API tools faq
paste
wavellan

20230110_TECH_SUPPORT_SCAM_1

wavellan
Jan 10th, 2023
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.59 KB | None | 0 0
raw download clone embed print report diff
  1. Tech Support SCAM Phone Number: (845) 813-2919
  2.  
  3. Provider: Bandwidth.com
  4.  
  5. E-Mail Address: [email protected]
  6.  
  7. Pretends to be vendor: Geek Squad
  8.  
  9. Hustle description: Sends an e-mail pretending to be an automatic renewal for tech support services from Geek Squad. Requests you call the SCAM call center where they will then attempt to bill you for services on your credit card.
  10.  
  11. E-Mail snippet: Reminder Update ,
  12.  
  13. Attachment snippet: > DATE : 01-10-2023
  14. Your Subscription with GEEK SQUAD will Renew Today and $419.00 is about to be Debited
  15. from your account by Today. The Debited Amount will be reflected within the next 24.
  16. In case of any further clarifications or block the auto-renewal service please reach out
  17. Customer Help Center +1 (845) 813-2919
  18. Customer ID 039468405/793463
  19. Invoice Number TROSEROP34P3
  20. Quantity (One Year Subscription)
  21. oubtotal $419.00
  22. Sales Tax $0.00
  23. Total $419.00
  24. If you didn't authorize this Charge, you have 24 Hrs. To cancel & get an instant refund
  25. of your annual subscription, please contact our customer care: +1 (845) 813-2919
  26. Thanks and regards ,
  27. BEST
  28. >
  29. Customer support : +1 (845) 813-2919
  30.  
  31. SMTP HEADERS: Received: from CH3PR05MB10121.namprd05.prod.outlook.com (::1) by
  32. MWHPR0501MB3899.namprd05.prod.outlook.com with HTTPS; Tue, 10 Jan 2023
  33. 16:09:47 +0000
  34. Received: from MW3PR05CA0004.namprd05.prod.outlook.com (2603:10b6:303:2b::9)
  35. by CH3PR05MB10121.namprd05.prod.outlook.com (2603:10b6:610:130::17) with
  36. Microsoft SMTP Server (version=TLS1_2,
  37. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Tue, 10 Jan
  38. 2023 16:09:42 +0000
  39. Received: from MW2NAM12FT020.eop-nam12.prod.protection.outlook.com
  40. (2603:10b6:303:2b:cafe::8b) by MW3PR05CA0004.outlook.office365.com
  41. (2603:10b6:303:2b::9) with Microsoft SMTP Server (version=TLS1_2,
  42. cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6002.12 via Frontend
  43. Transport; Tue, 10 Jan 2023 16:09:42 +0000
  44. Authentication-Results: spf=pass (sender IP is 209.85.128.43)
  45. smtp.mailfrom=gmail.com; dkim=pass (signature was verified)
  46. header.d=gmail.com;dmarc=pass action=none header.from=gmail.com;compauth=pass
  47. reason=100
  48. Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates
  49. 209.85.128.43 as permitted sender) receiver=protection.outlook.com;
  50. client-ip=209.85.128.43; helo=mail-wm1-f43.google.com; pr=C
  51. Received: from mail-wm1-f43.google.com (209.85.128.43) by
  52. MW2NAM12FT020.mail.protection.outlook.com (10.13.180.87) with Microsoft SMTP
