Manos

Dozens of chinese spam emails per day

36 posts in this topic

1 hour ago, hank said:

PS:  "qq.com" is identified as the source of all the spams to myuserid@spamcop.net, but qq.com isn't blocklisted by Spamcop.  That business has multiple IP addresses which it's using.

 these are botnet attacks (on SpamCop users) by someone using China"zombie/hacked/malware" infected computers I don't believe the hacker originates from China.
Big problem is the Chinese don't have working reporting addresses.most of teir webpages don't display e-mail addresses either.
Try ringing there/your Chinese embassy in your country and ask them if there is a way to get the Chinese to scan their computers?

Share this post


Link to post
Share on other sites

Posted (edited)

Quote

Unfortunately, we are not able to proceed your request. Please try again later

-- Spamcop reporting system.

 

Oh, dear:  "proceed your request"?  This language suggests someone's not paying close attention over at Spamcop.

Edited by hank
explication

Share this post


Link to post
Share on other sites
Quote

abuse net chinanet.cn.net = anti-spam@ns.chinanet.cn.net, spam@ccert.edu.cn, abuse@12321.cn, cncert@cert.org.cn
Using last resort contacts ipreport@sdtele.com anti-spam@ns.chinanet.cn.net spam@ccert.edu.cn abuse@12321.cn cncert@cert.org.cn
ipreport@sdtele.com bounces (99 sent : 99 bounces)

 

China:  DILLIGAS?

Share this post


Link to post
Share on other sites

Posted (edited)

Wouldn't it make more sense to ask Spamcop to filter obvious botnet attack email rather than forwarding them uncritically?

Something tells me the Chinese government is uninterested in being helpful in this kind of interaction.

I wonder if anyone else with a userid@spamcop.net account is being so favored.

Yeah, the email is still coming through, addressed to my-userid@spamcop.net and forwarded to my ISP; 450 more overnight.

Edited by hank
elaboration of explication

Share this post


Link to post
Share on other sites
6 hours ago, hank said:

Wouldn't it make more sense to ask Spamcop to filter obvious botnet attack email rather than forwarding them uncritically?

Something tells me the Chinese government is uninterested in being helpful in this kind of interaction.

I wonder if anyone else with a userid@spamcop.net account is being so favored.

Yeah, the email is still coming through, addressed to my-userid@spamcop.net and forwarded to my ISP; 450 more overnight.

Cisco can and did use thei filter (best in world)r for 12 months, some did not like this after 12 months Cisco turned there filter off as part of the terms of taking over SpamCop email.
I even tried calling Chinese Embassy in Canberra (Australia) but no one answers phone. So maybe Chinese bureaucrats are all the same (flameproof can't be fired)?

Just wanted to see if they could give a concerned/working email address?
Brazil sort of very much  fixed their spam problem by creating one.

Share this post


Link to post
Share on other sites

It appears I got more than 4,000  spams in the past 24 hours, all addressed to my userid@spamcop.net and forwarded by Spamcop to my ISP, which graymailed almost all of them.   Maybe one or two per hour get past the graymail and I report those.

Tiresome.  Good thing my ISP isn't charging me for storage, just automatically deleting the graymail.

Big annoyance to review all the headers and catch the occasional non-junk email out of the deluge.

Maybe the answer is to just cancel my spamcop email address?

Perhaps that's what the spammer wants me to do?

At this point I'm still using the "mole" reporting hoping that's informing whoever adds lines to the blocklist.

Edited by hank
"mole"??

Share this post


Link to post
Share on other sites
8 hours ago, hank said:

It appears I got more than 4,000  spams in the past 24 hours, all addressed to my userid@spamcop.net and forwarded by Spamcop to my ISP, which graymailed almost all of them.   Maybe one or two per hour get past the graymail and I report those.

Tiresome.  Good thing my ISP isn't charging me for storage, just automatically deleting the graymail.

Big annoyance to review all the headers and catch the occasional non-junk email out of the deluge.

Maybe the answer is to just cancel my spamcop email address?

Perhaps that's what the spammer wants me to do?

