petzl
-
Content Count
2,192 -
Joined
-
Last visited
Posts posted by petzl
-
-
6 hours ago, db17 said:not seeing the user notification field
Only shows before spam is submitted
87.253.234.133 "abuse[AT]mailjet[DOT]com" may bounce? -
On 4/15/2019 at 5:31 PM, klappa said:I won't give up. Any instances i could forward these sex spams to to let them know Amazon gives leeway to child porn?
That's my attitude also this is their reply with my "preamble"
https://www.spamcop.net/sc?id=z6532210969z9e3601591d7bb95c694f6f8edf765dcczThank you for submitting your report to Amazon Web Services. We have received your report and will investigate the issue. If you wish to provide additional information to us or our customer regarding this case, please reply to this email. The details of your report are as follows: 52.10.94.116 (Administrator of network where email originates) abuse[AT]amazonaws[DOT]com Child porn spammer pictures under 18 or made to look under 18 NO PROOF OF AGE available! SENT TO MINORS > ****************headers******* -
3 hours ago, klappa said:I've sent them. Also since i don't trust report_spam at hotmail dot com which is being used by Spamcop I also forward the spam directly to abuse at microsoft dot com. Outlook is a spam service nowadays nothing more.
Spammer is using throwaway email accounts
AmazonAWS is offering free web trails this clown will stick there (probably has many) till AmazonAWS bother
They want full headers copy and pasted with IP's before even bothering. And they contact these criminals show your details.
Always report it as Child porn spam site. That gives Amazon an obligation and expense to remove it.
pictures under 18 or made to look under 18. NO PROOF OF AGE available!
Include phishing-report[AT]us-cert[DOT]gov in "to field" as well AWS can see this. -
1 hour ago, albert2 said:So Why does munged reports still allow to spammer to identify the reporter ?
Don't see that it does?
My Gmail spam has dropped latley also? Seems that, that gets caught is marked "suspicious" with warning not to proceed -
14 hours ago, klappa said:If you already forward your spam to their abuse department why do you also use that signature?
Abuse desks are not always known to be the brightest crayons in the pack
AmazonAWS for instance! They require a "copy and past" then contact the spammer they call a customer with a free trail account
However their Russian crime gang spamming me only uses throwaway email address, web sites, with fictitious names etc.
Gmail and their "cloud" finally seem to of caught on and mark their spam as dangerous (which it always was and is)
Quite a few a upset about a EML attachment rejecting it?
Yet others, the clever ones insist on it, China for instance the REAL Peking abuse address! -
6 hours ago, JohnS said:Message is larger than maximum size, 50000 bytes. Truncate?
If SpamCop did not truncate everyone would be in a queue so it will only target source of spam to speed up processing for others
Of course you can forward as attachment to abuse desk from your email account which I often do (spammers have my email address at anyrate)
https://mailsc.spamcop.net/spamgraph.shtml?spamstats
At bottom of report I put this in as a signatureoffending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader -
1 hour ago, Lking said:Got a spare room?
On promises by political parties?
The hope that this happens disappears the day after vote.
A sucker is born every minute "P. T. Barnum, " -
2 hours ago, Lking said:Yea what a deal. I took the snow picture two weeks after it started here. Wasn't really in the mood.
If we "northerners'" are just starting, Sydney is just returning to normal right? Well normal for Sydney
We are in "political" mode with very fast trains, low low taxes, pure air, all for free?
Don't help with Microsofts clock being a hour fast went to bed early? -
Windows 10 is a week early for Sydney Daylight saving (thought I was a hour late)?
-
8 hours ago, bobk said:Should I continue to report the spams?
Are the new ones just there to track me?
What to do?
Keep reporting, places like Facebook sell your email addresses to anyone who buys them.
I doubt if colocrossing is dobbing you into spammer.
Once your email address is taken it is then sold to other spammers so going from 1 spam to many is "normal"
The best defense is attack.
There is a bit of a learning curve.
A good and easy effective tool for doing this is a free SpamCop account
Once set-up you can simply send to SpamCop spam "forward as a attachment" for reporting
You will be given a supersecret reporting address so do not divulge this to anyone,
Always in this discussion group disable/change the @ to [AT] and . to [DOT] in email addies
With malicious links change them so they don't work, For instance I change com to cxm as well as a few x's in other places
SpamCop will default munge your email addy unless you tell it not to.
spam sometimes has links in spam like invisible coded images to send a confirmation that email has been received.
Most email now blocks images from automatically opening for this reason -
13 minutes ago, Steve said:I just manually report those emails to abuse(at)amazonaws.com and ec2-abuse(at)amazon.com I do get replies back once they've received the spam report and when they've taken action or mitigated the activity of their subscriber/customer.
They do act but are very bureaucratic. Try to work out where the SpamCop tracking URL is
Hint it's at top of page BEFORE you submit report -
1 hour ago, klappa said:Should i instead of reporting them as sex spammer use phishing e-mail instead?
I report as both.
-
On 3/15/2019 at 12:46 PM, klappa said:Yes good for you but you are dealing with obvious phishing spam i am not. It's a difference since i dealing with sex spam. The sex spammers are running a scam business but it's still not phishing e-mail. Everyone takes spam less seriously.
These "sex sites" are sent via (untraceable by you) botnet email or throwaway email addresses, the sites themselves start from a throwaway address then jump to another.
Always after credit card details!
