“account-servicesecurity@yahoo-email.com”

HACKER / SPOOFED EMAIL

Subject: Important message regarding your account
From: account-servicesecurity@yahoo-email.com Freehill-pauls@att.net

Dear Yahoo User,

Your E-mail account has exceeded its limit and needs to be verified, if not verified within 24 hours, we shall suspend your account, CLICK HERE to verify your email account now.

Regards,
Yahoo! Account Services

Return-Path: Freehill-pauls@att.net
X-Originating-IP: [77.238.189.201]
Authentication-Results: mta1416.mail.gq1.yahoo.com
Received: from 127.0.0.1 (HELO nm4-vm1.bullet.mail.ird.yahoo.com) (77.238.189.201)
by mta1416.mail.gq1.yahoo.com with SMTP; Wed, 19 Jun 2013 09:30:53 +0000
Received: from [77.238.189.232] by nm4.bullet.mail.ird.yahoo.com with NNFMP; 19 Jun 2013 09:30:51 -0000
Received: from [46.228.39.114] by tm13.bullet.mail.ird.yahoo.com with NNFMP; 19 Jun 2013 09:30:51 -0000
Received: from [127.0.0.1] by smtp151.mail.ir2.yahoo.com with NNFMP; 19 Jun 2013 09:30:51 -0000
X-Yahoo-Newman-Id: 579606.98140.bm@smtp151.mail.ir2.yahoo.com
Message-ID: <579606.98140.bm@smtp151.mail.ir2.yahoo.com>
X-Yahoo-SMTP: HhWIEJGswBBaDk3UAV3a_zj3etz02wg6yx_UT0ONXUSH7qk-
by smtp151.mail.ir2.yahoo.com with SMTP; 19 Jun 2013 09:30:51 +0000 UTC
From: account-servicesecurity@yahoo-email.com <Freehill-pauls@att.net>
Subject: Important message regarding your account
X-Antivirus: avast! (VPS 130618-0, 06/18/2013), Outbound message

 

“Microsoft Windows Team”

PHISHING ATTACK / HACKER

Microsoft Windows Update
From: “Microsoft Windows Team” <noreply@microsoft.com> Return-Path: apache@shipment.xsense.co.th

Dear Windows User,

It has come to our attention that your microsoft office records are out of date. Every single Windows installation needs to be accompanied by a valid email for proper verification purpose.

This requires you to verify the Email Account. Failure to verify your records might result in account suspension. Use the link below to verify and confirm your records.

Thank you,

Microsoft Windows Team.

———-

Return-Path: <apache@shipment.xsense.co.th>
X-YahooFilteredBulk: 58.64.30.166
X-Originating-IP: [58.64.30.166]
Authentication-Results: mta1080.mail.ne1.yahoo.com
Received: from 127.0.0.1 (EHLO shipment.xsense.co.th) (58.64.30.166) by mta1080.mail.ne1.yahoo.com with SMTP; Fri, 26 Apr 2013 06:04:49 +0000
Received: from shipment.xsense.co.th (localhost.localdomain [127.0.0.1]) by shipment.xsense.co.th (8.13.1/8.13.1) with ESMTP id r3Q64gMM016043
Received: (from apache@localhost) by shipment.xsense.co.th (8.13.1/8.13.1/Submit) id r3Q64goF016042;
From: Microsoft Windows Team <noreply@microsoft.com>
Subject: Microsoft Windows Update
X-Mailer: PHPMailer (phpmailer.sourceforge.net) [version ]

 

“WellsFargo”

ONLINE FRAUD / PHISHING SCAM

Subject: 1 new message

Your online access has been temporarily suspended

We recently detected failed attempts to provide the correct answers to your security questions. As a result, we temporarily suspended online access to your account.
For immediate access to your account, click : Sign On to Wells Fargo Online and proceed with the verification process.
Security questions are one of the ways Wells Fargo confirms your identity. For your protection, Wells Fargo safeguards your account whenever there is a possibility that someone other than you is attempting to sign on.
Sincerely,
Wells Fargo Online Customer Service
Please do not reply to this email directly. To ensure a prompt and secure response, sign on to email us.
31eh7a45-1355-4t5c-te17- 123504u38dkrl

