Jump to content

Any point in reporting spam from AMAZONAWS?


MDMesser001

Recommended Posts

12 minutes ago, petzl said:

1. Check how much info it leaks https://ipleak.net
2. Disabling  IPv6 

Hey Petzl,

1. Do you mean G🦗H or everybody if they use a browser inbuilt VPN?

2. Disabling  IPv6 - yes for xp & anything prehistoric, otherwise disabling W/IPv6 results in connection issues.

I'm not a big fan of VPNs, installed or browser, but, they're useful for testing, doing remote in actual locations and of course save a bucket load of 💰when G🦗H yearns for a 🌍😎 and no ✈️lag.

😉🦗🙏

 

Link to comment
Share on other sites

  • Replies 146
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

21 minutes ago, MIG said:

Hey Petzl,

1. Do you mean G🦗H or everybody if they use a browser inbuilt VPN?

2. Disabling  IPv6 - yes for xp & anything prehistoric, otherwise disabling W/IPv6 results in connection issues.

I'm not a big fan of VPNs, installed or browser, but, they're useful for testing, doing remote in actual locations and of course save a bucket load of 💰when G🦗H yearns for a 🌍😎 and no ✈️lag.

😉🦗🙏

 

1. Everybody shows what those that look at connected IP's  can see
2 WIN10 64 bit had it disabled for years so far no issues

Link to comment
Share on other sites

27 minutes ago, petzl said:

1. Everybody
2 WIN10 64 bit had it disabled for years so far no issues

1. Cool

2. I'm not disagreeing, just "discussing" industry advice.

(your ref) https://www.privateinternetaccess.com/helpdesk/kb/articles/do-i-need-disable-ipv6-traffic-on-my-windows-computer - Kaneesha D. 2019-05-08 -The latest client (v1.0 and up) enables IPv6 leak protection automatically and does not need to be disabled.

3. 🦗 specifically, doesn't use an LAC.

Cheers!

🦗🙏

Edited by MIG
Link to comment
Share on other sites

1 hour ago, MIG said:

1. Cool

2. I'm not disagreeing, just "discussing" industry advice.

(your ref) https://www.privateinternetaccess.com/helpdesk/kb/articles/do-i-need-disable-ipv6-traffic-on-my-windows-computer - Kaneesha D. 2019-05-08 -The latest client (v1.0 and up) enables IPv6 leak protection automatically and does not need to be disabled.

3. 🦗 specifically, doesn't use an LAC.

Cheers!

🦗🙏

Would take a minute to enable

Link to comment
Share on other sites

1 minute ago, MIG said:

Can't enable what doesn't exist. If it did, why, it's not used?

Cheers!

🦗🙏

To disable or enable IPV6 just requires checking or un-checking a box
just enabled it now and my Ipv6  stands out clear sisabled it again, I use PIA

Link to comment
Share on other sites

4 minutes ago, petzl said:

To disable or enable IPV6 just requires checking or un-checking

I don't have an Local Area Connection.

If I did I would disable it. 

😵

Edited by MIG
Link to comment
Share on other sites

9 minutes ago, MIG said:

I don't have an Local Area Connection.

If I did I would disable it. 

😵


My computer all 3 are Win10
mine came up with IPV6  when enabled
2001:8003:c109:ee01:d058:e4d1:68c0:316c

Edited by petzl
Link to comment
Share on other sites

  • 2 weeks later...

Keep in mind that Amazon owns 65% of the server resources on the entire internet.  You cannot do anything on the internet hardly without being impacted by Amazon.   A recent book tells of the author who attempted to completely block Amazon, Google and Apple from the "connected" world and could not do it. (Recent show on public TV)

However, yes, I do believe it helps to report it.   It helps even more to make memes of the logistics and tweet them @amazon #amazoncybercrime

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...

I report spam directly on the SpamCop site (pasting plain text into the form) and for Amazon reports:

1) SpamCop almost always says “Using abuse#amazonaws.com@devnull.spamcop.net for statistical tracking”

2) Rarely, but occasionally, I find SpamCop decides to send a report to ipmanagement@amazon.com

3) Now, if the source IP in the spam email headers is at Amazon, I send the report to three addresses. I always include the time the email was received (and time zone). Just occasionally they mess up the conversion to UTC and ask about the time again.

ipmanagement@amazon.com because it seems to respond sometimes 

ec2-abuse@amazon.com because sometimes it is those guys responsible for the sending IP apparently 

abuse@amazonaws.com because that’s what SpamCop was going to send to

 

I also report any spam image content links I find in the emails. Pinterest is a pain to deal with, but Imgur and others have been very responsive. So much so that the spammer now puts “if the images are not shown below click here” - LOL!! 

If only they stopped sending me their crap, they would have more success with their intended victims.

Edited by Hanco
Added image references
Link to comment
Share on other sites

2 hours ago, Hanco said:

Amazon again just now... from Amazon IP 52.36.85.88

Looks to me like Amazon abuse desk is behind and protect
Criminal  phishing, bogus reply address, bogus unsubscribe
Be very wary about giving Amazon credit card information they will have bogus charges appearing on it,
Some bogus charges on my credit card for kindle books I noticed, recommend canceling accounts/credit cards they have access to.
26/07/2019    Amazon Australia Servi Melbourne Au 
Entertainment & Recreation    $13.99    
26/09/2019    10:44    Amazon Australia ServiMELBOURNE AU    $13.99    

Although after spotting this I rang and they refunded the money I believe misappropriated
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99

Edited by petzl
Link to comment
Share on other sites

On 9/28/2019 at 12:12 AM, petzl said:

Looks to me like Amazon abuse desk is behind and protect
Criminal  phishing, bogus reply address, bogus unsubscribe
Be very wary about giving Amazon credit card information they will have bogus charges appearing on it,
Some bogus charges on my credit card for kindle books I noticed, recommend canceling accounts/credit cards they have access to.
26/07/2019    Amazon Australia Servi Melbourne Au 
Entertainment & Recreation    $13.99    
26/09/2019    10:44    Amazon Australia ServiMELBOURNE AU    $13.99    

Although after spotting this I rang and they refunded the money I believe misappropriated
27/09/2019    Amazon Australia Servi Melbourne Au
Deposits        $13.99...

