Sign in to follow this  
Followers 0
kluless

spam Flood

16 posts in this topic

Over the past couple of days I've had quite a surge in spam, from the usual 5 or 6 per day to 50+ today. This is on a Y! account...

Anyone else having this problem?

I've noticed that a lot of them are coming from a .win domain e.g. enarnusy@thrivedesigngrants.win and the host for all of the .win mails is limestonenetworks.com

 

Edited by kluless
added info

Share this post


Link to post
Share on other sites

Googled .win and got this...

Quote

.win is a generic top-level domain managed by Famous Four Media of Gibraltar, who pitch it as a memorable gTLD for "online gaming resources and services". Famous Four Media is managing "60 gTLD applications". Some ransomware posts ransom links that include .win and .onion URIs.

Looks like it's a spammer's home from home

Share this post


Link to post
Share on other sites

Not to sound flippant, but it must be your turn in the barrel.  It seems to me that spam comes and goes in waves. Currently this forum is not receiving the 40-50 daily spam posting it usually receives. My email accounts also are on a low ebb.  I have not noticed any email from the win TLD

Share this post


Link to post
Share on other sites
12 hours ago, kluless said:

Googled .win and got this...

Looks like it's a spammer's home from home

ONE/1 tracking url would be good?

Share this post


Link to post
Share on other sites

I've noticed the pattern of having spam coming in waves, and recently noticed a flood of grumpy customers of the ISP I use on Facebook.  I'm currently experiencing a lull in the amount of spam I'm receiving - the flow hasn't dried up completely, but it's a lot quieter for me.

Share this post


Link to post
Share on other sites
7 hours ago, petzl said:

ONE/1 tracking url would be good?

101.193.235.23

It's an APNIC address

I got another 76 spams from them today, looks like if you report them they retaliate with even more...

Edited by kluless

Share this post


Link to post
Share on other sites

A Tracking URL is at the top of the report page and looks like

Quote

SpamCop v 4.8.7 © 2018 Cisco Systems, Inc. All rights reserved.
Here is your TRACKING URL - it may be saved for future reference:

https://www.spamcop.net/sc?id=z6437551039z397c7682b607208ad3137a9ddf74157ez

With that information we all can see the spam (your email address munged) and all the results of the parser.  There may be some information you have overlooked.

Share this post


Link to post
Share on other sites
11 hours ago, kluless said:

101.193.235.23

It's an APNIC address

I got another 76 spams from them today, looks like if you report them they retaliate with even more...

101.193.235.23 don't tell one much need 1 tracking url your email is probably on a Chinese botnet.
Online criminals continue to distribute spam and carry out scams - even with the Chinese government involved. 
Edited by petzl

Share this post


Link to post
Share on other sites
2 hours ago, kluless said:

I'm confused what does this tracking URL have to do with 101.193.235.23? The tracking URL wants to report "Re: 60.233.211.56 (Administrator of network where email originates)"

By the way you can go ahead and report this spam and the Tracking URL will still be available.

Share this post


Link to post
Share on other sites

I had already deleted the spam from 101.193.235.23, so I used the report from another .win spam, I had 76 to choose from so I went for the most recent one.

Share this post


Link to post
Share on other sites

Of course I submitted it, how else would I receive the tracking URL?

 

Share this post


Link to post
Share on other sites
11 hours ago, kluless said:

Of course I submitted it, how else would I receive the tracking URL?

 

The tracking URL you copy is only there BEFORE you submit, It canbe used after you submit to check report

Share this post


Link to post
Share on other sites

No (dot)win spam for 3 days, looks like they've been shut down...

 

Share this post


Link to post
Share on other sites
15 hours ago, kluless said:

No (dot)win spam for 3 days, looks like they've been shut down...

 

The "Alibamer" or "fake header" Spammer came alive again sent report to Cert, China from my email account, shut spammer down for a week last time.

https://www.spamcop.net/sc?id=z6442078877zdcbce78955ff93c281d2d0169c7b6886z

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0