Return-Path: <no-reply@biem.net>
X-YahooFilteredBulk: 94.229.33.233
Received-SPF: fail (domain of biem.net does not designate 94.229.33.233 as permitted sender)
X-Originating-IP: [94.229.33.233]
Authentication-Results: mta1499.mail.bf1.yahoo.com from=biem.net; domainkeys=neutral (no sig); from=biem.net; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO mail.moonshineq.net) (94.229.33.233) by mta1499.mail.bf1.yahoo.com with SMTP; Wed, 15 May 2013 16:10:58 +0000
Received: by mail.moonshineq.net (Postfix, from userid 5003) id ED36434C35B8; Wed, 15 May 2013 18:10:57 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on vps242.xel.cz
X-Spam-Level: ***
X-Spam-Status: No, score=3.5 required=5.0 tests=ALL_TRUSTED,BAYES_50, HTML_EXTRA_CLOSE,HTML_IMAGE_ONLY_32,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG, MIME_HTML_ONLY,MIME_QP_LONG_LINE,MISSING_HEADERS,REPLYTO_WITHOUT_TO_CC autolearn=no version=3.3.1
Received: from biem.net (unknown [205.204.94.129]) (Authenticated sender: test@moonshineq.net) by mail.moonshineq.net (Postfix) with ESMTPA id 0A8B134C34A3; Wed, 15 May 2013 18:08:43 +0200 (CEST)
Reply-To: no-reply@biem.net
From: “WellsFargo” <no-reply@biem.net>
Subject: 1 new message
Message-ID: <20130515090732.18758B2703054FC7@biem.net>

Wells Fargo no-reply@biem.net

 

“UPS Courier Service”

WARNING – EMAIL SCAM / UPS PHISHING ATTACK

Account Suspended: Update Your Information
From: “UPS Courier Service” <activationserver@ups.com>

Dear Customer:

UPS Courier Service!

This message is to confirm that your online access have been suspended due to billing error.
We will review the activity on your account with you and upon verification, we will remove any retrictions placed on your account
We hope you enjoy the ease and convenience you’ll get with the ability to manage your UPS accounts from almost anywhere you are.

To access and activate your account, simply click the link below.

https://www.ups.com/us/activation ← ATTN: This is a spoofed link and NOT a legit UPS website.

The entire activation should take only 5 minutes of your time. Please complete the activation by now
Sincerely,

Thank you for being a valued customer

UPS,

Return-Path: tfcadmin@u16050260.onlinehome-server.com
X-YahooFilteredBulk: 74.208.74.16
Received-SPF: none (domain of u16050260.onlinehome-server.com does not designate permitted sender hosts)
X-Originating-IP: [74.208.74.16]
Authentication-Results: mta1534.mail.bf1.yahoo.com from=ups.com; domainkeys=neutral (no sig); from=ups.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO u16050260.onlinehome-server.com) (74.208.74.16) by mta1534.mail.bf1.yahoo.com with SMTP; Thu, 09 May 2013 01:29:45 +0000
Received: by u16050260.onlinehome-server.com (Postfix, from userid 10013) id CEB65D099; Mon, 6 May 2013 21:24:17 -0400 (EDT)
From: UPS Courier Service activationserver@ups.com
Subject: Account Suspended: Update Your Information
Message-ID: <3dfa45d367d9e24c2e74d18b1d205288@thefcove.com>
X-Mailer: PHPMailer (phpmailer.sourceforge.net) [version ]

 

“Paypal Service Support”

WARNING – EMAIL SCAM / PAYPAL PHISHING ATTACK

Subject: Notice Of Policy Uptadeþ

This is an automated email, please do not reply

Dear PayPal User
Your account has been limited : You Must Confirm Your Information!

Please click on the following link to Confirm It:

Click here to Confirm Your Account Information.

You Must Confirm Your Information To Save It .

Thanks You For Helping,
The PayPal Team

Need Assistance?
We’re happy to help by phone at 1-514-748-5774, Monday to Friday 9:00am to 5:00 pm EST, or by email
Copyright 2012. All rights reserved. PayPal

