OwlCyberSecurity - MANAGER

Edit File: 1748020541.M83586P1075640.cloudbhc.clouditzone.com,S=8033,W=8229

Return-Path: <lefmagijaqir@magija.com> Delivered-To: info+spam@onebox.pk Received: from cloudbhc.clouditzone.com by cloudbhc.clouditzone.com with LMTP id wNn9Az2tMGi4aRAAZAThIw (envelope-from <lefmagijaqir@magija.com>) for <info+spam@onebox.pk>; Fri, 23 May 2025 22:15:41 +0500 Return-path: <lefmagijaqir@magija.com> Envelope-to: info@onebox.pk Delivery-date: Fri, 23 May 2025 22:15:41 +0500 Received: from [37.130.70.205] (port=52113 helo=smtpclient.apple) by cloudbhc.clouditzone.com with esmtp (Exim 4.98.1) (envelope-from <lefmagijaqir@magija.com>) id 1uIVzf-00000004W1J-1y2D for info@onebox.pk; Fri, 23 May 2025 22:15:40 +0500 Content-Type: multipart/alternative; boundary=Apple-Mail-F19421E6-AF76-DE2D-F247-85019830C31C Content-Transfer-Encoding: 7bit From: "desmund boon-hwe" <lefmagijaqir@magija.com> MIME-Version: 1.0 (1.0) Date: Fri, 23 May 2025 21:49:38 +0200 Message-Id: <A0DA173E-BA6D-F393-E924-0D895EC0A0DA@magija.com> To: <info@onebox.pk> X-Mailer: iPhone Mail (21A329) X-Spam-Status: Yes, score=14.2 X-Spam-Score: 142 X-Spam-Bar: ++++++++++++++ X-Spam-Report: Spam detection software, running on the system "cloudbhc.clouditzone.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see root\@localhost for details. Content preview: I have some bad news for you. &nbsp; A few months ago I gained access to your devices. After that I started to monitor your activities. &nbsp; I installed a Trojan virus in the operating systems of al [...] Content analysis details: (14.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 KAM_BLANKSUBJECT Message has a blank Subject 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [37.130.70.205 listed in sa-accredit.habeas.com] 0.0 HTML_MESSAGE BODY: HTML included in message 2.0 PYZOR_CHECK Listed in Pyzor (https://pyzor.readthedocs.io/en/latest/) 1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any anti-forgery methods 8.5 KAM_CRIM Extortion Email 2.0 RDNS_NONE Delivered to internal network by a host with no rDNS 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict Alignment 0.5 PDS_BTC_ID FP reduced Bitcoin ID 0.0 BITCOIN_EXTORT_01 Extortion spam, pay via BitCoin 0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe X-Spam-Flag: YES Subject: ***SPAM*** --Apple-Mail-F19421E6-AF76-DE2D-F247-85019830C31C Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable I have some bad news for you. &nbsp; A few months ago I gained access to your devices. After that I started to monitor your activities. &nbsp; I installed a Trojan virus in the operating systems of all the devices = you use to access the Internet. This software gives me access to all the controllers on your devices. &nbsp; I have uploaded all of your information, data, photos, browsing history = to my servers. I have access to all your data, messengers, social networks, emails, = chat history and contacts. &nbsp; My virus updates signatures and remains invisible to antivirus software. While gathering information about you, I discovered that you are a big = fan of adult websites and watch exciting videos while having a lot of = fun. &nbsp; I was able to record some of your dirty scenes of you masturbating and = reaching orgasm. &nbsp; If you have any doubts, I can make a few clicks and all the videos will = be shown to everyone you know. &nbsp; And I can also put all your correspondence, personal photos, and all = your secret data on the Internet. &nbsp; I could ruin your reputation forever. &nbsp; I think you really do not want this to happen, given the specifics of = the video you like to watch (you know exactly what I mean), it will lead = to a real disaster for you. &nbsp; Let's solve it this way: you wire me 1300 dollars US (USD) (in bitcoin = equivalent at the exchange rate at the time of the funds transfer), and = I'll remove all this filth right away. After that we will forget about each other. &nbsp; I also promise to deactivate and remove all malware from your devices. &nbsp; I always keep my word. Here is my bitcoin wallet: 1L5sqz61iZUXQzjUVpQex7LK2yDHsfagnf &nbsp; You have 2 days from the time you open this email. &nbsp; If you don't send the money your video and all your details will be = published on the internet for all the people and your loved ones to see. I will ruin your reputation forever. &nbsp; Don't try to find me. Don't try to contact the police and other security services or your data = will be published. &nbsp; I know many secrets about you. &nbsp; Be aware of your reputation. &nbsp; --Apple-Mail-F19421E6-AF76-DE2D-F247-85019830C31C Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable <html><head><meta http-equiv=3D"content-type" content=3D"text/html; = charset=3Diso-8859-1"></head><body dir=3D"auto"><p>I have some bad news = for you.</p> <p>&nbsp;</p> <p>A few months ago I gained access to your devices.</p> <p>After that I started to monitor your activities.</p> <p>&nbsp;</p> <p>I installed a Trojan virus in the operating systems of all the = devices you use to access the Internet.</p> <p>This software gives me access to all the controllers on your = devices.</p> <p>&nbsp;</p> <p>I have uploaded all of your information, data, photos, browsing = history to my servers.</p> <p>I have access to all your data, messengers, social networks, emails, = chat history and contacts.</p> <p>&nbsp;</p> <p>My virus updates signatures and remains invisible to antivirus = software.</p> <p>While gathering information about you, I discovered that you are a = big fan of adult websites and watch exciting videos while having a lot = of fun.</p> <p>&nbsp;</p> <p>I was able to record some of your dirty scenes of you masturbating = and reaching orgasm.</p> <p>&nbsp;</p> <p>If you have any doubts, I can make a few clicks and all the videos = will be shown to everyone you know.</p> <p>&nbsp;</p> <p>And I can also put all your correspondence, personal photos, and all = your secret data on the Internet.</p> <p>&nbsp;</p> <p>I could ruin your reputation forever.</p> <p>&nbsp;</p> <p>I think you really do not want this to happen, given the specifics of = the video you like to watch (you know exactly what I mean), it will lead = to a real disaster for you.</p> <p>&nbsp;</p> <p>Let's solve it this way: you wire me 1300 dollars US (USD) (in = bitcoin equivalent at the exchange rate at the time of the funds = transfer), and I'll remove all this filth right away.</p> <p>After that we will forget about each other.</p> <p>&nbsp;</p> <p>I also promise to deactivate and remove all malware from your = devices.</p> <p>&nbsp;</p> <p>I always keep my word.</p> <p>Here is my bitcoin wallet: 1L5sqz61iZUXQzjUVpQex7LK2yDHsfagnf</p> <p>&nbsp;</p> <p>You have 2 days from the time you open this email.</p> <p>&nbsp;</p> <p>If you don't send the money your video and all your details will be = published on the internet for all the people and your loved ones to = see.</p> <p>I will ruin your reputation forever.</p> <p>&nbsp;</p> <p>Don't try to find me.</p> <p>Don't try to contact the police and other security services or your = data will be published.</p> <p>&nbsp;</p> <p>I know many secrets about you.</p> <p>&nbsp;</p> <p>Be aware of your reputation.</p> <p>&nbsp;</p></body></html> --Apple-Mail-F19421E6-AF76-DE2D-F247-85019830C31C--