Financial Agent Position ~ support@olivesgreen.com

The Purpose of this post is to ALERT you that the job you are about to apply for scamalert4or may have applied FOR or is CONSIDERING APPLYING FOR is FRAUDULENT. The identities of individuals or a business entity have been stolen along with fund from their bank accounts.

These job postings are an attempt to lure you into accepting wire transfers and cashing counterfeit checks into your bank accounts. You are being recruited to wire transfer these funds via WESTERN UNION or MONEYGRAM from your bank into a DOMESTIC BANK or OFFSHORE BANK ACCOUNT.

Essentially You Become A Money or Repackage Mule

  1. Money Mule Explained
  2. Understanding The Cyber Theft Ring
  3. Protecting Yourself Against Money Mule
  4. KrebsOnSecurity – Cyberheist
  5. Washingtonpost.com by Brian Krebs
  6. Interview With A Money Mule
  7. Bobbear.co.UK ~ Historical Money Mule Sites

____________________

Email header analysis report
All valid IP Addresses found in the header.
Ip Address 3rd Party Info Provider City Flag Country
* 65.55.111.72 Check 65.55.111.72 at Senderbase.org Check 65.55.111.72 at Reputationauthority.org Microsoft Hosting Redmond United States
14.05.15.07 Check 14.05.15.07 at Senderbase.org Check 14.05.15.07 at Reputationauthority.org n/a n/a
65.55.111.100 Check 65.55.111.100 at Senderbase.org Check 65.55.111.100 at Reputationauthority.org Microsoft Hosting Redmond United States

*Probable originating IP address

Delivered-To: scamFRAUDalert
Received: by 10.216.180.198 with SMTP id j48csp341352wem;
Thu, 15 May 2014 07:38:33 -0700 (PDT)
X-Received: by 10.68.200.10 with SMTP id jo10mr12686179pbc.143.1400164712722;
Thu, 15 May 2014 07:38:32 -0700 (PDT)
Return-Path: <gary.benton@outlook.com>
Received: from blu0-omc2-s25.blu0.hotmail.com (blu0-omc2-s25.blu0.hotmail.com. [65.55.111.100])
by mx.google.com with ESMTP id bc5si2765128pbb.461.2014.05.15.07.38.32
for ;
Thu, 15 May 2014 07:38:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of gary.benton@outlook.com designates 65.55.111.100 as permitted sender) client-ip=65.55.111.100;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of gary.benton@outlook.com designates 65.55.111.100 as permitted sender) smtp.mail=gary.benton@outlook.com
Received: from BLU185-W10 ([65.55.111.72]) by blu0-omc2-s25.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);
Thu, 15 May 2014 07:38:30 -0700
X-TMN: [Qq/dPNH62w/GGXwN2M6PswJQ0cAcf53f]
X-Originating-Email:gary.benton@outlook.com
Message-ID: <BLU185-W1045822EFBA89AB2A26F12E3360@phx.gbl>
Return-Path: gary.benton@outlook.com
Content-Type: multipart/alternative;
boundary=”_3cf84f14-b71c-4d7d-81ea-f19f2cad3ae4_”
From: Green Olives – support@olivesgreen.com
Sender: <gary.benton@outlook.com>
To: “scamFRAUDalert
Subject: Re: Hello
Date: Thu, 15 May 2014 10:38:30 -0400
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 15 May 2014 14:38:30.0651 (UTC) FILETIME=[574C4CB0:01CF704B]

Dear scamFRAUDalert
We are glad to see you are interested in hearing more. The only position we currently have available is the Financial Agent position, a job that you can do from home, no previous experience need, low working hours and you can work full or part time.
Your duties will be to receive and process the payments coming from our clients via bank wire transfer.
You will receive a salary of $4,200 / month plus commissions and you can work from home, you don`t have to relocate.

If you are interested in taking the job or receiving more information please reply with your phone number and one of our agents will call you right away.