Email ID: 15464

Return-Path: west-heaton.co.uk@hosts.co.uk
X-YahooFilteredBulk: 85.233.160.25
Received-SPF: pass (domain of hosts.co.uk designates 85.233.160.25 as permitted sender)
X-Originating-IP: [85.233.160.25]
Authentication-Results: mta1107.mail.gq1.yahoo.com from=hosts.co.uk
Received: from 127.0.0.1 (EHLO outgoing-smtp.namesco.net) (85.233.160.25) by mta1107.mail.gq1.yahoo.com
Received: from [192.168.0.76] (helo=nutmeg.hosts.co.uk) by outgoing-smtp.namesco.net with esmtp (Exim 4.72) (envelope-from <west-heaton.co.uk@hosts.co.uk>) id 1UOXgz-0003sR-6K
Received: from west-heaton.co.uk by nutmeg.hosts.co.uk with local (Exim 4.69) (envelope-from <west-heaton.co.uk@hosts.co.uk>) id 1UOXgy-0005Gn-CD
Subject: Notice Of Policy Uptade<FE>
From: <Paypal@ServiceSupport.com>
Reply-To: Paypal@ServiceSupport.com
Message-Id: <E1UOXgy-0005Gn-CD@nutmeg.hosts.co.uk>
Sender: <west-heaton.co.uk@hosts.co.uk>
X-namescosender: 334336 45679
X-namesco: 192.168.0.151
X-Spam-Score: 2.0 (++)

Paypal@ServiceSupport.com <Paypal@ServiceSupport.com> 1-5147485774

 

“Additional Verification Needed”

WARNING – EMAIL HACKER / PHISHING ATTACK

From: sanjuanitaroemhild@yahoo.com <sanjuanitaroemhild@yahoo.com>
Date: Wed, Mar 27, 2013 at 1:04 PM
Subject: Additional Verification Needed

Daisy,

Your email to our ad triggered our spam mail filter. We need you to
prove you’re not a bot before your email is delivered.

Please make sure to include this email address.
This is the link, it is unique to you: Verification Process

We thank you for your patience and enjoy your Wednesday.

Sanjuanita Roemhild
Phone Verification Agent

 

Spam Sender

WARNING – PHISHING ATTACK / SPAM / MALWARE

If you’ve received an email similar to the ones below, do not click the links. I haven’t clicked and I searched the Internet and it appears other email users who clicked them say it contains malware / viruses so be cautious.

Health Coverage Results – BlueCross BlueShield
From: “Cobra Health Insurance Quotes” <info@locationvisit.com>
To: undisclosed-recipients

—Click Show Images To Enable Links.———————————————————————————————————

Return-Path: <info@locationvisit.com>
X-YahooFilteredBulk: 5.78.137.215
Received-SPF: pass (domain of locationvisit.com designates 5.78.137.215 as permitted sender)
X-Originating-IP: [5.78.137.215]
Authentication-Results: mta1291.mail.ac4.yahoo.com from=locationvisit.com; domainkeys=neutral (no sig); from=locationvisit.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO mp-cgo-fdl.k.pr.locationvisit.com) (5.78.137.215) by mta1291.mail.ac4.yahoo.com with SMTP; Tue, 26 Mar 2013 22:47:23 -0700
Received: from mp-cgo-fdl.k.pr.locationvisit.com (mp-cgo-fdl.k.pr.locationvisit.com [5.78.137.215]]) by mp-cgo-fdl.k.pr.locationvisit.com id oIpRcRonQnJyMs; 27 Mar 2013 01:46:55 -0400 (envelope-from <info@locationvisit.com>)
Message-Id: <20130327032599.5020D9DE7@locationvisit.com>
X-Unsubscribe: 42485a0c32f2964c5c4496d739e8586dcec95c5c
From: Cobra Health Insurance Quotes info@locationvisit.com
Subject: =?UTF-8?B?SGVhbHRoIENvdmVyYWdlIFJlc3VsdHMgLSBCbHVlQ3Jvc3MgQmx1ZVNoaWVsZA==?=

$2,500 in [62 Minutes]Thursday, March 26, 2037 6:12 AM
From: “Direct Deposit” <info@sitesupermart.com>
To: undisclosed-recipients

—Click Show Images To Enable Links.———————————————————————————————————
Please click the “Not Spam” button above to visit links.
Wake Up Tomorrow With An Extra $2,500 In Your Bank Account!
Online Personal Loan Approval with NO Credit Checks
Good Credit * Bad Credit * No Credit