  53. Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
  54. 15.20.6002.10 via Frontend Transport; Tue, 10 Jan 2023 16:09:41 +0000
  55. Received: by mail-wm1-f43.google.com with SMTP id i17-20020a05600c355100b003d99434b1cfso10461454wmq.1
  56. for <>; Tue, 10 Jan 2023 08:09:41 -0800 (PST)
  57. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  58. d=gmail.com; s=20210112;
  59. h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
  60. :date:message-id:reply-to;
  61. bh=5yvw2tjB7MAjnnqE2xE4+MqCECx0UPImus404B0VGMQ=;
  62. b=eTbzI2paxmMuDjSpmm3zQcktSXdwMDgyZIA6NCRJjzsUmSSCcx6vZHR+9DboEa9Hfb
  63. WxDfPbmueEZyB5ulELjKh8oHZRXPzzgzLyqvU7DvXibMZRKipgR7f2U1uRKxGV2vanx4
  64. OYhdAidBzzDnNtFEHmx87v7xpRX/xWdnKmVZy4Qae6X181rr7rTl9udYyCn1ITTHlm2S
  65. l81ySGZMt8GEoMbJkB05C4N2mqpywccCQeR2/T5zhwOQOpitzcEVFSkqS9+lyTpGD9jw
  66. lIk+O2HHRbxtEa+0N7m7P0nCNCgnoRsFG7piSUS0c0vN95XG0RIDvGcZt1+ZdKRDG1zw
  67. GunA==
  68. X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  69. d=1e100.net; s=20210112;
  70. h=to:subject:message-id:date:from:mime-version:x-gm-message-state
  71. :from:to:cc:subject:date:message-id:reply-to;
  72. bh=5yvw2tjB7MAjnnqE2xE4+MqCECx0UPImus404B0VGMQ=;
  73. b=JgsaTCeAyPjoiL7pla2b3aR/WCIp21rv35k73ihsF5er6x4NDQjb3QBptj0IMGx3qG
  74. pzs2IEYSYO+KUAB8UGfT42ldWjeHUKmdfvLdJKb+ODqFwLDzeyB+N0yThQ2sh0Ln7fXA
  75. 0qNXziu+LS+nuOm1lOSQp4cmfAA3/9VJo0bRNFYjdflXnYJ7DaYL5Q7i/IgexS9tyBeH
  76. /hWe16Tie+jjWPJCfqiiy59kj+ZGNmoCbh4zScYxkb3pJYQgr9Cw2lEJrKERYXs2mpGm
  77. zzILLB085yOdA/VHkKFC+8w4JoF+PUwYz3xHcmy/rqn3SZFOFIY4twiBqeNXgoD+5QIx
  78. WhuA==
  79. X-Gm-Message-State: AFqh2kpAki126SHQ8IyUKZVD/UmHPncRlb2dsNQrsfxXnQaWWP68c7So
  80. RC/N5vMq105p4KVVrbT0KiiSszg7vOI9lKiUaxE=
  81. X-Google-Smtp-Source: AMrXdXvmJWgcVOevIQTAnG+iCg1qPYHzD91LJCEjlZhbO2XO4QWbjwaU0/6RrIScuNocLWWUCCf3WgArRUrTAmKcgy8=
  82. X-Received: by 2002:a05:600c:1f14:b0:3d2:3766:6bf2 with SMTP id
  83. bd20-20020a05600c1f1400b003d237666bf2mr3506933wmb.110.1673366979333; Tue, 10
  84. Jan 2023 08:09:39 -0800 (PST)
  85. MIME-Version: 1.0
  86. From: gyeh <[email protected]>
  87. Date: Tue, 10 Jan 2023 21:39:23 +0530
  88. Message-ID: <CAG=iD1=fkMx6Csy2=ECgv-x6YMQfBJRWTTBGViTAXx_JVZ2TRg@mail.gmail.com>
  89. Subject: Payment notice has been sent; thank you! ER0943REIO43
  90. To: undisclosed-recipients:;
  91. Bcc:
  92. Return-Path: [email protected]
  93. X-MS-Exchange-Organization-ExpirationStartTime: 10 Jan 2023 16:09:42.1925
  94. (UTC)
  95. X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit
  96. X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000
  97. X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit
  98. X-MS-Exchange-Organization-Network-Message-Id:
  99. 6821eab7-7629-42d6-c8c3-08daf325153b
  100. X-EOPAttributedMessage: 0
  101. X-EOPTenantAttributedMessage: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a:0
  102. X-MS-Exchange-Organization-MessageDirectionality: Incoming
  103. X-MS-PublicTrafficType: Email