Sincerely,
Green Olives , 6710 Capitol St, Houston, TX 77011

2 thoughts on “Financial Agent Position ~ support@olivesgreen.com

  1. SFA Reporter says:

    Address lookup
    canonical name olivesgreen.com
    aliases
    addresses:209.202.252.21
    Domain Whois record

    Queried whois.internic.net with “dom olivesgreen.com

    Domain Name: OLIVESGREEN.COM
    Registrar: TUCOWS DOMAINS INC.
    Whois Server: whois.tucows.com
    Referral URL: http://domainhelp.opensrs.net
    Name Server: NS1.OLIVESGREEN.COM
    Name Server: NS2.OLIVESGREEN.COM
    Status: clientTransferProhibited
    Status: clientUpdateProhibited
    Updated Date: 13-may-2014
    Creation Date: 13-may-2014
    Expiration Date: 13-may-2015

    Last update of whois database: Thu, 15 May 2014 14:40:28 UTC
    Queried whois.tucows.com with “olivesgreen.com”…

    Domain Name: OLIVESGREEN.COM
    Registry Domain ID: 1858573488_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.tucows.com
    Registrar URL: http://tucowsdomains.com

    Updated Date: 2014-05-13 19:17:09
    Creation Date: 2014-05-13 23:12:50

    Registrar Registration Expiration Date: 2015-05-13 23:12:50
    Registrar: TUCOWS, INC.
    Registrar IANA ID: 69
    Registrar Abuse Contact Email: domainabuse@tucows.com
    Registrar Abuse Contact Phone: +1.4165350123
    Reseller: Lycos, Inc.
    Reseller: support@lycos.com
    Reseller: 866-971-5039

    Domain Status: clientTransferProhibited
    Domain Status: clientUpdateProhibited

    Registry Registrant ID:
    Registrant Name: leigh mcneil
    Registrant Organization: mcneil
    Registrant Street: 1000 ruby st apt 35
    Registrant City: durham
    Registrant State/Province: NC
    Registrant Postal Code: 27704
    Registrant Country: US
    Registrant Phone: +1.9193581304
    Registrant Phone Ext:
    Registrant Fax: +1.919-358-1304
    Registrant Email: tunydaqix@yahoo.com

    Registry Admin ID:
    Admin Name: leigh mcneil
    Admin Organization: mcneil
    Admin Street: 1000 ruby st apt 35
    Admin City: durham
    Admin State/Province: NC
    Admin Postal Code: 27704
    Admin Country: US
    Admin Phone: +1.919-358-1304
    Admin Phone Ext:
    Admin Fax: +1.919-358-1304
    Admin Email: tunydaqix@yahoo.com

    Registry Tech ID:
    Tech Name: leigh mcneil
    Tech Organization: mcneil
    Tech Street: 1000 ruby st apt 35
    Tech City: durham
    Tech State/Province: NC
    Tech Postal Code: 27704
    Tech Country: US
    Tech Phone: +1.9193581304
    Tech Phone Ext:
    Tech Fax: +1.9193581304
    Tech Email: tunydaqix@yahoo.com

    Name Server: NS1.OLIVESGREEN.COM
    Name Server: NS2.OLIVESGREEN.COM

    DNSSEC: Unsigned
    URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
    >>> Last update of WHOIS database: 2014-05-13 19:17:09 <<<

    Registration Service Provider:

    Network Whois record

    Queried whois.arin.net with "n 209.202.252.21"…

    NetRange: 209.202.192.0 – 209.202.255.255
    CIDR: 209.202.192.0/18
    OriginAS:
    NetName: NETBLK-LYCOS-1
    NetHandle: NET-209-202-192-0-1
    Parent: NET-209-0-0-0-0
    NetType: Direct Assignment
    RegDate: 2000-05-22
    Updated: 2012-02-24
    Ref: http://whois.arin.net/rest/net/NET-209-202-192-0-1

    OrgName: Lycos, Inc.
    OrgId: LYCOSI-1
    Address: 100 Fifth Avenue
    City: Waltham
    StateProv: MA
    PostalCode: 02451
    Country: US
    RegDate: 2000-05-22
    Updated: 2011-09-24
    Ref: http://whois.arin.net/rest/org/LYCOSI-1

    OrgTechHandle: NETWO1939-ARIN
    OrgTechName: Network Operations
    OrgTechPhone: +1-781-370-2700
    OrgTechEmail: nic-tech@lycos-inc.com
    OrgTechRef: http://whois.arin.net/rest/poc/NETWO1939-ARIN