365 Day Loans is different in a very distinct way.
It’s fast, it’s secure and absolutely confidential.

Return-Path: info@cooltourdance.com
X-YahooFilteredBulk: 197.238.136.176
Received-SPF: pass (domain of cooltourdance.com designates 197.238.136.176 as permitted sender)
X-Originating-IP: [197.238.136.176]
Authentication-Results: mta1099.mail.gq1.yahoo.com from=; domainkeys=neutral (no sig); from=sitesupermart.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO ton-cgm-dpn.cso.fhr.cooltourdance.com) (197.238.136.176) by mta1099.mail.gq1.yahoo.com with SMTP; Mon, 25 Mar 2013 23:16:17 -0700
Received: from ton-eeq-dpn.cso.fhr.sitesupermart.com (ton-eeq-dpn.cso.fhr.sitesupermart.com [197.238.228.176]]) by ton-eeq-dpn.cso.fhr.sitesupermart.com id pJV10rees0AMTq; 26 Mar 2013 02:12:00 -0400 (envelope-from <info@sitesupermart.com>)
Message-Id: <20130326329072.A1BBF0C4F@sitesupermart.com>
X-R-HASH: 5e44d3b1c4b62348d7de845099ae2c46a8c60a20
From: =?ISO-8859-1?B?RGlyZWN0IERlcG9zaXQ=?= info@sitesupermart.com
Subject: =?UTF-8?B?JDIsNTAwIGluIFs2MiBNaW51dGVzXQ==?=

This site contains Malware: http://anubis.iseclab.org/?action=result&task_id=18e3f89b0e02989e46166fa&#8230;
Unsolicited Spam Originating From: Mt. Laurel New Jersey (159.135.84.108)
Originating Network(s): flrsbx.com
Date Received: 2/1/2013
Click Link: click.lvingguide.in (Yet another spam from Carlos Sanchez)
Location: jump.zeromargin.com
Received From:
Redirect:
Return Path: locationvisit.com
Contents of Spam:
From: View My Pic’s <info@locationvisit.com>
Sent: Monday, January 18, 2038 9:14 PM
Subject: WHY WAIT HAVE AN AFFAIR WITH A CHEATING WIFE TODAY “

locationvisit.com — Direct Deposit <info@travelcardsite.com> Wake Up Tomorrow With An Extra $2,500 In Your Bank Account! Unsolicited spam originating from flrsbx.com in Mt. Laurel, New Jersey 159.135.234.244 Click link is click.supertuhan.in

From LendingTree
Return-Path: <info@vacationsend.com> info@vacationsend.com
X-YahooFilteredBulk: 170.25.74.9
Received-SPF: pass (domain of vacationsend.com designates 170.25.74.9 as permitted sender)
X-Originating-IP: [170.25.74.9]
Authentication-Results: mta1086.mail.gq1.yahoo.com from=clickbigcity.com; domainkeys=neutral (no sig); from=clickbigcity.com; dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO sy-oi-t.coa.fl.vacationsend.com) (170.25.74.9) by mta1086.mail.gq1.yahoo.com with SMTP; Mon, 25 Mar 2013 23:09:47 -0700
Received: from sy-ei-t.com.ddn.clickbigcity.com (sy-ei-t.com.ddn.clickbigcity.com [176.116.24.9]]) by sy-ei-t.com.ddn.clickbigcity.com id iQSp5KVvKzr5C5; 26 Mar 2013 02:09:08 -0400 (envelope-from <info@clickbigcity.com>)
Message-Id: <20130326071504.A33A005BC@clickbigcity.com>
X-R-HASH: 654c9fea4ab25d58bef7c104e2f74a8cd734dc7a
From: LendingTree info@clickbigcity.com
654c9fea4ab25d58bef7c104e2f74a8cd734dc7a@clickbigcity.com
Subject: =?UTF-8?B?TW9ydGdhZ2UgUmF0ZXMgYXJlIEhpc3RvcmljYWxseSBMb3chIFNlZSBJZiBZb3UgQ291bGQgU2F2ZSBXaXRoIExlbmRpbmdUcmVlIQ==?=

Mortgage Rates are Historically Low! See If You Could Save With LendingTree!

—Click Show Images To Enable Links.———————————————————————————————————
See LendingTree Advertising Disclosures

LendingTree, LLC is a duly licensed mortgage broker, as required, with its main office located at 11115 Rushmore Dr., Charlotte, NC 28277, Telephone number 1-800-555-8733. NMLS Unique Identifier #1136.

LendingTree, LLC is known as LT Technologies in Lieu of true name, LendingTree, LLC in NY. For a current list of applicable state licensing & disclosures, see the LendingTree website or call for details.

This is a commercial email from LendingTree. If you would like to unsubscribe, read our Privacy Policy or Terms of Use, or see how LendingTree is licensed.

LendingTree, LLC: Unsubscribe

 

“Your AOL! Account Termination Request”

AOL PHISHING ATTACK / HACKERS

From: sheilagoldfinger@aol.com
Sent: 3/22/2013 10:41:02 A.M. Eastern Daylight Time
Subject: Your AOL! Account Termination Request.

