.
Think about what your reputation means to you and how much the =
consequences will be.
You have 50 hours.
------=_NextPart_000_0036_01DC1931.022C2E16
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.5512" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<!DOCTYPE html><html><head><meta =
charset=3D"utf-8"><title></title><style></style></head><body =
id=3D"preview">
<p class=3D"has-line-data" data-line-start=3D"0" =
data-line-end=3D"5">Consider this message as your last warning.<br>
We hacked your system!<br>
We have copied all the data from your device to our own servers.<br>
Curious videos were recorded from your camera and your actions while =
watching porn.<br>
Your device was infected with our virus when you visited the porn =
site.</p>
<p class=3D"has-line-data" data-line-start=3D"6" data-line-end=3D"8">The =
Trojan virus gives us full access, allows us to control your device.<br>
The virus allows not only to see your screen, but also to turn on your =
camera, microphone, without your knowledge.</p>
<p class=3D"has-line-data" data-line-start=3D"9" data-line-end=3D"11">We =
took over the video from your screen and camera, then we mounted a video =
in which you can see you watching porn in one part of the screen and =
masturbating in the other.<br>
But that’s not all! We have access to all the contacts in your =
phone book and social networks.</p>
<p class=3D"has-line-data" data-line-start=3D"13" =
data-line-end=3D"16">It won’t take us long to send this video to =
your friends, family and friends on social networks, messengers and =
email in minutes.<br>
We have a lot of audio recordings of your personal conversations, where =
a lot of “interesting” things are revealed!<br>
This information can destroy your reputation once and for all in a =
matter of minutes.</p>
<p class=3D"has-line-data" data-line-start=3D"17" =
data-line-end=3D"20">You have an opportunity to prevent irreversible =
consequences.<br>
To do this:<br>
Transfer 1300 $ USD (US dollars) to our bitcoin wallet.</p>
<p class=3D"has-line-data" data-line-start=3D"21" =
data-line-end=3D"23">Don’t know how to make a transfer? Enter the =
query “Buy bitcoins” into the search field.<br>
Our bitcoin wallet bc1qny9ycp7lmfljjzcptknk3qxu09qpu08740vug2</p>
<p class=3D"has-line-data" data-line-start=3D"24" =
data-line-end=3D"26">After making the payment, your video and audio =
recordings will be completely destroyed and you can be 100% sure that we =
won’t bother you again.<br>
You have time to think about it and make the transfer - 50 hours!</p>
<p class=3D"has-line-data" data-line-start=3D"27" =
data-line-end=3D"30">After you read this letter, we will get an =
automatic notification. From that moment on, the timer will start.<br>
It is useless to complain, because bitcoin-wallets cannot be tracked, as =
well as the mail from which the letter arrived to you.<br>
We also do not advise you to send this letter to anybody.</p>
<p class=3D"has-line-data" data-line-start=3D"31" =
data-line-end=3D"34">In this case the system will automatically send a =
request to the server, and all data will be published in social networks =
and messengers.<br>
You will not be able to solve the problem by changing passwords in =
social networks, as all the information is already downloaded to the =
cluster of our servers.<br>
Think about what your reputation means to you and how much the =
consequences will be.</p>
<p class=3D"has-line-data" data-line-start=3D"35" =
data-line-end=3D"36">You have 50 hours.</p>
</body></html></BODY></HTML>
------=_NextPart_000_0036_01DC1931.022C2E16--