    OrgAbuseHandle: NETWO1939-ARIN
    OrgAbuseName: Network Operations
    OrgAbusePhone: +1-781-370-2700
    OrgAbuseEmail: nic-tech@lycos-inc.com
    OrgAbuseRef: http://whois.arin.net/rest/poc/NETWO1939-ARIN

    RTechHandle: VY7-ARIN
    RTechName: Yelsangikar, Vish
    RTechPhone: +1-781-370-2700
    RTechEmail: nic-tech@lycos-inc.com
    RTechRef: http://whois.arin.net/rest/poc/VY7-ARIN

  2. SFA Reporter says:

    Green Olives

    sophie@greenolivs.com

    address lookup
    canonical name http://www.greenolivs.com
    aliases
    addresses 209.202.252.21
    Domain Whois record

    Queried whois.internic.net with “dom greenolivs.com”…

    Domain Name: GREENOLIVS.COM
    Registrar: TUCOWS DOMAINS INC.
    Whois Server: whois.tucows.com
    Referral URL: http://domainhelp.opensrs.net
    Name Server: NS1.GREENOLIVS.COM
    Name Server: NS2.GREENOLIVS.COM
    Status: clientTransferProhibited
    Status: clientUpdateProhibited
    Updated Date: 13-may-2014
    Creation Date: 13-may-2014
    Expiration Date: 13-may-2015

    >>> Last update of whois database: Tue, 20 May 2014 17:23:34 UTC <<<

    Queried whois.tucows.com with "greenolivs.com"…

    Domain Name: GREENOLIVS.COM
    Registry Domain ID: 1858573240_DOMAIN_COM-VRSN
    Registrar WHOIS Server: whois.tucows.com
    Registrar URL: http://tucowsdomains.com
    Updated Date: 2014-05-13 19:16:10
    Creation Date: 2014-05-13 23:08:05
    Registrar Registration Expiration Date: 2015-05-13 23:08:05
    Registrar: TUCOWS, INC.
    Registrar IANA ID: 69
    Registrar Abuse Contact Email: domainabuse@tucows.com
    Registrar Abuse Contact Phone: +1.4165350123

    Reseller: Lycos, Inc.
    Reseller: support@lycos.com
    Reseller: 866-971-5039

    Domain Status: clientTransferProhibited
    Domain Status: clientUpdateProhibited

    Registry Registrant ID:
    Registrant Name: daryl herndon
    Registrant Organization: herndon
    Registrant Street: 2900 14st nw suit 202
    Registrant City: Washington
    Registrant State/Province: DC
    Registrant Postal Code: 20009
    Registrant Country: US
    Registrant Phone: +1.202-606-1683
    Registrant Fax: +1.202-606-1683
    Registrant Email: andrugrimshawsuc@aol.com

    Registry Admin ID:
    Admin Name: daryl herndon
    Admin Organization: herndon
    Admin Street: 2900 14st nw suit 202
    Admin City: Washington
    Admin State/Province: DC
    Admin Postal Code: 20009
    Admin Country: US
    Admin Phone: +1.202-606-1683
    Admin Phone Ext:
    Admin Fax: +1.202-606-1683
    Admin Fax Ext:
    Admin Email: andrugrimshawsuc@aol.com

    Registry Tech ID:
    Tech Name: daryl herndon
    Tech Organization: herndon
    Tech Street: 2900 14st nw suit 202
    Tech City: Washington
    Tech State/Province: DC
    Tech Postal Code: 20009
    Tech Country: US
    Tech Phone: +1.202-606-1683
    Tech Fax: +1.2026061683
    Tech Email: andrugrimshawsuc@aol.com

    Name Server: NS1.GREENOLIVS.COM
    Name Server: NS2.GREENOLIVS.COM

    DNSSEC: Unsigned
    URL of the ICANN WHOIS Data Problem Reporting System:
    Last update of WHOIS database: 2014-05-13 19:16:10

    Registration Service Provider:
    Network Whois record

    Queried whois.arin.net with "n 209.202.252.21

    NetRange: 209.202.192.0 – 209.202.255.255
    CIDR: 209.202.192.0/18
    OriginAS:
    NetName: NETBLK-LYCOS-1
    NetHandle: NET-209-202-192-0-1
    Parent: NET-209-0-0-0-0
    NetType: Direct Assignment
    RegDate: 2000-05-22
    Updated: 2012-02-24
    Ref: http://whois.arin.net/rest/net/NET-209-202-192-0-1