Wow, that’s not good. Credit card provider would likely have reversed all those if Amazon didn’t I guess.

Meanwhile here, Amazon IPs are the source of regular spams by the same criminal group now, every day for:

bulkoffers.win / australy.win / australy.bid

I wonder how many times it takes reporting these through SpamCop before we finally see them go on SURBL or similar...

Link to comment
Share on other sites

55 spam emails from Amazon IPs in the past 2-3 days... all designed to push traffic to one of three domains. All of no interest to me on topics from Gutter Guards, Home Warranty, some miracle instant translator device, some cure for a nerve condition, a flashlight, how stainless steel reverses diabetes, boosting testosterone, dating is easy with their Asian ladies, anthropomorphic renovation, CBD oil and miracle pain cures, dating for people much (much) older than me, and mortgages.

A surge recently in volume of this crap and a significant fall (to zero) in the Canada Pharma sh**e, and the “you’ve got to send me your personal details so you can get $1m that is yours”. Also not had the emails from my close friends by name with “saw this and you should look” links (typically link to a site domains created with Namecheap less than 24 hours ago, and always under 3 days ago)

It seems really clear this spam bot group is pushing all content through Amazon, and Amazon is either powerless, or doesn’t want to actually stop it.

Rarely will SpamCop offer reporting to Amazon, instead doing the abuse#amazon thing.

Should we send direct to Amazon or not? Which is likely to cause maximum potential nuisance to the spammer and reduce volume longer term?

Link to comment
Share on other sites

2 hours ago, Hanco said:

Should we send direct to Amazon or not? Which is likely to cause maximum potential nuisance to the spammer and reduce volume longer term?

Forward it to Amazonaws, phishing-repor#tus-cert.#gov.
include phishing above IP source

Criminal  phishing, bogus reply address, bogus unsubscribe
IP 34.231.112.26 
include headers and body
https://www.spamcop.net/sc?id=z6578747355z158aa4a26f6a31f2cd5a61872902c2b9z

Link to comment
Share on other sites

  • 4 weeks later...

I've also been getting amazonaws spam. It seems another IP address is included in the spam. It's 143.220.15.131 and registered to the Association of Medical Colleges (AAMC). I have tried reporting the IP address via SC to AAMC to both the dns AT aamc DOT org (which the SC parser forwards to postmaster AT aamc DOT org) and the postmaster address postmaster AT aamc DOT org on several occasions. with no response/effect. I was almost tempted a few times to write a letter and send it to them asking why their IP address appears in AmazonAWS spam. It's also ALWAYS the same content with the SAME links that aren't valid such as {spam link removed} (which the parser doesn't pick up. It only detects t.co/bit.ly links which even those get redirected and dev/nulled to twitterdoesntcareaboutspamreports@devnull.spamcop.net) or in the case of bit.ly links, sent to abuse AT bitly DOT com. Previous emails were coming from Parsec Cloud, Inc. Citrix is now being used as the bottom of the emails. Here's the original tracking url: https://www.spamcop.net/sc?id=z6585617008z355af39de650b47648e218409deb1a46z

{Quote of spam Deleted} -- To view the deleted material follow the tracking URL above.
Here's the parsing results for the AAMC IP address and the tracking URL: https://www.spamcop.net/sc?id=z6585618727zdf96eb88f2edb7ba97b2dad603fed48ez
 
Tracking message source: 143.220.15.131:

Routing details for 143.220.15.131
[refresh/show] Cached whois for 143.220.15.131 : dnsadministrator@aamc.org
Using abuse net on dnsadministrator@aamc.org
No abuse net record for aamc.org
Using default postmaster contacts postmaster@aamc.org

 

Clicking on the calendly link results in this:

 

Quote

 

Event Temple Demo
No openings at the moment.

If you are the owner of this account, you can log in to find out more.

 

with the links being reported to abuse AT cloudflare DOT com. Not that CF can do anything to take down the link.

 

 

Steve

Link to comment
Share on other sites

It's increasingly clear that amazonaws(dot)com is not simply incompetent. It's evil.

The internet was the most important advance in human communication since the invention of the printing press. It's hijacked by spammers, phishers, massive money-grubbing corporate interests, governments that leverage it to keep us stupid and scared, and related nightmares.

Every email I receive with amazonaws(dot)com anywhere in the full header is spam. Every single byte. All attempts to stop this online rape have failed. Repeated attempts to contact amazonaws "support" have failed. I repeat: Amazonaws(dot)com is not simply incompetent. It's evil. 

A long time ago, I thought reporting amazonaws(dot)com spam via spamcop might help stop the assault. Stupid me.

Link to comment
Share on other sites

I have reported 14 abuse emails to them today since this morning alone. I’ve just about had enough and canceling prime and avoiding shopping with them at all is increasingly likely what is going to happen.

I am coming to the same conclusion as you. Totally a waste of time. I don’t know if there is an email client for my Pixel phone and iPhone which allows blocking by IP ranges but that’s what I’d really like to get!!!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...