  104. X-MS-TrafficTypeDiagnostic: MW2NAM12FT020:EE_|CH3PR05MB10121:EE_
  105. X-MS-Exchange-Organization-AuthSource:
  106. MW2NAM12FT020.eop-nam12.prod.protection.outlook.com
  107. X-MS-Exchange-Organization-AuthAs: Anonymous
  108. X-MS-Office365-Filtering-Correlation-Id: 6821eab7-7629-42d6-c8c3-08daf325153b
  109. X-MS-Exchange-Organization-SCL: 5
  110. X-Forefront-Antispam-Report:
  111. CIP:209.85.128.43;CTRY:US;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:mail-wm1-f43.google.com;PTR:mail-wm1-f43.google.com;CAT:SPM;SFS:(13230022)(84050400002)(109986013)(451199015)(2202399006)(58800400005)(42186006)(82202003)(76482006)(33964004)(26005)(73392003)(8676002)(336012)(22186003)(83380400001)(1096003)(5660300002)(6666004)(15650500001)(3855299027);DIR:INB;
  112. X-Microsoft-Antispam: BCL:0;
  113. X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2023 16:09:41.9894
  114. (UTC)
  115. X-MS-Exchange-CrossTenant-Network-Message-Id: 6821eab7-7629-42d6-c8c3-08daf325153b
  116. X-MS-Exchange-CrossTenant-Id: 0d4bfd0a-5b8b-4c86-b245-3f11f8ea539a
  117. X-MS-Exchange-CrossTenant-AuthSource:
  118. MW2NAM12FT020.eop-nam12.prod.protection.outlook.com
  119. X-MS-Exchange-CrossTenant-AuthAs: Anonymous
  120. X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
  121. X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR05MB10121
  122. X-MS-Exchange-Transport-EndToEndLatency: 00:00:05.8963152
  123. X-MS-Exchange-Processed-By-BccFoldering: 15.20.5986.018
  124. X-Microsoft-Antispam-Mailbox-Delivery:
  125. ucf:0;jmr:0;auth:0;dest:J;OFR:SpamFilterAuthJ;ENG:(910001)(944506478)(944626604)(920097)(930097)(3100021);RF:JunkEmail;
  126. X-Microsoft-Antispam-Message-Info:
  127. =?us-ascii?Q?bQ8psLIQyNMGnO6e4FNMIoxBGvJ9wgUey2o8VfBPjmgpVPXjj/gX1SSJi5Cd?=
  128. =?us-ascii?Q?+iLwydveLcVbRANf8HlYa6myTwcYp2mNJ42yISQiT/wMYerqPvfWykkhdnJn?=
  129. =?us-ascii?Q?XyCysT+hhiB1IQNCMKAkOmbrBVt6mJiM+eiOMMe6NvLY6nyHlDjPgzcFw0tc?=
  130. =?us-ascii?Q?D6Myq2zM+GIIPNTwH/RpJ6txrZUCofVpPOvFwj/ACRV8wbAiugnR0ka8PGZG?=
  131. =?us-ascii?Q?I1w4OsMAJRUfIa3S3e0f8RlIX74/jZwXErQV7+TmNaxZYcACJpZlOHla+gcZ?=
  132. =?us-ascii?Q?UH9aHob4U/h/kta0FTMJjjrM73d1jD2ohFFr6lRm1btft4dfcO0nmwzQQU8H?=
  133. =?us-ascii?Q?RD6cnYev17iidJythZ6hQTBIKN4A0RDYGQg7g3y/VZ4cWH6qw+7MlU/Vl5uE?=
  134. =?us-ascii?Q?hUzZ2+SNqKxth02iP3fUoU3awJkS2/bbXB7myMNz2XJUYHj53T0RadswOBR8?=
  135. =?us-ascii?Q?mvlgQPMhks3AcdELMJIDPKAjYmg7uIJwXYf6Tj4qMEA6sKw0IZT1VeOhaVEA?=
  136. =?us-ascii?Q?9XB6sGheq5GXgOZLjCMMVLSA164KdlD1Dp8+aW8JpRqNiF2ozSYkCmxSUiKG?=
  137. =?us-ascii?Q?Vi8mM86JlFa41pRwkPvkuCeqoYv2TTFolv8TaZe19OPxfS/xFS5ZTw0JEAQ4?=
  138. =?us-ascii?Q?ED6kYvf3ZQ8JyQfG4vDaOA67SLopZj3xg4veo9BO2k16YOxL1Xyf13Py5vdC?=
  139. =?us-ascii?Q?a/pGyodCu5kxMHyHOc1UgUZz5OpDchsgx/r80u9voopU2FQYRe4w1IiSdQj3?=
  140. =?us-ascii?Q?sqt2twWbgzHGZnrdsYK0jOxgKsJKVPOmi2I19c8Ag2Ejmj5q/qoelt0KRMOz?=
  141. =?us-ascii?Q?BXP5rxCa/LIGY5+zVAU1Fy2RV9T1G+2n4nt36YsIe9WUCfacvxViI5jIr0sv?=
