This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] broken contacts
- Previous message (by thread): [anti-abuse-wg] broken contacts
- Next message (by thread): [anti-abuse-wg] broken contacts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Lou Gogan
lou at lougogan.com
Fri Nov 4 22:07:57 CET 2011
Hi Michele On Friday 04 November 2011 19:04:17 you wrote: > > On 4 Nov 2011, at 19:37, Lou Gogan wrote: > > > Hi > > I hope I am not out of place here, but this is my experience today and the > > problem I find I have because of the broken contacts information via the whois. > > > > This morning I received a fraudulent spam claiming to be from the Bank of > > Ireland with an attached form to be filled in. I was going to delete it as > > usual but decided that these types of email fraud need to be reported in order > > to protect others. > > In the case of a phish you should report it to the bank. Didn't think of that. Doh! Though I still think a direct contact with the IP would close down that fraudulent link immediately. > > > > I checked out the form and found the form contact link: > > <a href="http://masserialojazzo.it/wp-admin/user/login.html">MBNA Online</a> > > > > $ host masserialojazzo.it > > masserialojazzo.it has address 46.252.206.1 > > > > And then I whoised > > > > $ whois 46.252.206.1 ~~~ snip ~~~ > > As you may notice, there is no suitable email contact at all. (Writing a > > letter and posting it off didn't seem a useful option!) > > > > This was a email fraud. I, as a reasonable individual trying to do my civic duty > > and possible prevent someone with less 'cop on' from being scammed, was utterly > > wasting my time trying to do anything. There was no abuse contact. > > Did the email actually come from that IP or from another one? According to spamcop: virginmedia.com - I sent virginmedia.com an email report > > If RIPE and ICANN and others want to do anything at all regarding spam, and > > scams and net abuse etc one of the first actions should be to ensure there are > > correct contacts for every ISP so at least scams and illegal activity can be > > reported. > > There has been lengthy discussion on this subject on this mailing list and elsewhere > > > I would also suggest that a default abuse address be insisted upon eg > > abuse at wherever.doh as I have found many a frustrating experience emailing a > > named administrator was has left the company and whose email is dead. > > > > Perhaps someone was scammed by this same email today. A quick report and > > possibly a quick shutdown of that link may have achieved something positive. > > ~~~ snip ~~~ Regards Lou Gogan Saula, Achill, Co Mayo, Ireland. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ LINUX - bringing joy and creativity to computing. Registered Linux user number 478188 www.lougogan.com > Mr Michele Neylon ~~~snip ~~~ > http://www.blacknight.com/ > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty > Road,Graiguecullen,Carlow,Ireland Company No.: 370845 > >
- Previous message (by thread): [anti-abuse-wg] broken contacts
- Next message (by thread): [anti-abuse-wg] broken contacts
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]