This report concerns an unsolicited spam email received on Saturday, July 12, 2025 at 12:21 PM EDT, ...
show moreThis report concerns an unsolicited spam email received on Saturday, July 12, 2025 at 12:21 PM EDT, promoting a fraudulent online gambling site claiming a "400% boost up to โฌ2000" and "100 Free Spins" via suspicious links hosted on storage.googleapis.com. The email includes aggressive marketing HTML and embedded external images to entice clicks. The From header impersonates the recipient by using their name falsely, a common phishing tactic designed to appear more legitimate. SPF passed; however, DKIM failed with a 'permerror', and DMARC results were not aligned or failed validation. The sending domain (gonga-cola.co.maysithe.com) appears spoofed and differs from the DKIM domain (faukxxwyiaxttsooymrzwjwg.com). This is a classic case of spoofed email spam using obfuscation, third-party redirects, and domain forgery to bypass filters. Headers show the message originated from IP 81.181.107.84 (workablewebtools.com), and used fake reply addresses and deeply nested redirect chains. This is a persistent abuse patte
show less
This email was received on July 6, 2025, at 11:32:31 AM (UTC -0400) and appears to be spam or fraudu ...
show moreThis email was received on July 6, 2025, at 11:32:31 AM (UTC -0400) and appears to be spam or fraudulent in nature. The message passed through multiple relays and was sent via IP address 45.155.205.213, which does not match the purported sender domain, indicating spoofing activity. The message claims to be from โYahoo!Mailโ but uses a misleading "From" name that impersonates the recipientโs own name, a tactic commonly used in phishing or fraudulent emails. The subject was โPlease help me confirm,โ with no legitimate content inside the body and instead includes generic emotional appeals often seen in scam attempts. The SPF authentication failed: SPF=fail (sender SPF policy: domain of email.sigorta.tc does not designate 45.155.205.213 as permitted sender). DKIM was not present. DMARC also failed, meaning domain-level protection mechanisms were bypassed. This IP may be involved in sending deceptive or impersonation emails.
show less
This email was part of a deceptive and likely fraudulent spam campaign. The message included mislead ...
show moreThis email was part of a deceptive and likely fraudulent spam campaign. The message included misleading claims attempting to impersonate a reputable organization in order to trick the recipient into clicking suspicious links or engaging further. The content appeared unsolicited and may be part of a broader phishing operation or scam effort aimed at harvesting personal or financial data. Upon inspection of the header, the message passed SPF and DKIM validation but failed DMARC authentication, indicating potential spoofing or misuse of domain identity. These types of emails are often routed through compromised servers or questionable hosts, and this one in particular exhibited such behavior. The email was received on Tue, 24 Jun 2025 17:55:29 PDT and should be flagged as abusive for violating best practices and trust protocols.
show less
Email Spam
Showing 1 to
3
of 3 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