Scheduled Maintenance

Dear AOL Customer,

You submitted a request to terminate your AOL Mail Account and the process has started by our AOL Mail Team, Please give us 3 working days to close your AOL Mail Account.

To cancel the termination request click http://cancel.mail.aol.com/neo/cancel? ← Actual URL will bring you to a spoofed website.

All folders contains on your AOL Mail Account including (Inbox, Sent, Spam, Trash, Draft, Folders) will be deleted and access to your AOL Mail Account will be Denied.

If you wish to terminate your present AOL Mail Account, you can Sign Up for a new AOL Mail Account by clicking.https://edit.aol.com/registration?

For further help please contact support

Regards,
AOL Mail Account Services
____________________________________________________
Please do not reply to this message. Mail sent to this address cannot be answered.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

From: bocahardy <bocahardy@aol.com>
cayden.joshua <cayden.joshua@aol.com>
Sent: Sat, Mar 23, 2013 4:32 pm
Subject: Your AOL! Account Termination Request.

Scheduled Maintenance

Dear AOL Customer, 

You submitted a request to terminate your AOL Mail Account and the process has started by our AOL Mail Team, Please give us 3 working days to close your AOL Mail Account.

To cancel the termination request click http://cancel.mail.aol.com/neo/cancel? ← Actual URL will bring you to a spoofed website.

All folders contains on your AOL Mail Account including (Inbox, Sent, Spam, Trash, Draft, Folders) will be deleted and access to your AOL Mail Account will be Denied.

If you wish to terminate your present AOL Mail Account, you can Sign Up for a new AOL Mail Account by clicking.https://edit.aol.com/registration?  ← Actual URL will bring you to a spoofed website.

For further help please contact support

Regards,
AOL Mail Account Services
____________________________________________________
Please do not reply to this message. Mail sent to this address cannot be answered.

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

From: © AOL bszil94998@aol.com Return-Address: <bszil94998@aol.com>

Dear User,

 

Unusual activity was detected on your account by the review team. Please Confirm your account. ← Actual URL will bring you to a spoofed website.

 

Sorry for the inconveniences.

 

Aol Support.

Return-Path: <bszil94998@aol.com>
Received: from core-mce003b.r1000.mail.aol.com (core-mce003.r1000.mail.aol.com [172.29.40.214])
by mtaomg-mb01.r1000.mx.aol.com (OMAG/Core Interface) with ESMTP id B8E14E000088;
References: <8CFED89CAEA990C-1114-AA92@Webmail-d109.sysops.aol.com> <8CFED8A40A50E4B-1114-AAE4@Webmail-d109.sysops.aol.com> <8CFED8A59C4F135-1114-AAFA@Webmail-d109.sysops.aol.com> <8CFED8A8B4D6C42-1114-AB25@Webmail-d109.sysops.aol.com>
Subject: Security Alert! Confirm Your Account
In-Reply-To: <8CFED8A8B4D6C42-1114-AB25@Webmail-d109.sysops.aol.com>
X-MB-Message-Source: WebUI
From: “=?utf-8?Q?=C2=A9_AOL?=” <bszil94998@aol.com>
X-MB-Message-Type: User
Content-Type: multipart/alternative;
boundary=”——–MB_8CFED8ABC8296C6_1114_24C9B_Webmail-d109.sysops.aol.com”
X-Mailer: AOL Webmail 37556-STANDARD
Received: from 198.136.62.231 by Webmail-d109.sysops.aol.com (205.188.171.203) with HTTP (WebMailUI); Tue, 12 Mar 2013 18:47:40 -0400
Message-Id: <8CFED8ABC6F8BAE-1114-AB78@Webmail-d109.sysops.aol.com>
X-Originating-IP: [198.136.62.231]

 

“Solution Care Center”

WARNING – AOL PHISHING ATTACKER / SPOOFED EMAIL

From: America Online Solution Center <r_jriggs@msn.com>
cusrepcenter91090@aol.com
Sent: Thu, Mar 21, 2013 2:40 am
Subject: Solution Care Center

A GC109 Virus has been detected in your folders. Login Here to Switch to the new Secure GC109 anti virus 2013.

Thank you for choosing our service.