    OrgName: Lycos, Inc.
    OrgId: LYCOSI-1
    Address: 100 Fifth Avenue
    City: Waltham
    StateProv: MA
    PostalCode: 02451
    Country: US
    RegDate: 2000-05-22
    Updated: 2011-09-24
    Ref: http://whois.arin.net/rest/org/LYCOSI-1

    OrgTechHandle: NETWO1939-ARIN
    OrgTechName: Network Operations
    OrgTechPhone: +1-781-370-2700
    OrgTechEmail: nic-tech@lycos-inc.com
    OrgTechRef: http://whois.arin.net/rest/poc/NETWO1939-ARIN

    OrgAbuseHandle: NETWO1939-ARIN
    OrgAbuseName: Network Operations
    OrgAbusePhone: +1-781-370-2700
    OrgAbuseEmail: nic-tech@lycos-inc.com
    OrgAbuseRef: http://whois.arin.net/rest/poc/NETWO1939-ARIN

    RTechHandle: VY7-ARIN
    RTechName: Yelsangikar, Vish
    RTechPhone: +1-650-428-5111
    RTechEmail: nic-tech@lycos-inc.com
    RTechRef: http://whois.arin.net/rest/poc/VY7-ARIN

    DNS records

    DNS query for 21.252.202.209.in-addr.arpa failed: ConnectionReset
    name class type data time to live
    greenolivs.com IN SOA
    server: ns1.greenolivs.com
    email: hostmaster@greenolivs.com
    serial: 1400606463
    refresh: 16384
    retry: 2048
    expire: 1048576
    minimum ttl: 2560
    2560s (00:42:40)
    greenolivs.com IN NS ns1.greenolivs.com 60s (00:01:00)
    greenolivs.com IN NS ns2.greenolivs.com 60s (00:01:00)
    greenolivs.com IN TXT PPdcfqym2YFe4sKOWloEm4tBFnQxOb6eYghH0BIWkllUQd581K2kpA== 60s (00:01:00)
    greenolivs.com IN MX
    preference: 10
    exchange: mx.greenolivs.com.cust.b.hostedemail.com
    60s (00:01:00)
    greenolivs.com IN A 209.202.252.21 60s (00:01:00)
    21.252.202.209.in-addr.arpa IN PTR bos1-redirect.domains.lycos.com 3600s (01:00:00)
    21.252.202.209.in-addr.arpa IN PTR bos2-redirect.domains.lycos.com 3600s (01:00:00)
    252.202.209.in-addr.arpa IN SOA
    server: invisible.lycos.com
    email: nic-tech@lycos-inc.com
    serial: 2007103000
    refresh: 1800
    retry: 600
    expire: 2419200
    minimum ttl: 600
    3600s (01:00:00)
    252.202.209.in-addr.arpa IN RRSIG
    type covered: NSEC (47)
    algorithm: RSA/SHA-1 (5)
    labels: 5
    original ttl: 10800 (03:00:00)
    signature expiration: 2014-05-30 16:02:38Z
    signature inception: 2014-05-20 16:02:38Z
    key tag: 29930
    signer's name: 209.in-addr.arpa
    signature:
    (1024 bits)

    1E3699371E597D474F6AB03202CF55A3
    71CB3029860ED0CF7B2EF3DCA6308E12
    6DFF42C4A0C15B6B657BE57FDF6B56A2
    E55EEDB87491C98DD2FDB0FCC3288840
    B9431DA8481E3B8C844706315C6D13FF
    2473C901F0866EAD153AE8999B743588
    7E06D1B8AC6B5301DFE06AD15A1E595E
    627AFE0DB82907E802CD4200FA4BAB80

    10800s (03:00:00)
    252.202.209.in-addr.arpa IN NSEC
    next domain name: 253.202.209.in-addr.arpa
    record types: NS RRSIG NSEC
    10800s (03:00:00)
    252.202.209.in-addr.arpa IN NS ns2.lycos.com 3600s (01:00:00)
    252.202.209.in-addr.arpa IN NS ns1.lycos.com 3600s (01:00:00)

    — end —

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s