Received on Sat, 02 Aug 2025 at 16:51:07 -0700. This email fraudulently claims a CashApp deposit of ...
show moreReceived on Sat, 02 Aug 2025 at 16:51:07 -0700. This email fraudulently claims a CashApp deposit of $13,963.99 with deceptive subject lines and embedded links leading to likely phishing or malware sites. The plain-text body contains nonsensical filler, while the HTML version attempts to trick the recipient into clicking multiple suspicious URLs.
The "From" field falsely used the recipient's name to appear legitimate, violating RFC 5322 by misrepresenting identity. The message originated from IP 27.102.113.118 (tunnelbec.biz), and passed SPF, but there is no DKIM or DMARC alignment. Mail server 173.228.155.53 (njmta-53.sailthru.com) also handled the message, contributing to abuse.
Despite repeated spam complaints, the hosting provider continues to ignore reports, and spam persists. IP 27.102.113.118 is hosted by Dreamscape Networks International Pte Ltd. Abuse contact: [email protected] or phone +61-8-9422-0899.
show less
Fraud Orders
Phishing
Web Spam
Email Spam
Spoofing
Exploited Host
Unsolicited spam email received on June 26, 2025 at 08:30:19 -0400 promoting an alleged casino rewar ...
show moreUnsolicited spam email received on June 26, 2025 at 08:30:19 -0400 promoting an alleged casino reward of $7,389.85 and 380 free spins. The message was sent from IP 27.102.113.118, spoofing the domain crop-monitoring.systems.usda.gov.becomesto.org. The email pretends to issue a payout and includes deceptive HTML content with flashy graphics and promotional phrases like โCLAIM YOUR WINNINGS NOWโ and โUNIQUE COUPON CODE.โ The body is padded with obfuscated text and encoded HTML to bypass spam filters. The actual payload links to external domains pushing gambling incentives. Message fails DMARC validation but passes SPF and DKIM. This is a classic example of phishing and spam designed to mislead recipients into clicking or engaging with fraudulent offers.
show less