Another 419 scam that is so obviously wrong. At least get a speelchucker working and get the country name and the evil deceased dictator who you pretend to be stealing money from correct to have a miniscule chance of being believed.
The correct country is Libya not Lybia. Gaddafi is the correct spelling not Ghaddafi.
These do not come from Gmail but are being sent via a compromised or fraudulently set up account on Godaddy. I really give up with the amount of scams, spam, malware & fraud hosted by Godaddy who seem unable, unwilling or incapable of any proactive action to stop this. Abuse reports rarely get any response and no apparent action by Godaddy. Many researchers put a lot of time and effort into helping protect the internet by reporting these. At least acknowledge the report & do something that makes us feel our work is not in vain.
Update to post the Godaddy auto reply. I really give up. I don’t have the time or energy to jump through the hoops. If Godaddy want to do something about abuse on their network, they MUST make it easy to report abuse. That means 1 email address to send to and/or 1 website form that actually works and accepts reports
The email looks like:
From: Mrs Sherifar Abell <email@example.com>
Date: Sun 06/08/2017 08:54
Subject: THIS IS RESPECTFULLY YOUR.
I am Banker Ms Sherifar Abell.I am contacting you for maximum assistant to finance this unclaimed/abandoned fund sum of (US$10.5 Million United State Dollars)which i discovered in the bank account that belongs to the embattled president of lybia Late Muammar Ghaddafi.
Now our bank has been waiting for any of the relatives to come-up for the claim but nobody has done that i personally has been unsuccessful in locating any of the relatives.
I sincerely seek your consent to present you as the next of kin to the deceased so that the bank can proceed to release this fund for you without any hindrances note i am working with the bank i am here to direct you on how we will follow the bank to enable us receive this very fund,is risky free because i have monitored the account for more than three years now so i have secured the file of the Late Deceased for our safety and Legal during this fund transfer.
We will have to provide all the relevant document that will be requested to indicate that you are the rightful beneficiary of this legacy and our bank will release the fund to you without any further delay, upon your consideration and acceptance of this offer, please send me the following information as stated below so we can proceed and get this fund transferred to your designated bank account immediately.
I will furnish you with my identities for you to know me better.
Your Full Name:
Your Contact Address:
Your direct Mobile telephone Number:
Your Date of Birth:
Banker Mrs Sherifar Abell.
|188.8.131.52||p3plsmtp14-01-2.prod.phx3.secureserver.net||Scottsdale||Arizona||US||AS26496 GoDaddy.com, LLC|
|184.108.40.206||p3plgemwbe14-06.prod.phx3.secureserver.net||Scottsdale||Arizona||US||AS26496 GoDaddy.com, LLC|
Received: from p3plsmtp14-01-2.prod.phx3.secureserver.net ([220.127.116.11]:45410 helo=p3plwbeout14-01.prod.phx3.secureserver.net)
by knight.knighthosting.co.uk with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
for firstname.lastname@example.org; Sun, 06 Aug 2017 08:54:10 +0100
Received: from localhost ([18.104.22.168])
by :WBEOUT: with SMTP
id eGNXdxe624fALeGNXd0KEk; Sun, 06 Aug 2017 00:53:39 -0700
Received: (qmail 27288 invoked by uid 99); 6 Aug 2017 07:53:39 -0000
Content-Type: text/html; charset=”utf-8″
User-Agent: Workspace Webmail 6.8.7
From: “Mrs Sherifar Abell” <email@example.com>
Subject: THIS IS RESPECTFULLY YOUR.
Date: Sun, 06 Aug 2017 00:53:37 -0700
|BAYES_20||-0.00||Bayes spam probability is 5 to 20%|
|DCC_CHECK||1.10||Detected as bulk mail by DCC (dcc-servers.net)|
|DKIM_ADSP_CUSTOM_MED||0.00||No valid author signature, adsp_override is CUSTOM_MED|
|FREEMAIL_FROM||0.00||Sender email is commonly abused enduser mail provider|
|HTML_MESSAGE||0.00||HTML included in message|
|KAM_NIGERIAN||2.50||Nigerian Scam and Variants|
|MIME_HTML_ONLY||0.72||Message only has text/html MIME parts|
|MONEY_FRAUD_8||0.00||Lots of money and very many fraud phrases|
|NML_ADSP_CUSTOM_MED||0.90||ADSP custom_med hit, and not from a mailing list|
|RCVD_IN_DNSWL_NONE||-0.00||Sender listed at http://www.dnswl.org/, no trust|
|SUBJ_ALL_CAPS||1.51||Subject is all capitals|
|SpamAssassin Auto Learn||not learned|
Godaddy auto-reply to the abuse report. I really give up. I don’t have the time or energy to jump through the hoops. If Godaddy want to do something about abuse on their network, they MUST make it easy to report abuse. That means 1 email address to send to and/or 1 website form that actually works and accepts reports