Jump to content

MIG

Membera
  • Content Count

    161
  • Joined

  • Last visited

Everything posted by MIG

  1. MIG

    VirusTotal

    (imo) one of the "noice" features of having VT browser extension is, from within a spam email, [rightclick] any link, select "check with VT" Cheers!
  2. Another one for the toolkit: Dnslytics: IP Address and Domain Information https://chrome.google.com/webstore/detail/ip-address-and-domain-inf/lhgkegeccnckoiliokondpaaalbhafoa/related Cheers! 🦗
  3. Nodding head emoji needed again!😉 Chrome specific, yes, I was going to mention that, however, I thought it'd be clear to those who went a lookin. (for me) having an extension is easier than trawling thru a squillion bookmarks. & it's Sunday, pissing rain, 🐕&🦗 slightly cabin crazy! Cheers!
  4. Hey klappa. Thanks! 1st ❔, specific ONLY to MS Outlook mail, do you always REMOVE the ENTIRE 1st [Received >>>>> +0000] section BEFORE parsing? Received: from BY2NAM03FT039.eop-NAM03.prod.protection.outlook.com (10.152.84.53) by BY2NAM03HT214.eop-NAM03.prod.protection.outlook.com (10.152.85.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1709.13; Sat, 16 Mar 2019 15:51:29 +0000 Specific to your submitted url https://www.spamcop.net/sc?id=z6530636585z175385238ef9c81fac2a7bbb91908ac0z, the [REMOVE] instruction wouldn't make much/any difference as this email has travelled via MS. The rationale for the [REMOVE] instruction is well documented in Forum posts, I'll drag some up for you & post back. 2nd ❔: (My understanding was we were addressing: topic/35014-what-to-do-with-amazon-hosted-spammers) so, forgive me if I'm confused, but, are your concerns more to do with the process/reporting methodology or ? 3. "instead of reporting them as sex spammer use phishing e-mail instead?" I agree with Petzl, use both. 4. Do you add [Notes] to the addresses SC parser has identified? 5. When I forward the phishing/spam email, I always include, in the subject line [offending ip address, offending ip address: "Network being used by criminals to distribute child porn"], or whatever the criminal activity is. More soon, if you have more SC URLs please continue to post to Forum. Cheers!
  5. MIG

    VirusTotal

    For all who use Virus Total, browser extensions are available: https://support.virustotal.com/hc/en-us/articles/115002700745-Browser-Extensions & (im-humble🦗opinion) are very handy😊 Cheers!
  6. Another one for the toolkit: http://www.millersmiles.co.uk/ 🦗😊
  7. Hey klappa, As you receive the emails & process them via SpamCop can you post the tracking URLs to this forum please? Cheers!
  8. https://www.scamwatch.gov.au/ reportATsubmitDOTspamDOTacmaDOTgovDOTau https://www.idcare.org/contact/report-phishing reportphishingATidcareDOTorg https://www.consumer.ftc.gov/ spamATuceDOTgov & Petzl has mentioned phishing-reportATusDASHcertDOTgov Does it really help? Scamwatch: quote "The Australian Communications and Media Authority (ACMA) receives information about spam via complaints and reports. This information informs the ACMA’s compliance and enforcement activities. Reporting is as simple as forwarding the message you have received to the ACMA’s spam Intelligence Database. Forwarding spam reports does not automatically stop the receipt of unwanted emails or SMS messages. Complaints, submitted by completing the ACMA’s online complaint form about a message you have received, allow you to provide important background information, as well as consent for the ACMA to disclose your electronic address to the sender in the course of any enquiries that the ACMA makes. Where the ACMA has been able to identify the sender of an email or SMS message, once per month the ACMA sends businesses a letter advising them that that a complaint and/or report has been received about them. This assists the company to review their business processes to ensure that they are meeting the requirements of the spam Act 2003 (spam Act). If the ACMA continues to receive reports and/or complaints about a company, the ACMA may commence a formal investigation. Under the Privacy Act, the ACMA cannot disclose a recipient’s email address without their consent. Because of the manner in which spam reports are received, the ACMA is unable to obtain appropriate consent to disclose a recipient’s address to the senders of those messages. As such, the ACMA is not able to request that your address be unsubscribed on the basis of spam reports alone. This is only possible when a complaint has been submitted to the ACMA, as submission of the complaint form establishes consent to disclose this information. spam reports are stored in the spam Intelligence Database. The ACMA advises consumers not to alter emails when forwarding them as reports as this may interfere with the results when filtering for particular emails during the course of an investigation. If a consumer wishes to make specific comments about an email, we recommend that they lodge a complaint. In addition, the information gathered from complaints and reports is used as part of a wider education process. The ACMA: provides consumers with information on how to reduce the amount of spam they receive informs Internet Service Providers (ISPs) about their obligations under the Act produces and distributes comprehensive print publications and online material that offer detailed information and practical tips on avoiding and reducing spam, meeting the requirements of the spam Act and reporting spam." unquote FTC: quote "The FTC enters consumer complaints into the Consumer Sentinel Network, a secure online database and investigative tool used by hundreds of civil and criminal law enforcement agencies in the U.S. and abroad." unquote I'm sure there's others, as I come across them I post to the Forum. Cheers!
  9. Hey freewheeling, Also, contact SpamCop Admin direct: go to: [ https://www.spamcop.net/w3m?action=contactform&reason=Feedback&details=Can't+log+in%2C+can't+cancel+account ] Fill out online form: [Handle] not essential, [Email address] essential. (provide SCA with an email address you can log in too so SCA can communicate with you). [pertinent details] essential >> Spamcop.net account has been hacked. Spamcop.net account unable to log in. Desired outcome: Reset account, cancel account.... etc. (Whatever would be the best possible solution for you) SCA are very responsive. ------------------------------------------------------------------------------------------------------------- I'm assuming the [backup email account] is not a SpamCop acc but something like Gmail, Yahoo, Outlook? Does this account have a separate "recovery" account specified? If there's any way of recovering this [backup email account] , then securing it with 2 factor authentication, e.g. Ph#, Pin #, so that, moving forward, whether you continue to use SC or not, you have use of your mail accounts without issue. Cheers!
  10. https://www.spamcop.net/sc?id=z6522591850zc2a3621e8fc8ca206a98e22ebd112769z relay6.hosting.reg.ru rejected your message to the following email addresses: onyschenko_pbATtechcomDOTkievDOTua Anyone care to share some sage wisdom with grass🦗hopper please? Cheers.
  11. Hey Robibue, Thank you! grasshopper terribly grateful. Didn't know SC-TRACK feature, stoked! Nor the significance of MNT-NFORCE, double stoked! grasshopper bowing deeply. #Respect!
  12. Hey RobiBue, Thanks! grasshopper jumping around excitedly, grasshopper loves new toys, 'n grasshoppers jump irrespective unless squashed. Question re (https://www.webconfs.com/http-header-check.php) was your very last url: https:SLASHSLASHmmwaq.chosenlove.comSLASHcSLASHc44213fa2bf7a303? ? & did you at any point get to one of your faves ( AmazonDOTcom ) ? & final ?, I can't track how you got ( knownsrvDOTcom ), would you be so kind as to provide a tad more education for grasshopper please? Cheers!
  13. Hey jimmywalter, May I ask, are you using Outlook application or Outlook via a web browser? & Are you able to post a SpamCop Report URL, it will start with https://www.spamcop.net/sc?id= , please? Cheers!
  14. Hey klappa, It is frustrating. With all spam I get I forward the actual mail to 3 regulatrory authorities (not sure this does anything tangible other than build up their databases), however & also, with Amazon I always forward to them, they respond with a request for more information, which I provide and within 48 hrs, 99% of the time they have actioned, with followup advice to me to report back if the issue continues for the specified "offender". I track very carefully, I've only had to revert 7 times out of 150 events. I never "create case on Amazon". Just out of curiosity, are you able to provide a SpamCop Report URL please? Cheers!
  15. MIG

