| View previous topic :: View next topic |
| Author |
Message |
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2859
|
 Posted: Wed Jul 23, 2008 5:08 am Post subject: |
|
|
I get lots of spam from Russian tax preparers, realtors, gift basket sellers, and all kinds of businesses that would be considered too respectable to spam in other countries.
|
|
| Back to top |
|
 |
pwillener
SRT Trainee
Premium Member
Joined: Apr 17, 2006
Posts: 1813
Location: Japan
|
| Posted: Wed Jul 23, 2008 5:24 am Post subject: |
|
|
It's a redirect for a spammed site (http://www.zarubli.com/). I get a lot of Russian spam at one account, and it seems that this Russian spam offers more "real" things than the fake goods that are offered in most English language spam.
Still, spam is spam, and it's not the first time I have received spam with redirects to this site, or inline images pointing to this site.
|
|
| Back to top |
|
|
pwillener
SRT Trainee
Premium Member
Joined: Apr 17, 2006
Posts: 1813
Location: Japan
|
| Posted: Mon Aug 25, 2008 2:10 am Post subject: |
|
|
Domain: sexfriend-club.net
Registrar: DOTSPEEDY LLC DBA DOTSPEEDY.COM
Contact: info@dotspeedy.com
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2859
|
| Posted: Mon Sep 01, 2008 5:23 pm Post subject: |
|
|
domain=dcpai.com
(phishing redirector at http://www.dcpai.com/zero/include/main.html, though the target is dead)
nameservers=ns.intercom.com.cn, ns1.intercom.com.cn (which appear to be registrar nameservers, registered in 1997)
Registrar = 网络中心 = CNIC
contact address = webmaster@cnic.cn
|
|
| Back to top |
|
|
efa
Lieutenant
Joined: Aug 31, 2007
Posts: 163
Location: Italy
|
| Posted: Tue Sep 02, 2008 8:22 pm Post subject: |
|
|
Domain : "primecazino.info" IP:
Registrar : "Regtime Ltd. (R455-LRMS)"
Registrar To: "sozonov@regtime.net"
Registrar Cc: "support@regtime.net"
NameServer[1] : "dns.afilias.info" IP:
NS[1] Registrar : "Afilias Ltd. (R145-LRMS)"
NS[1] Registrar To: support@afilias.info
|
|
| Back to top |
|
|
efa
Lieutenant
Joined: Aug 31, 2007
Posts: 163
Location: Italy
|
| Posted: Tue Sep 02, 2008 8:28 pm Post subject: |
|
|
Domain : "lotto.nl" IP: 80.79.193.117
Registrar : "Info.nl/hf b.v."
Registrar To: "ta@info.nl,contact@info.nl"
|
|
| Back to top |
|
|
Nolimit
Trooper
Joined: Jun 13, 2007
Posts: 16
Location: Netherlands
|
| Posted: Thu Sep 04, 2008 8:03 am Post subject: registrant: Stichting de Nationale Sporttotalisator |
|
|
| efa wrote: | Domain : "lotto.nl" IP: 80.79.193.117
Registrar : "Info.nl/hf b.v."
Registrar To: "ta@info.nl,contact@info.nl" |
This registrant: Stichting de Nationale Sporttotalisator is a very well known organisation and looking at:
Date registered: 20-07-1995
Record last updated: 29-11-2007
I cannot imagine that they would spam anybody.
The Dutch authorities would take action immediately because the laws for gamble companies are very strict here.
If there are samples of the spammed messages I would be interested.
Nl.
|
|
| Back to top |
|
|
efa
Lieutenant
Joined: Aug 31, 2007
Posts: 163
Location: Italy
|
| Posted: Thu Sep 04, 2008 5:17 pm Post subject: Re: registrant: Stichting de Nationale Sporttotalisator |
|
|
| Nolimit wrote: |
I cannot imagine that they would spam anybody.
The Dutch authorities would take action immediately because the laws for gamble companies are very strict here.
If there are samples of the spammed messages I would be interested.
|
I cannot understand if this is a scam email that use 'lotto.nl' to gain credibiliy only to silly people, or if it is a real spam spamvertizing 'lotto.nl'
In any case this is the tracking URL of the spam:
http://www.spamcop.net/sc?id=z2217387031z4cf8f026c5d6308e0389dc6d9340d1d3z
Also see the tracking URL of another one reporting 'lotto.be':
http://www.spamcop.net/sc?id=z2213152252z938ccf3cb35569e8d8bac3000ffcca30z
|
|
| Back to top |
|
|
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1087
Location: USA
|
| Posted: Fri Sep 05, 2008 3:29 pm Post subject: Re: registrant: Stichting de Nationale Sporttotalisator |
|
|
| efa wrote: | | this is a scam email that use 'lotto.nl' to gain credibiliy only to silly people |
That's exactly it.
Notice how the header(s) (within the spam body, not the source stuff) contain a "company name" (likely faked....or possibly real, who knows), telephone, fax, and e-mail address(es)?