Sincerely,
America Online

Return-Path: r_jriggs@msn.com
Received: from snt0-omc1-s35.snt0.hotmail.com (snt0-omc1-s35.snt0.hotmail.com [65.55.90.46])
by mtain-mp11.r1000.mx.aol.com (Internet Inbound) with ESMTP id 9E28138000082;
Thu, 21 Mar 2013 02:40:21 -0400 (EDT)
Received: from SNT127-W16 ([65.55.90.8]) by snt0-omc1-s35.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);
Wed, 20 Mar 2013 23:34:56 -0700
X-EIP: [dulQDxIiwOBvOf+scSTes83aMWm8ercE]
X-Originating-Email: [r_jriggs@msn.com]
Message-ID: <SNT127-W16A8670FCE3478D776EB05EAEB0@phx.gbl>
boundary=”_424f9e02-3fb8-4263-a5ca-1958fccbac08_”
From: America Online Solution Center <r_jriggs@msn.com>
cusrepcenter91090@aol.com
Subject: Solution Care Center
Date: Thu, 21 Mar 2013 01:34:55 -0500
In-Reply-To: <SNT127-W352FC681CF7386062AEEBEAEA0@phx.gbl>
References:
<SNT127-W22573A8C6E23C8E535DF3FEA0D0@phx.gbl>,<BAY0-XMR-009MUmwX5P004ab18f@BAY0-XMR-009.phx.gbl>,<SNT127-W385414F5EA0A24EC51BF10EA0D0@phx.gbl>,<SNT127-W47BA08D4A082E32FD45762EA0C0@phx.gbl>,<SNT127-W47352D7EE004C78AD7B04AEA0C0@phx.gbl>,<SNT127-W40B4EED502F99B7E4FE4F7EAF20@phx.gbl>,<SNT127-W575BECE6E45C91403544E3EAF20@phx.gbl>,<SNT127-W572FB40FE71D0ADA2B29FEAFC0@phx.gbl>,<SNT127-W65CDC6C6DC7B8CF75A8071EAFE0@phx.gbl>,<SNT127-W63CE1D09BD985A12B48520EAFB0@phx.gbl>,<SNT127-W30BD6F490E82A75815760BEAE00@phx.gbl>,<SNT127-W13AA540CC7A46C6A00B1EEAE30@phx.gbl>,<SNT127-W1218A1D94D9DD913577A9AEAEA0@phx.gbl>,<SNT127-W352FC681CF7386062AEEBEAEA0@phx.gbl>
X-OriginalArrivalTime: 21 Mar 2013 06:34:56.0345 (UTC) FILETIME=[33ED8C90:01CE25FE]
x-aol-global-disposition: G
x-aol-sid: 3039ac1dc14f514aab55457f
X-AOL-IP: 65.55.90.46
X-AOL-SPF: domain : msn.com SPF : pass 
yolomarshall@msn.com

From: America Online Solution Center <r_jriggs@msn.com>
cusrepcenter91090 <cusrepcenter91090@aol.com>
Sent: Thu, Mar 21, 2013 2:40 am
Subject: Solution Care Center

A GC109 Virus has been detected in your folders. Login Here to Switch to the new Secure GC109 anti virus 2013.

 

Thank you for choosing our service.

 

Sincerely,

America Online

Thank you for choosing our service.

From: America Online Solution Center <rnlmac@msn.com>
cusrepcenter91090 <cusrepcenter91090@aol.com>
Sent: Tue, Mar 26, 2013 5:29 pm
Subject: Customer Care Solution

A VJ131X Virus has been detected in your folders. Login Here to Switch to the new Secure VJ131X anti virus 2013.

Thank you for choosing our service.

Sincerely,
America Online

Resent-From: ucan@live.com.au
From: America Online Team <r_jriggs@msn.com>
Date: 3 June 2012 11:00:50 AEST
Resent-To:
To: <windowslivevirusdept2012@msn.com>
Subject: Account Alert (QXU389902A42)

 

“Danielle Stafford”

WARNING – EMAIL SCAM

From: Danielle admin@jpcraven.com
domainsprivate368@gmail.com
Sent: Thursday, March 21, 2013 8:00 AM
Subject: Personal Message

Hello

Greg asked me pass this specific info onto you today…

Your email has been confirmed and an account has
been created in order for you to begin generating an approximate $7, 487. 28/month using this proven cash system, beginning today.

STEP TWO: Activate It Here (actual URL is go.clickmeter.com/Isw0)
Your invitation expires in 48 hours.

Congratulations!

Danielle Stafford
Member Assist

You are receiving this message from Unique Solutions and we
respect your privacy. Manage your message preference right here

Unique Solutions
538 West 21st Street, Suite 95187
Houston, TX 77008, United States

* As with most offers you find, results are unique. Your results
will vary. This is an advertisement.