    Id Care

    Another reporting address to add to your kit: reportphishingATidcareDOTorg Source: https://www.idcare.org/contact/report-phishing Other resources available as well. Happy fighting😊
  16. Wide eye'd admiration RobiBue, impressive! And thanks! You've given grasshopper a new toy! Happy happy joy joy! Cheers!
  17. All good lisati, Coffee deficiency has many negative side effects😃 Cheers!
  18. Hello MisterBill, 1 & 2: Absolutely, however, if, after the 1st, 2nd etc. parse, the results are the same., i.e. not what's expected/desired, fully clearing/swapping browser/s "sometimes" may result in a different/desired outcome. SpamCop imbeds cookies (like every www), flushing may help; bit like a dunny😄! If fully resetting any browser, always remember to save/export settings & bookmarks prior to reset. 3. Could we have the SpamCop report URL please or is it the SpamCop report URL you've already shared? 4. In the original received email do you actually see "http://131. 107.193.85joanny.etc" or is that url visible if the mouse is hovered over a image/imbedded link? Do you have another received spam email with the same issues & subsequent SpamCop parser results please? Cheers!
  19. Hey Lisati, My apologies but I wasn't suggesting Scott_R post a screenshot, rather I posted a screenshot to help show what the tracking url looked like... Being a grasshopper (visual, not known for reading ability) & having run into this wall when posting a SC Forum question... grasshopper thought it may help. Sorry if I confused you. Cheers!
  20. MIG

    Profile picture

    Does anyone know how to change http://forum.spamcop.net/profile/ image please? Grasshopper wishes to have editing profile doesn't appear to be where mods can be done. 😊 Cheers!
  21. MIG

    Profile picture

    Thank you Master😃! grasshopper very happy, proving how little it takes to please grasshoppers😁😁!
  22. MIG

    Profile picture

    Merci Master! Grateful grasshopper now workin on reducing image to be <100kb Cheers!
  23. Hello MisterBill, Additional to all of the above (from verified Masters) & particularly if, when I parse spam via SC, if it doesn't "diagnose" embedded links, I use Virus Total. Referring specifically to http://131space.107.193.85joanny.info.boyman.space/205/3-2-2019-clickersin [VT result] https://www.virustotal.com/#/url/98a7e1fda3fdb40f9b964a20315257fcbd180c2d1807b5bc8630a1dbbc7762ca/details [https://www.virustotal.com/#/ip-address/69.42.218.2 then, ('cause I'm only a grasshopper ) I hop across to: [TALOS] https://www.talosintelligence.com/reputation_center/lookup?search=69.42.218.2#whois -------------------------- Apropo to Lking's [GrandMaster status I believe] last post, sometimes, if I cancel the parsed results, clear browser cookies, cache & history, re-parse, a more accurate outcome may be presented. It's Sunday, grasshoppers don''t drink coffee, nevertheless other mundane tasks await. Cheers!
  24. MIG

    🤓aiWeirdness🤓

    http://aiweirdness.com/ Light entertainment for 🤓s & grass🦗hoppers 😉
  25. http://www.all-nettools.com/toolbox/url-deobfuscator.php can be handy as well. Cheers grass🦗hopper
×