Well, they are hoping the victim would call, fax, or e-mail their private information to those addresses....
It's a classic 419/deposit scam/advance-fee fraud scam.
There are other sites that investigate these spams more thoroughly, with attempts at "baiting" the criminal and wasting their time ;)
But, in this case, you could probably contact Yahoo!, Inc. regarding the one address, and probably get their data-dump address closed for criminal activity ;)
As far as the other addresses; @mac.hush.com and @skyexp-loterie.co-mail.com - I don't know what those abuse policies are...
|
|
| Back to top |
|
|
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1087
Location: USA
|
|
| Back to top |
|
|
efa
Lieutenant
Joined: Aug 31, 2007
Posts: 163
Location: Italy
|
| Posted: Tue Sep 30, 2008 7:58 am Post subject: |
|
|
Domain: casinomonter.com
Registrar : "ONLINENIC, INC."
NameServer[1] : "ns1.barkdns.com" IP: 220.248.185.110
NameServer[2] : "ns2.parkdns.mobi" IP:
NameServer[3] : "ns3.88wow88.com" IP: 122.224.34.194
NameServer[4] : "ns4.drumdns.com" IP: 61.157.96.141
NS[1] Registrar : "XIN NET TECHNOLOGY CORPORATION"
NS[2] Registrar : "XIN NET TECHNOLOGY CORPORATION"
NS[3] Registrar : "XIN NET TECHNOLOGY CORPORATION"
NS[4] Registrar : "Xin Net Corp. (120)"
check if Complainterator can find "Xin Net Corp. (120)" contact emails for "parkdns.mobi"
Thanks, updated. See
http://www.spamtrackers.eu/downloads/Complainterator/contacts.complainterator.txt
|
|
| Back to top |
|
|
Tromso
Corporal
Premium Member
Joined: May 25, 2007
Posts: 59
|
| Posted: Sat Oct 11, 2008 4:05 am Post subject: |
|
|
Spam Domain: phc-consulting.org
Name Server: egns.ir [has the problem]
Registrar is IRNIC for (.ir) ccTLD Registry
Registrar website: http://www.nic.ir/Home
(see left-side frame for contacts and tools whois server)
Listed Contact Addresses for IRNIC:
info AT nic.ir
support At irnic.ir
Complainterator has problems finding the Registrar info for egns.ir as the whois for this ccTLD does not have a Registrar line (it does mention using "whois.nic.ir") and Complainterator does not yet seem to know .ir.
I've not had this spam myself and have not tested the above suggested contact addresses. I was helping a new user in another thread with this spam domain, for further info see:
 /p1114262-Need_help_finishing_complainterator_didnt_recognize_result.html#1114262
Spam is part of a scam, there's a very good antispam report on phc-consulting.biz which also uses egns.ir at:
http://www.bobbear.co.uk/phcconsulting.html
OK, IRNIC fixed in next release. Thanks
|
|
| Back to top |
|
|
efa
Lieutenant
Joined: Aug 31, 2007
Posts: 163
Location: Italy
|
| Posted: Sat Oct 18, 2008 9:09 am Post subject: |
|
|
Domain : "canadapharmacymall.com" IP: 222.83.10.134
Registrar : "XIAMEN ENAME NETWORK TECHNOLOGY CORPORATION LIMITED DBA ENAME CORP"
Registrar To: "www@ename.com,zj@ename.com"
Registrar Cc: "yyc@ename.cn"
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2933
|
|
| Back to top |
|
|
pwillener
SRT Trainee
Premium Member
Joined: Apr 17, 2006
Posts: 1813
Location: Japan
|
| Posted: Tue Oct 21, 2008 2:30 am Post subject: |
|
|
I am getting this reply for every complaint sent to Network Solutions
| Quote: | Dear Valued Network Solutions Customer,
Thank you for contacting Network Solutions. We are committed to creating the best customer experience possible. One of the first ways we can demonstrate our commitment to this goal is to quickly and efficiently respond to your recent e-mail.
We apologize for the inconvenience. Please submit your issue to abuse@networksolutions.com.
We hope this update has been helpful. However, if you have any additional questions, please don't hesitate to contact our Customer Service Department.
As a Network Solutions Customer, you are entitled to unlimited access, day or night, to technically skilled Customer service representatives who are dedicated to delivering any level of support you may need.
To reach us, call 1-888-642-9675. If you are calling from outside the U.S. or Canada, please call 1-570-708-8788. Or, e-mail us at Customerservice@networksolutions.com. If you need to contact us to discuss this issue further please refer to Activity # 1-61OI05.
Thank you for choosing Network Solutions.
Sincerely,
Hazel005
Network Solutions Technical Support Specialist
(c) Copyright 2008 Network Solutions, LLC. All rights reserved. |
Basically they are asking us not to send complaints to the 'Customerservice' address any more. I've deleted the address from my contacts file.
Updated 31 Oct
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
