Return-Path: <recep@govan.co.za>
Delivered-To: govancoz+spam@zacp120.ve.host
Received: from zacp120.ve.host
	by zacp120.ve.host with LMTP
	id yGxCHuvmpWZ6LwcAvcbEzQ
	(envelope-from <recep@govan.co.za>)
	for <govancoz+spam@zacp120.ve.host>; Sun, 28 Jul 2024 08:36:27 +0200
Return-path: <recep@govan.co.za>
Envelope-to: recep@govan.co.za
Delivery-date: Sun, 28 Jul 2024 08:36:27 +0200
Received: from [103.138.168.196] (port=65030 helo=[103.138.168.198])
	by zacp120.ve.host with esmtp (Exim 4.97.1)
	(envelope-from <recep@govan.co.za>)
	id 1sXxW3-00000001yQ2-0UFO
	for recep@govan.co.za;
	Sun, 28 Jul 2024 08:36:27 +0200
Received: from aiffnkr ([113.130.114.200]) by 24504.com with MailEnable ESMTP; Sun, 28 Jul 2024 00:36:25 -0600
Received: (qmail 59143 invoked by uid 591); 28 Jul 2024 00:36:23 -0600
From: recep@govan.co.za
To: recep@govan.co.za
Date: Sun, 28 Jul 2024 00:36:25 -0600
Message-ID: <591433.591433@24504.com>
Mime-Version: 1.0
Content-type: text/plain;
X-Spam-Status: Yes, score=14.8
X-Spam-Score: 148
X-Spam-Bar: ++++++++++++++
X-Spam-Report: Spam detection software, running on the system "zacp120.ve.host",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Hello there! Unfortunately, there are some bad news for you.
    Some time ago your device was infected with my private trojan, R.A.T (Remote
    Administration Tool), if you want to find out more about it simply use Google.
    
 Content analysis details:   (14.8 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
                             blocked.  See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: nexo.com]
  0.5 SUBJ_ALL_CAPS          Subject is all capitals
  1.5 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE:
                             The query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [103.138.168.196 listed in sa-accredit.habeas.com]
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                           [103.138.168.196 listed in bl.score.senderscore.com]
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  0.2 KAM_DMARC_NONE         DKIM has Failed or SPF has failed on the message
                             and the domain has no DMARC policy
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  0.0 KAM_SHORT              Use of a URL Shortener for very short URL
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.0 FSL_BULK_SIG           Bulk signature with no Unsubscribe
  0.5 PDS_BTC_ID             FP reduced Bitcoin ID
  3.5 BITCOIN_TOEQFM         Bitcoin + To same as From
  0.2 BITCOIN_SPAM_07        BitCoin spam pattern 07
  1.9 BITCOIN_MALWARE        BitCoin + malware bragging
  2.4 MALWARE_NORDNS         Malware bragging + no rDNS
X-Spam-Flag: YES
Subject:  ***SPAM***  I RECORDED YOU!

Hello there!

Unfortunately, there are some bad news for you.

Some time ago your device was infected with my private trojan, R.A.T (Remote Administration Tool), if you want to find out more about it simply use Google.

My trojan allowed me to access your files, accounts and your cam.

Check the sender of this email, I have sent it from your email account.

To make sure you read this email, you will receive it multiple times.

You truly enjoy checking out porn websites and watching dirty videos, while having a lot of kinky fun.

I RECORDED YOU (through the cam of your device) SATISFYING YOURSELF!

After that I removed my malware to not leave any traces.

If you still doubt my serious intentions, it only takes couple mouse clicks to share the video of you with your friends, relatives, all email contacts, on social networks and the darknet.

All you need is $1800 USD in Bitcoin (BTC) transfer to my account.

After the transaction is successful, I will proceed to delete everything.

Be sure, I keep my promises.

You can easily buy Bitcoin (BTC) here:

https://cex.io/buy-bitcoins https://nexo.com/buy-crypto/bitcoin-btc https://bitpay.com/buy-bitcoin/?crypto=BTC https://paybis.com/ https://invity.io/buy-crypto

Or simply google other exchanger.

After that send the Bitcoin (BTC) directly to my wallet, or install the free software: Atomicwallet, or: Exodus wallet, then receive and send to mine.

My Bitcoin (BTC) address is: 1GtGZpzfRkAVBL48F68mi8bTcatwpTZGm8

Yes, that's how the address looks like, copy and paste my address, it's (cAsE-sEnSEtiVE).

You are given not more than 3 days after you have opened this email.

As I got access to this email account, I will know if this email has already been read.

Everything will be carried out based on fairness.

An advice from me, regularly change all your passwords to your accounts and update your device with newest security patches.