(the ISP of that botnet can see where the source IP is)
Called phishing.
heres one
https://www.spamcop.net/sc?id=z6530436982z1d6d8d3d02831bdf4f781b2561e8282fz
notes were
22.224.69.173 antispamxdcb.hz.zj.cn bounces
malicious site URL
http://chinabdt.nxt/
52.5.250.89 abusexamazonaws.cxm
proof see
https://www.virustotal.com/gui/url/600f2573dfc69fffdd57931eb33ec16698d1c613567dd4324f6b82d984349796/detection
-
9 hours ago, klappa said:That would be quite useless because
Seem to have some success with it
Another Forrest Gump moment for me?
https://www.businessinsider.com.au/facebook-criminal-investigation-data-sharing-2019-3?r=US&IR=T
Criminal phishing, bogus reply address, bogus unsubscribe This/my email address I believe sold to this Russian (?) Crime gang by FaceBook .. email source 94.100.177.97 abusexcorp.maxl.ru -
1 hour ago, RobiBue said:I never report from the spammed email address, and always munge the latter.
Several providers have asked for full headers and I always tell them that the email address is of no concern to them as I do not wish retaliation or listwashing from their customers.
They sometimes claim it would be easier with my address, but I insist that they can enforce their AUP solely by the email received headers and the email content. This last scenario happened only twice in my umpteen years of reporting
And your absolutely right, however with me I don't want spam and never munge my reports!
Where SpamCop won't send to a abuse desk I then send direct from the address that received the spam -
2 hours ago, klappa said:Which domain is that from? I don't recognize it
It's a safety measure to check URL's
https://www.virustotal.com/#/home/url -
8 hours ago, klappa said:Amazon promised to take action several times but nothing happens.
Pretty sure these creeps are opening a new "free" amazon account when one is taken down.
Seems Amazon are shutting them down when reported from the spammed email address, stating IP address and copy and pasting full headers with report.
https://www.virustotal.com/#/url/51cfab3c89b464ef6e07c89d13ae048eb6708dd49233bf740609da33f2834ea2/details
status: 404 Not Found -
5 hours ago, klappa said:Amazon abuse desk just replies with a short reply and urge me to go through National Center for Missing and Exploited Children
Seems pointless. I give up! The spammers always wins.
They went away from me for a while, as Amazon refuse to take SpamCop reports
I send from the email it was sent to
These spammers have been kicked out of many "holes" before now reside with Amazon who have a incompetent abuse desk.
Amazon are offering free web space, which tells me there IT are causing them to go broke.
I will be adding "subpoena-criminal[x]amazon.cxm" to my reports to see if anyone in Amazon have brains or more pomposity
http://www.missingkids.org/gethelpnow/cybertipline is a good link worth a try they can get a seizure order on Amazon sites
Seem to be breaching "U.S. Department of Justice's Child Exploitation and Obscenity section" (as usual U.S. agency that's broken, links are not updated)
Just checked seems Amazon are taking sites down. These creeps must be just signing up with a new free one as they get closed. -
31 minutes ago, MIG said:I'm sure there's others, as I come across them I post to the Forum.
Most USA Government agencies can't find their own ass!
However if you can hit a concerned party you are away. -
report through SpamCop the hacked crap
Everyone is getting this looks like old servers with hardrives were sold?
https://www.spamcop.net/sc?id=z6526225450z9f0967bb3b7249a8b38944aba0bcc8a0z
To cancel account try here
https://mailsc.spamcop.net/fom-serve/cache/15.html
You need to goto preferences to update
Go to preferences
https://mailsc.spamcop.net/mcgi?action=prefmenu
maybe
https://mailsc.spamcop.net/mcgi?action=wizard&stage=1
Always click "save changes" -
1 hour ago, klappa said:I am sure Amazon doesn't provide or give away that info to the spammer
They do, most certainly and they state so in their reply!
They have a abuse website?
https://aws.amazon.com/forms/report-abuse
but run by the same morons, but they do have a email to their legal "subpoena-criminal[x]amazon.cxm."
pay to advise them that the moronic abuse team is putting Amazon itself at risk! Offering FREE websites for pedophiles? -
1 hour ago, klappa said:Was it a phishing mail? Amazon doesn't seem to take it serious if it isn't a phishing mail.
Yes definitely criminal phishing offering prizes to get your email address and other info
-
15 minutes ago, klappa said:On 3/9/2019 at 8:38 AM, petzl said:Netdemon is really safe for finding IP's and other info
A better way to check out URL''s suggested by "MIG"
https://www.virustotal.com/#/home/urlBut it doesn't follow redirects?
But it tells you if site is safe.
https://www.webconfs.com/http-header-check.php
Does not always give redirects either -
4 hours ago, klappa said:Now i follow. Although i can't be bothered munging my e-mail anymore. It's to late for that.
Yes spammer already has your email.
Got one from these scum this morning here are the notes
54.213.31.253 (Administrator of network where email originates) abuse@amazonaws.com phishing-report@us-cert.gov https://bit.ly/2EPC64E?1819469901?DL4B7Sr6I8Unq8090859 67.199.248.10 abuse@bitly.com redirects https://mmwaq.slutsnearby.com/c/1f0a2cb367c37dee?s1=25218&s2=158751&j1=1&j3=1&s3=17004&s5=432018&click_id=nthml5c841f5915e67849990878 URL IP 34.194.20.115 abuse@amazonaws.com phishing-report@us-cert.gov
re. @devnull.spamcop.net
in SpamCop Reporting Help
Posted
I havve a paid account since it began, Was actually part of SpamCop email account
Maybe thats the difference?