At this point I'm still using the "mole" reporting hoping that's informing whoever adds lines to the blocklist.

           just creat a gmail account they put all the spam in "spam" folder

Share this post


Link to post
Share on other sites

> just creat a gmail account
Problem is I used Spamcop as my primary email for many years, so it's my address of record for a lot of older contacts.

And there's no automatic way of validating a new spamcop address for reporting, if I cancel the current one.  I'd have to do the mailhosts routine again.

If I change forwarding from Spamcop to send it all to Google, I still have to read through all the headers; Gmail does false positives occasionally too.
400 of the same word salad spams in the past 8 hours (sigh).

At least I have a computer.  Imagine dealing with this with only a smartphone, the way so many people in the world use email.  It'd be overwhelming.

 

From: "=?utf-8?B?5pmv54i95riF?=" <745942123@qq.com>
To: <xxx@spamcop.net>
Subject: =?utf-8?B?5qyi6L+O5b2S6Zif77ya6YKA5oKo5L2P5YaK5ba64pGk4pKP?=
    =?utf-8?B?6LWiNThP5o+QLC3lorrpjYbmsLjliKkzMzI0OTjjgIJDT03kvL3lrqLmnI3miaM=?=
    =?utf-8?B?OjMxOTIxNjUyOOeTtO+8jOWPquimgeaKlee0uOe6ouiLnuWkqeWkqQ==?=
    =?utf-8?B?5oqi77yM6aaW5ou16aS4Mk8gM08gNU/igLDkuIvnpZ3ikbnkvZXlsLE=?=
    =?utf-8?B?6YCBJF8k54m556CBNDnotJ0gICAgIA==?=
Date: Sat, 02 Sep 2017 23:10:29 +0800
MIME-Version: 1.0
Content-Type: text/html;
    charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Disposition-Notification-To: 745942123@qq.com
X-Orthrus: tar=0 grey=no co=US os=//29 spf=fail dkim=none

<p><font color=3D"DarkSlateGray">=E6=9D=A5<span style=3D"font:0px  =
a"><=E8=BF=9E=E9=98=B4=E9=9B=A8></span>=E4=BA=86<span style=3D"font:0px  =
a"><=E9=9B=B6=E5=94=AE=E6=80=BB=E9=A2=9D></span>=E6=B0=B8<span =
style=3D"font:0px  a"><=E9=A9=AC=E9=93=83=E8=96=AF></span>=E5=88=A9<span =
style=3D"font:0px  =... and so on and so on.  Google Translate can't make any sense of this.

 

 

Damn qq.com

Share this post


Link to post
Share on other sites
7 hours ago, hank said:

> just creat a gmail account
Problem is I used Spamcop as my primary email for many years, so it's my address of record for a lot of older contacts.

And there's no automatic way of validating a new spamcop address for reporting, if I cancel the current one.  I'd have to do the mailhosts routine again.

If I change forwarding from Spamcop to send it all to Google, I still have to read through all the headers; Gmail does false positives occasionally too.
400 of the same word salad spams in the past 8 hours (sigh).

At least I have a computer.  Imagine dealing with this with only a smartphone, the way so many people in the world use email.  It'd be overwhelming.

 

Just get a Gmail address use your full name @ Gmail then change SpamCop preferences to forward email (if not satisfied go back to old way)
I don't use smartphone to check email or bank they are insecure IMO. (WIN10 phones using Hotmail seem OK)

https://mailsc.spamcop.net/mcgi?action=wizard&stage=1

Then either POP Gmail  https://support.google.com/mail/answer/7104828?hl=en
or use their Webmail they accurately sort spam from ham
As always have the latest malwar/virus scanner working (Windows Defender is excellent one paid for it when they bought windows)

Edited by petzl

Share this post


Link to post
Share on other sites
On ‎09‎/‎09‎/‎2017 at 0:19 AM, hank said:

Sigh.  Now a new one has gotten past Google and is getting forwarded from my-userid@spamcop by the dozens per hour.

Mostly ending up in my ISP's graymail folder, fortunately.

 

" a massive spam Email campaign has recently gone viral after effectively bypassing the Gmail anti-spam algorithm ..."

http://www.binaryscamalerts.com/quantum-code-scam-software-review/

==

I do point out that this was MARCH 2017.

 

The botnet that does the Qtum 'main network' is NOW so maybe just the text was stolen

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now