Bear Group Inc. – Guys…does this online job sound legit?

Got this email today. Being divorced and single again, I’d love to find some kind of work to do at home and make alittle more money. The only personal info it asked for was my county of residence and a contact number. I don’t really even understand the position, what the hell is a payment processor?

“Dear xxx xxxxx, After reviewing your resume we feel that you are a good fit for a Payment Processing position. My name is Deborah Albert and I am working at Bear Group Inc. We are a large company headquartered in the USA. Main field of our business is IT outsourcing services including the search of clients for potential employees and matching the most ideal candidate for each company’s request. Position we are offering is part-time with flexible schedule. You are to spend on average 2-3 hours a day (except Saturday and Sunday, no tasks during weekends) working from your home. NOTE: Internet access and e-mail are required. Bear Group Inc. covers all expenses, no need to invest your own money! After we sign the contract you’ll be employed for a month of a trial period. During this timeframe you’ll receive all the necessary instructions and training from your supervisor. One week before the trial ends your supervisor will be making his/her decision regarding a full time employment. During the trial period you’ll be paid $2,300 a month. In addition you’ll keep 8% from every money transfer processed. Total income, considering the current volume of clients will be up to $4500 per month. After you successfully pass the Trial Period, base salary will be increased up to $3000 per month. If you are interested in this job offer or would like to learn more please forward a filled out form with your updated contact information to us at: xxxxxxxxxxx@googlemail.com

http://softballfans.com/forums/showthread.php?t=766078

See ScamFraudAlert Blog

Advertisements

Canadian Pharmacy Spam – greenerrxhere.com

Buying Prescription Drugs Online Scam Alert 1
May Be Dangerous
Says Drug Enforcement Administration

DEA Logo - Buying Proscription Drugs

Click Here
National Association of Boards of Pharmacy (NABP)

Warning

“The Canadian Pharmacy, Canadian/European Pharmacy”, “Canadian Healthcare” and “US Drugstore” are brands of one of the most disgusting illegal online pharmacy group well organized CRIMINAL OPERATION of all times. “GREED” is the driving force behind this operation. Don’t let them fool you. They will never send you any genuine drugs. If they ever send anything at all, it may consist of literally anything from sugar to wall plaster, and they certainly don’t care that you will endanger your health by taking those dangerous counterfeit drugs.

Behind The Online Pharmacy

Today a shadowy, transnational network of illicit drug manufacturers, traders, doctors, Web site operators, spammers and criminals makes up the online pharmacy world.

Buying Medication Online Can Be Safe

There are many options out there when it comes to buying medication online. We have looked at websites after websites. Some sites feature offshore pharmacies that do not require a prior prescription. Others feature licensed pharmacies that do require a prescription from your doctor.
Before making a purchase that can effect your health, we strongly recommend that you consult your physician & DO NOT self-medicate. Ordering medication online can be a safe, money-saving experience. When done through licensed online pharmacies that require a prescription, you can be assured that the medication you get is exactly what you need to treat your ailments.

Department of Justice – Ryan Haight Act


Header Analysis

The following IP addresses were extracted from your headers:

IP Address Probable Country Additional Info
United States (Sunnyvale)* Whois Google DNSStuff Urgentmessage.org
123.3.85.97 Australia* Whois Google DNSStuff Urgentmessage.org
207.115.36.114 United States (Richardson)* Whois Google DNSStuff Urgentmessage.org
* The last IP listed is usually the originating IP address

Here is the text you submitted, with the IP addresses highlighted:

From Anthony Vazquez Mon Jan 25 07:13:48 2010
X-Apparently-To: Sun, 24 Jan 2010 23:13:38 -0800
Return-Path:
X-YahooFilteredBulk: 123.3.85.97
X-YMailISG:
19EtcBQWLDuV5hQtfXUs4W_XOuQFaBl8MayIiArzsPZsUBVdSYk93WOIDrs4
6NFO16j2EMM41hdNkb7Yqa4HQtNZINzOzPcY3FeJgl1wVmh1mLIvHm5b7X
CEwW_P4PDCpMXZnyP5BuD8deau0qgQk5fQyvPwvYnp1nJ_Fh5WwdRXHJXOCLijk8bvZ
hIhvc8VATxqYpgti6WszoXdRTI07rrdl7Ui8Bkl5C43vfUegLkZXKhWIQu819dipB1A6U0f
X-Originating-IP: [123.3.85.97]
Authentication-Results: mta108.sbc.mail.mud.yahoo.com from=gasnaturalsdg.es; domainkeys=neutral (no sig); from=gasnaturalsdg.es; dkim=neutral (no sig)
Received: from 123.3.85.97 (EHLO nlpi098.prodigy.net) (207.115.36.114)
by mta108.sbc.mail.mud.yahoo.com with SMTP; Sun, 24 Jan 2010 23:13:37 -0800
X-Header-Overseas: Mail.from.Overseas.source.123.3.85.97
X-Originating-IP: [123.3.85.97]
Received: from mnnxp52 (123-3-85-97.static.dsl.dodo.com.au [123.3.85.97])
by nlpi098.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with SMTP id o0P7Chjl005225;
Mon, 25 Jan 2010 01:13:33 -0600
Message-ID: <000701ca9d8d$f064d510$ae78fbc2@gasnaturalsdg.es>
Reply-To: “Anthony Vazquez” <vazquez_hg@gasnaturalsdg.es
From: “Anthony Vazquez”
To:
Subject: L0seWeight fast Here!
Date: Mon, 25 Jan 2010 01:13:48 -0600
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset=”windows-1250″
reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1807
Content-Length: 145


Order All of your Favorite Rx~Medications are at your Fingertips!
No_doctor_needed!
Browse our selection Today! -> http://greenerrxhere.com

Address lookup

canonical name greenerrxhere.com.
aliases
addresses 59.53.91.121

Domain Whois record

Queried whois.internic.net with “dom greenerrxhere.com“…
Domain Name: GREENERRXHERE.COM
Registrar: CHINA SPRINGBOARD INC.
Whois Server: whois.namerich.cn
Referral URL: http://www.namerich.cn
Name Server: NS1.NERWETY67.COM
Name Server: NS2.NERWETY67.COM
Name Server: NS3.NOPYUR87.COM
Name Server: NS4.NOPYUR87.COM
Name Server: NS5.MIOPER45.COM
Name Server: NS6.MIOPER45.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Updated Date: 11-jan-2010
Creation Date: 11-jan-2010
Expiration Date: 11-jan-2011

Last update of whois database: Mon, 25 Jan 2010 07:56:48 UTC

Queried whois.namerich.cn with “greenerrxhere.com”…
DomainName : greenerrxhere.com

RSP: China Springboard Inc.
URL: http://www.namerich.cn

Name Server: NS1.NERWETY67.COM
Name Server: NS6.MIOPER45.COM
Name Server: NS2.NERWETY67.COM
Name Server: NS3.NOPYUR87.COM
Name Server: NS4.NOPYUR87.COM
Name Server: NS5.MIOPER45.COM
Status: clientTransferProhibited
Status: clientDeleteProhibited
Creation Date: 2010-01-12
Expiration Date: 2011-01-12
Last Update Date: 2010-01-12

Registrant Name: JIA WENZHANG
Registrant Organization: JIA WENZHANG
Registrant Address: JIUXINGLU39
Registrant City: SZ
Registrant Province/State: JS
Registrant Country Code: CN
Registrant Postal Code: 350005
Registrant Phone Number: +86.0558857596
Registrant Fax: +86.0558857596
Registrant Email: naopume@126.com

