Welcome and happy reading!

Since, like anyone else, I receive tons of scam emails and snail mail letters, I decided to present here some of these. All of these (and many more which I just delete) are scams. This means, what the senders have in mind is to racket one of us. And according to what I've seen, they do succeed quite often.

If you have similar letters in your mailbox, either disregard or play with the person knowing that you can't give him (or her) any information about:

  1. Your bank account,
  2. Your address — or any valid address if that matter,
  3. Your family, and
  4. any other information that you judge private or even intimate.

Ha! I say "Your"... even if you don't like your neighbor at all, don't give his information either. The Internet leaves tracks (hackers in the US are being caught one after another!) and you would certainly be in even bigger trouble.

In the meantime, I hope you will enjoy reading these letters as I do myself once in a while. 8-)I do not always add comments with the letters since I usually don't have time to do so, but there would often be a lot of joke to tell!

Soap Bubbles


Latest Scams
  • Last update: 02/10/2014

    Alright... I'm posting this one because:

    The email was sent by Katherine, the Reply-To asks me to send my reply to Tarah, and the email is signed Isabelle. Someone trying to make it look real here?!

    Yeah and the text / HTML messages are completely different, and they both had a large footer about sandwiches or something...

    Return-Path: <58231-20885257714-228-john=m2osw.com@bounce.meanmount.eu>
    X-Original-To: john@m2osw.com
    Delivered-To: alexis@m2osw.com
    X-Greylist: delayed 601 seconds by postgrey-1.34 at jc; Mon, 10 Feb 2014 02:05:20 PST
    Received: from smtp.meanmount.eu ...
  • Last update: 02/09/2014

    Can someone tell me what the UNCC and the PCBC are?

    Oh! Wait, it's defined in the email below... PCBC... yeah! Good one 8-)

    -------- Message original --------

    Sujet: ***SPAM***Re: Kindly get back to us immediately.
    Date : Sat, 8 Feb 2014 23:28:29 +0800
    De : JPMorgan Chase Bank <jpmorgan@pisem.net>
    Pour : undisclosed-recipients:;


    JPMorgan Chase Bank NA
    270 Park Avenue
    New York 10017-2070
    Good day,
    This department of JPMorgan ...
  • Last update: 02/01/2014

    I thought this was an interesting one. Scam to me has generally been in English or some other Latin language from a so called rich country (if you look at their debts, no country is richer than the so called poor countries; but anyway...)

    This one is in Arabic and tells me that my email was chosen to receive $880,000.00. A scam for sure, but that one is intended for someone who can read Arabic and has enough money to pay for all those hidden fees.

    Oh! Yeah! On top of that it says "testar" as the person who forwarded (yes forwarded) that email did not clean it up at all. This is how ...

  • Last update: 11/24/2014

    Had to put this one up... Too funny! The guy says I have a 3.5 USD transfer waiting... and that instead he's going to send me a Corporate Business Card with the money as the transfer failed. A wooping THREE dollars and FIFTY cents? I definively want to pay DHL whatever they ask to get that corporate card. wink

    X-Original-To: alexis@m2osw.com
    Delivered-To: alexis@m2osw.com
    Received: from smtp301.alice.it (smtp301.alice.it [])
    	by mail.m2osw.com (Postfix) with ESMTP id 70D84CE000F
    	for ; Thu, 16 Jan 2014 17:46:05 -0800 (PST)
    Received: from feu23-alice ...
  • Last update: 01/15/2014

    Today I received this spam email. In itself it was a safe one. That is, it was not a person trying to steal directly from my bank account. Just totally unwanted advertising.

    However, what I found rather interesting is the fact that the person created an HTML form to show a link. « So what? » will you ask... Well... When you put your mouse over a link, you expect to see the destination in your status bar at the bottom (I'd hope you do such thing, you don't?!) However, a button in a form does not show you any links. You have to read the HTML if you want to know the ...

  • Last update: 01/03/2014

    Had to put this one here!

    Look at that... They put a picture from Bing Earth or whatever that stuff is called (I never use Bing...) and that is to show me where the user who accessed by account with Firefox was at the time of the attack.

    I wonder how many people fell for it. Hay! The banner at the top is real. It comes straight from Bank of America's website.

    ¨We'll help you secure your Account¨

    Return-Path: <info@mail.com>
    X-Original-To: alexis@m2osw.com
    Delivered-To: alexis@m2osw.com
    Received: from tbjjbihbhfbcc.turbo-smtp.net (tbjjbihbhfbcc.turbo-smtp.net ...
  • Last update: 08/13/2017

    Hmmm... We have a contact form on our main business website and we received this spam email today. I'm not too sure what that accomplishes, really. Okay, it includes a link and maybe the sender was hoping for a reaction so we'd click on it. But really... read that email, it's just too funny.

    Return-Path: <www-data@mail.m2osw.com>
    X-Original-To: alexis@m2osw.com
    Delivered-To: alexis@m2osw.com
    Received: by mail.m2osw.com (Postfix, from userid 33)
        id 38C6BCE22D7; Tue, 22 Oct 2013 08:18:22 -0700 (PDT)
    To: alexis@m2osw.com
    Subject: [Contact] One ...

  • Last update: 10/12/2013

    This is a first on my end. An actual Drug Dealer who contacts me to offer his dirty money upon his death. He! He! That happens every day, right.

    The email address was nicely formatted (proper mouse cursor & text color!) Surprising!

    Return-Path: <nolangreen@hotmail.com>
    X-Original-To: alexis@m2osw.com
    Delivered-To: alexis@m2osw.com
    Received: from hdcpartners.com (mail.hdcpartners.com [])
        by mail.m2osw.com (Postfix) with ESMTP id 6E0FBCE2279
        for <alexis@m2osw.com>; Sat, 12 Oct 2013 05:49:45 -0700 (PDT)
    Received: from skozzy ([] RDNS ...
  • Last update: 07/06/2017
    There is a new one. This is from a French company if we believe the signature at the bottom (Saint Ouen) that is attempting to sell us extra domain names just because. I have had spontaneous renewal warnings and offers to get hosting or websites, but I don't recall a consolidation before. That's funny though because I purchase my domains via GoDaddy.com and they should know that GoDaddy.com already offers you to purchase all the .net, .org, .lol, etc. so if someone was to do that, they'd do it then, wouldn't they?!
  • Last update: 05/11/2013

    "La garde des contacts" -- mise à part que je n'ai jamais entendu cette expression (peut-être est-ce Canadien?! Ha! Ha!), il me semble que s'il s'agit du tout première message entre nous, dire que garder contact est important me semble un peu prémature, non?!

    And of course, I do want to talk with someone named "CRUELLE"... 8-)

    Return-Path: <riccardo.narcisi@alice.it>
    X-Original-To: alexis@m2osw.com
    Delivered-To: alexis@m2osw.com
    Received: from smtp303.alice.it (smtp303.alice.it [])
        by mail.m2osw.com ...