Jump to content

Spammers now hiding behind Cloudflare and others


showker

Recommended Posts

Over the past six months I've seen an alarming rise in spam -- particularly body enhancement and health or weight loss -- with host listed as Cloudflare.com ... I've reported several hundred.  Then I learn they ignore Spamcop and have their own reporting "form" ...

Who else has Cloudflare.com spam reports?   Would you be willing to hold them? Or, are you just not reporting them?

What makes me very mad is they openly admit they let all the cybercrime through, and have no responsibility for who uses their VPN and IP Address masking.  All their web site and so forth are completely automated and buffered from any contact.  For all I know, it's actually a middle Eastern terrorist cell running it.  Their income is in the millions.

So today, if you want to send millions of spams, just put in two redirects, and host them at Cloudflare.com 

I've reported 60 or so through their form, which is a five-step form that only accepts one domain at a time.  I pressed them on the point that after I've reported the attack, they can no longer claim not to know who is sending or what the nature of it is.  So they're obviously covering up the fact of how rich they're getting off of shielding the cybercrime industry.

I do not think SpamCop is adding them to the black lists since they haven't shown up anywhere.

It should be illegal.

:-(

 

Edited by showker
misspellings
Link to comment
Share on other sites

  • 1 year later...
1 hour ago, leagris said:

I am facing the same issue as you with CloudFlare and with the exact same conclusion

Best to report from your email address that received spam (also report with SpamCop) forward as attachment the spam and to "phishing-report [ at] us-cert [dot] gov" in from, cloudfare will see this and act.

Edited by petzl
Link to comment
Share on other sites

  • 3 weeks later...
  • 7 months later...

Now every cloud flare report is auto replied with the following text

Quote

 

Your report (#XXXXXXXX) has been received. Note -- When responding please make sure to keep #XXXXXXXX in the subject line.

Thank you for your report.

To expedite processing of your complaint, please submit your complaint through Cloudflare's abuse reporting web form available at https://www.cloudflare.com/abuse/

Please be aware Cloudflare offers network service solutions, including a reverse proxy, pass-through security service and a content distribution network (CDN). Because Cloudflare is a reverse proxy, our IP addresses appear in whois and DNS records for websites using our services. Cloudflare is not a hosting provider, and we do not have access to our customers' content.

Regards,
Cloudflare Trust and Safety

 

Quote

 

any way to get around it and make sure that they let the spammers stop abusing their network resources

Link to comment
Share on other sites

  • 1 year later...

I've been using their online form to report a phishing website that was often redirected to in the spams I received, and I can say their are reactive. 

Only a couple hours after the report, i've received an email in which they said:

We have notified our customer of your report.
We have forwarded your report on to the responsible hosting provider.
You may also direct your report to:

1. The provider where xxxxxx.com is hosted (provided above);
2. The owner listed in the WHOIS record for xxxxxxx.com and/or;
3. The contact listed on the xxxxxxx.com site.

Then I visited the website and i had this: (before it was a fake Amazon survey to win an Iphone)

1553982119_PhishingwarningCloudflare.thumb.jpg.f80105e0fe92cbbf88ec52c705d51624.jpg

And this: (seems that the hoster was reactive too)

800362466_PhishingUnreachableCloudflare.thumb.jpg.b3230a633b3d411124598ec1eee8031a.jpg

I'm so glad it worked ! 😁

 

 

 

Edited by Tau
Link to comment
Share on other sites

  • 4 weeks later...
On 2/24/2021 at 3:13 PM, Tau said:

I've been using their online form to report a phishing website that was often redirected to in the spams I received, and I can say their are reactive. 

Only a couple hours after the report, i've received an email in which they said:


We have notified our customer of your report.
We have forwarded your report on to the responsible hosting provider.
You may also direct your report to:

1. The provider where xxxxxx.com is hosted (provided above);
2. The owner listed in the WHOIS record for xxxxxxx.com and/or;
3. The contact listed on the xxxxxxx.com site.

Then I visited the website and i had this: (before it was a fake Amazon survey to win an Iphone)

1553982119_PhishingwarningCloudflare.thumb.jpg.f80105e0fe92cbbf88ec52c705d51624.jpg

And this: (seems that the hoster was reactive too)

800362466_PhishingUnreachableCloudflare.thumb.jpg.b3230a633b3d411124598ec1eee8031a.jpg

I'm so glad it worked ! 😁

 

 

 

Thank you for sharing this. A friend of mine was the victim of a phishing scam, and all I can say is that it was a pretty ugly situation.

Link to comment
Share on other sites

18 hours ago, Harry Adams said:

Thank you for sharing this. A friend of mine was the victim of a phishing scam, and all I can say is that it was a pretty ugly situation.

You're welcome. I don't know how it helped, but no problem. :)

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...