Administrative Name: JIA WENZHANG
Administrative Organization: JIA WENZHANG
Administrative Address: JIUXINGLU39
Administrative City: SZ
Administrative Province/State: JS
Administrative Country Code: CN
Administrative Postal Code: 350005
Administrative Phone Number: +86.0558857596
Administrative Fax: +86.0558857596
Administrative Email: naopume@126.com

Billing Name: JIA WENZHANG
Billing Organization: JIA WENZHANG
Billing Address: JIUXINGLU39
Billing City: SZ
Billing Province/State: JS
Billing Country Code: CN
Billing Postal Code: 350005
Billing Phone Number: +86.0558857596
Billing Fax: +86.0558857596
Billing Email: naopume@126.com

Technical Name: JIA WENZHANG
Technical Organization: JIA WENZHANG
Technical Address: JIUXINGLU39
Technical City: SZ
Technical Province/State: JS
Technical Country Code: CN
Technical Postal Code: 350005
Technical Phone Number: +86.0558857596
Technical Fax: +86.0558857596
Technical Email: naopume@126.com

; Please register your domains at
; http://www.namerich.cn

Network Whois record

Queried whois.apnic.net with “59.53.91.121”…
inetnum: 59.52.0.0 – 59.55.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
changed: hm-changed@apnic.net 20050208
source: APNIC

role: JXDCB NET
address: DATA COMMUNICATION BUREAY
address: NO.39,YANJIANG NORTH ROAD,NANCHANG,JIANGXI
country: CN
phone: +86 791 6730586
fax-no: +86 791 6707755
e-mail: hostmaster@public1.nc.jx.cn
trouble: send spam reports to hostmaster@public1.nc.jx.cn
trouble: and abuse reports to hostmaster@public1.nc.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
remarks: http://www.online.jx.cn
notify: hostmaster@public1.nc.jx.cn
mnt-by: MAINT-IP-WWF
changed: hm-changed@apnic.net 20020812
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

DNS records

DNS query for greenerrxhere.com returned an error from the server: ServerFailure
DNS query for 121.91.53.59.in-addr.arpa returned an error from the server: ServerFailure

No records to display

— end

Information for ‘59.53.91.121

bestrxmeds2010.net
newrxmeds2010.net
rxmeds2010.net
myrxmeds2010.net
rxmeds2010now.net
myrefillrxsite.net
myrefillrxshop.net
myrefillrx.net
myrefillrxonline.net
myreplacerx.net
myrxrefill.net
yourrxrefill.net
yourfasterrefill.net
mymedsrefill.net
medsforu.net
ourmedsforu.net
restrictedmeds.net
hardtogetmeds.net
hardtogetrx.net
docsrx.net
yourgreatrx.net
greatrx.net
mygreatrxnow.net
bertyu90.com
mygreatrx0nline.com
mygreatrxt0day.com
newgreatrx0nline.com
greatrxt0day.com
greatrx0nline.com
2010-01-25
Minimal Risk Unverified Medium Risk High Risk
SmartFilter Category: Spam URLs
Make Category Suggestions Namerservers on IP: ns1.bertyu90.com
ns1.bosniahost55.com
ns1.newro34.net
ns1.ronarjun.com
ns1.xinufdek.com
ns2.bosniahost55.com
ns2.judret32.com
ns2.nshost-germany.com
ns2.qrizoqqan.com
ns2.xucadyif.com
ns2.yourrxmedsnow.com
ns3.derwes12.com
ns3.sesadtok.com
ns3.xisemzoj.com
ns4.mewop34.com
ns4.naludkoj.com
ns4.newnsjk8.net
ns4.rayegnus.com
ns4.retonsom34.com
ns5.lerkyb34.com
ns6.foluymat.com
ns6.kertuop56.com
ns6.mioper45.com
Domain
justaclickrx.com
thequickereasierway.com
fillyourrxxneedshere.com
mioper45.com
greenerrxhere.com
clickforyourrx.com
varietyofrxmeds.com
greatrxherejustclick.com
makethignseasy.com
endthesicknessrx.com
reliablemedsoneclick.com