Spam 419/Nigeria Online fraud jwSpamSpy Contact
Email Spam Filter: |
|
|
Fraudulent Job offer: "ICG Commerce" (ICG)
- Job offer spam: Forwarding payments (Fraud)
- AICD.org job offer fraud
- Lionder.org job offer fraud
- Alpenantique.com job offer fraud
- "Plasma Project Inc" job offer fraud
- "Pro Screen AG" job offer fraud
- Forwarding Paypal payments via Western Union (Fraud)
- Fraudulent Job offer: "ICG Commerce" (ICG)
- Fraudulent Job offer: "Ameritrade Finance"
The "ICG Commerce" job offer is part of a series of scams designed to trick third parties into assisting the criminal laundering of stolen money. It appears to be part of the same series of scams as the following scams:
- "ECOS Services"
- Xian Energy or Purexian scam???
- http://www.checkbank.com
- http://www.checkbank.biz
- http://www.purexian.biz
- Checkbank
- Financial Consortium International, LLC
- Purexian
- Filenio Finance
- Xian Energy SOT
- Next Day Finance, LLC
- http://www.ntt-body.com
- http://www.ri-coza.com
- http://www.worldremittances.com
- http://www.nextdayfinancellc.biz
The fraudulent brand new websites "borrow" text from the three year old website of the following legitimate company:
Here is the spam email from "ICG Commerce":
Hi,Here are the message headers:
Recently I've reviewed your CV and I'd like to propose you a good opportunity to join our great team.
Our company - ICG Commerce was founded ten years ago to serve the European business entrepreneurs and establish a profitable base for corporations desirous to succeed in new ventures in the United States and vice versa.
We are financially stable company with growing business worldwide. Due to expanding our business, we are glad to announce a number of vacancies of Regional Representative/General Assistant.
All operations are home based and will require just a couple of hours of your time.
Successful candidates must admit a high rank of responsibility as your duties will include money operations, transferring of valuable business documents and so on.
The individuals hired into these positions will initially go through a brief training program that will give them exposure to all operations functions including routing, inventory control and special projects. Now we need regional representative in the most areas.
To apply for this position and for more information click on this link: Contact ICG Commerce
Best regards,
Konrad Zemler
ICG Commerce.
Received: from s010600115b08cb67.vn.shawcable.net ([24.80.77.135])
by #####.###########.### with esmtp (Exim 4.43)
id 1CVhrL-0008Du-7m
for ######@########; Sun, 21 Nov 2004 03:53:51 +0100
Received: from unknown (HELO localhost) (127.0.0.1)
by localhost.ysukly.com with SMTP; Sun, 21 Nov 2004 03:01:14 +0000
Received: from 134.8.1.105 (134.8.1.105[134.8.1.105])
by S010600115b08cb67.vn.shawcable.net (IMP) with HTTP
for <######@########>;
Message-ID: <5094911101006074@S010600115b08cb67.vn.shawcable.net>
From: "Hilary" <ennbiskd@olesky.com>
To: "Charles" <######@########>
Subject: Regarding your RESUME.
Date: Sun, 21 Nov 2004 03:01:14 +0000
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 3.2.2
X-Originating-IP: 134.8.1.105
X-MailScanner-SpamCheck: spam, SpamAssassin (score=11.873,
required 5, HTML_20_30 0.23, HTML_MESSAGE 0.00,
MIME_HTML_ONLY 0.18, NORMAL_HTTP_TO_IP 0.03,
RCVD_IN_BL_SPAMCOP_NET 1.22, RCVD_IN_DSBL 3.81,
RCVD_IN_SORBS_DUL 1.99, RCVD_IN_XBL 3.08,
RCVD_NUMERIC_HELO 1.25, WEIRD_PORT 0.11)
Fraudulent website:
http://218.104.151.145:9121/contact.php
inetnum: 218.104.151.128 - 218.104.151.255
netname: changsha-zhongnan-daxue
country: cn
descr: changsha city
admin-c: TC254-AP
tech-c: TC254-AP
status: ASSIGNED NON-PORTABLE
changed: daihy@china-netcom.com 20020826
mnt-by: MAINT-CN-ZM28
source: APNIC
person: TECH GROUP CNC
address: 9/F, Building A, Corporate Square, No. 35 Financial Street,
address: Xicheng District, Beijing 100032, P.R.China
country: CN
phone: 10-88093588
fax-no: 10-88091442
e-mail: tech-group@china-netcom.com
nic-hdl: TC254-AP
mnt-by: MAINT-CN-ZM28
changed: zhaomq@china-netcom.com 20010917
source: APNIC
Anti-Spam Resources:
jwSpamSpy is our spam filter (free evaluation version available for download)
Anti-spam domain blacklist – list of domains that I refuse to receive mail from
Recent additions to domain blacklist (with whois details)
"419" scam sender/contact addresses ("Nigeria connection" address book)
DNS-based IP and domain name blacklists
IP address ranges
Dynamic IP addresses (700 KB!)
Name server / Registrar combinations
Free email providers
AOL dial-up address ranges and mail servers
How to trace senders of spam
Frequently asked questions (FAQ)
Lookup an IP address on blacklists (http://dnsbl.net.au/lookup/)
Clueless virus filters spam innocent third parties
Challenge and Response spam filters: A selfish idea for selfish times
ShareYourExperiences.com spammers
Smyrnagroup spammers (in German)
Kaplan College spam
Stock Price Manipulation Spam ("Pump & Dump")
What's the deal with "OEM software"?
'Phishing' for your wallet
Job spam for payment processors
Spam phone numbers ("diploma" spam, etc.)
"Joe job" information
Link exchange offer spam
Getting creative with spam
Link exchange spam: allcarpictures.com
Xenophobia, Spam and Viruses: The "German Spam" (Sober.H)
Sober.H – Racist German email spam spread by virus (in German)
"Joe job" against joewein.de
Porn spam: watchsound.com
Porn spam: hotsalza.com
Name servers used by spammers: joker.com
Rogue name servers: mediadreamland.com
Rogue name servers: airmaramba.biz
Rogue name servers: bonafidecash.com
Rogue name servers: maileasy.biz