Hello! It’s been awhile but I have seen this weird japanese scam asking that I will get 500 EUR because of a prize that I won and that a person will email me soon about who knows what. So I said to he/she in japanese using Google Translate “Well, I have never inquiried anything about this offer.” Remember that I never even asked him about such thing. The URL is called sun45.jp and you can see that it is all in Japanese. Their company is called the Institute of Sunshine located in Japan since he/she had given me the address to where their headquarters (I forgot where they were from but I am pretty sure it says it somewhere on their website). I am not even sure how they even got my email address as I never emailed them in the first place since I do not speak Japanese. Please investigate this scam!
P.S It is weird because there is russian text in the email even though they said that they were from Japan. It only showed Russian language when they typed about the free 500 EUR even though I am American. The rest was all in Japanese....
Whois Information Provided by whois.domaintools.com
Domain Information:
[Domain Name] SUN45.JP
[Registrant] Yo Inoue
[Name Server] ns1.value-domain.com
[Name Server] ns2.value-domain.com
[Name Server] ns3.value-domain.com
[Name Server] ns4.value-domain.com
[Name Server] ns5.value-domain.com
[Signing Key]
[Created on] 2009/12/27
[Expires on] 2020/12/31
[Status] Active
[Last Updated] 2020/01/01 01:05:08 (JST)
[Postal code] 530-0011
[Phone] 06-7634-2727
[Fax] 06-6374-0121
Looks like they are expanding. I had a whole bunch of my accounts compromised recently, got an email demanding money to restore, which I answered saying I forwarded the message to the FBI. I didn’t actually. I ran a virus scan and found 20 trojans. Today I got an email As follows:
Received: from 10.197.39.105
by atlas212.free.mail.bf1.yahoo.com with HTTP; Thu, 10 Dec 2020 03:30:21 +0000
Return-Path: <[email protected]>
Received: from 61.5.158.182 (EHLO smtp.cyber.net.pk)
by 10.197.39.105 with SMTP; Thu, 10 Dec 2020 03:30:21 +0000
X-Originating-Ip: [61.5.158.182]
Received-SPF: error (error in processing office.jp)
Authentication-Results: atlas212.free.mail.bf1.yahoo.com;
dkim=unknown;
spf=temperror smtp.mailfrom=office.jp;
dmarc=unknown header.from=office.jp;
Reply-To: <[email protected]>
From: “RESTITUTION PAYMENT”<[email protected]>
Subject: RE: Restitution For SCAM Victims
REF: FLP-IP/2422-LW 10089/0877
RE: Internet Crime Victim Restitution
INTENDED ONLY FOR: (VICTIM,S EMAIL)
Our records indicate that you are eligible to receive restitution for
one or more of the internet fraud schemes youve been a victim of. See
necessary case details below. The perpetrator and their group of
co-offenders had over 2000 aliases originating from Russia, Nigeria,
Ghana, London and many more masking their original identities.
Our records indicate that you have been a victim of fraud because your
contact details were found on several devices belonging to the
perpetrator. Following court orders, this makes you eligible to
receive restitution for damages caused by their crimes. Being that
(SUBJECT) operated on an international scale and victimized thousands
of individuals and companies of several nationalities, we determined
that the investigation had to be kept private and away from public
media to maintain unitary judgment and integrity in international
relations. Because this was a private investigation, all victims
(Including Yourself) were represented by a professional
court-appointed public defender.
An(International Law Firm) with over 10 years of experience on similar case.
After having consistently pursued the (SUBJECTS) case for two years,
successfully secured restitution payments of USD$ 4.5 Million United
States Dollars for each victim. Restitution are ordered to be paid...
I thought it must be a scam so I searched whois and the result:
[ JPRS database provides information on network administration. Its use is ]
[ restricted to network administration purposes. For further information, ]
[ use 'whois -h whois.jprs.jp help'. To suppress Japanese output, add'/e' ]
[ at the end of command, e.g. 'whois -h whois.jprs.jp xxx/e'. ]
Domain Information:
[Domain Name] OFFICE.JP
[Registrant] OFFICE.JP
[Name Server] ns1.muumuu-domain.com
[Name Server] ns2.muumuu-domain.com
[Signing Key]
[Created on] 2001/03/26
[Expires on] 2021/03/31
[Status] Active
[Last Updated] 2020/04/01 01:05:09 (JST)
Contact Information:
[Name] Whois Privacy Protection Service by VALUE-DOMAIN
[Email] [email protected]
[Web Page] https://www.value-domain.com/
[Postal code] 530-0011
[Postal Address]
[Phone] 06-7634-2727
[Fax] 06-6374-0121
I googled the phone number and that is how I found this site and post. Same phone numbers as in the OP