  142. =?us-ascii?Q?8dDr3il6/13tBRpFIANwrQzXlcbygd+6bgpbVemmFWxmr/aL+xNWm/vmMLsF?=
  143. =?us-ascii?Q?x/1TX7xfwQsPoKDh4YobMkU825ToVrTmNpZydm5JGDUGyGAIiU24uwr2shX+?=
  144. =?us-ascii?Q?Jb1cqxodlr129PJMg8IfOKAKmXRlRMhzMzGS+cVXtLaxNge5Mo9OkekdATln?=
  145. =?us-ascii?Q?3fcbgO+YfUrSmyxNiHAFzKDG451k6XKhA4L7e9jxMzA2VZ2qIyUivqy/Xj1r?=
  146. =?us-ascii?Q?quO0a12K2VklpbomjxSylQ1iXodHlTHDHD/1inS/fw1CPJ2Mmpn4V5TpiYOG?=
  147. =?us-ascii?Q?WxahmpUiaPJBGWbVgwScalfuc6hPc4MO3owNYUSRyEGNrO8Bnv0XKF8V2XY4?=
  148. =?us-ascii?Q?WCqjFDdKtX6v7y53lawAjQBLhetyv3qgrCbD5Y2fc7vZXJwT9vvb8KWUT16q?=
  149. =?us-ascii?Q?QXakdzpx1uaoWwEsBQq+GsKHa44pCDmDprLQEVQxMh6qLwOUFEK4DBSpMmpR?=
  150. =?us-ascii?Q?GNI1o6i4DE2syZSbAd3Wqq2cltt40En9A5Wq8XOoDYY4MyIGPtyyvSSKbsS1?=
  151. =?us-ascii?Q?uRZ66u2h7vO1fXeivaRA0nsLNEPSXw7Hh4u4wggJH1ZjMqKlhCxQ9H1RmsIr?=
  152. =?us-ascii?Q?DmTqPdxFVSTUqwvvh+ODeatJiEFYRoz701nfCtD8Hi5ydKoNiOnqetBGxElW?=
  153. =?us-ascii?Q?YKTTdcjlXayqibR13hDbb68aBYmPNARKPeLe2re3oEEaJkvXUUPecXcX6emh?=
  154. =?us-ascii?Q?EYpzuZPxnvQ3orq3ENPK+Rj+6wGsmh6NbgfIihX299qokwxXmqP7uy8QwvB1?=
  155. =?us-ascii?Q?YUMFDk7v7Bc3o89H2ZWe7d7q5wzezNelZbVrUkNtdwXO63LkfoQbNEoMXu6z?=
  156. =?us-ascii?Q?tx0MX5NcK555TiDCOMi8vQQNBq880+mZdhiKjdtf9/F434MqVqJAF1i2UcCg?=
  157. =?us-ascii?Q?8XrPUU/YU+UIN+DU0skf23H42sVrX1/DO6bH+wo7cd6zayMvdyF4xO+Kzggx?=
  158. =?us-ascii?Q?50RiA8/595zt29YLd5Bi8NLpLFvwqT7OuYU6ZoqA9o7UqHHUYgpgaGziozf6?=
  159. =?us-ascii?Q?TrmfgjpsR6EtRqqGGqUchM3PG6sznvCQ9tkF3BTTSQwZ8XXjkgRy6aPfL2b5?=
  160. =?us-ascii?Q?IO4dLOZrp8lD3ciQLr6yOF6nZ3vYh2PgsvrP+Ekpd+ChsBFPq0FCuIbTlKrS?=
  161. =?us-ascii?Q?1k9e/FlFEOdwzJorOaxe+1lD7VTJqXiCxJZ47+Fot4nGbym3FQUL0tGuREob?=
  162. =?us-ascii?Q?FEkoU+tFsrQr0T5wFSCcTyifDDkaK3tpnjF3GPZRrVp8qsGuLFFk0fHWB+ec?=
  163. =?us-ascii?Q?+1V6AxJnvYT+hzRQFNHkVAQD5m+xnjeXu6stpH0x/0dMQe2TcRH0fne0KM9g?=
  164. =?us-ascii?Q?1LP/0z1w/ye3GY/iYf34j36Z7rbeVvVvI1Rw5u0ZHmOY+fXTOqf3u2Scc5t0?=
  165. =?us-ascii?Q?JgyJvhsNfqDFlBdWG0JiB0P+KTCTwMavMcZ4mXHEE0CntN51SIuwop0PrZcK?=
  166. =?us-ascii?Q?l5juBcIsoXiuypQNg1o9ejIFi/T6A6DuWmidQUTM7Qt0PDwI162lbYVe/r5e?=
  167. =?us-ascii?Q?GFKMmDM/Jr7rf4ujQoV4cYN8BrofJqWHOgKSagznw9Abxk02yx/zD+0er38w?=
  168. =?us-ascii?Q?1+TB/8Z8luRTfnQoEXxUHp5dd/HoUWkdIBXr2ydYAhj2uBoIhFy86ve194Y3?=
  169. =?us-ascii?Q?Ob4ahWCKnJEqXTMM+6VWRRZFw7CixBPM5dXyBJIrEuo1I6F5V9RXQG8a6cXy?=
  170. =?us-ascii?Q?hFsMh5GpIrnfCmAq2k8IdvSJVgQ0xhxlLl3C0O3RBADU?=
  171. Content-type: multipart/mixed;
  172. boundary="B_3756200959_158752257"
  173.  
  174. > This message is in MIME format. Since your mail reader does not understand
  175. this format, some or all of this message may not be legible.
  176.  
  177. --B_3756200959_158752257
  178. Content-type: multipart/alternative;
  179. boundary="B_3756200959_12364330"
  180.  
  181.  
  182. --B_3756200959_12364330
  183. Content-type: text/plain;
  184. charset="UTF-8"
  185. Content-transfer-encoding: 7bit
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!