Jump to content
MDMesser001

Any point in reporting spam from AMAZONAWS?

Recommended Posts

About 95% of my spam ends up showing AMAZONAWS as the source.

I've been reporting it regularly but I always get more.  

I've been pleased with results from most of the other spam I get.  I forward it to Spamcop.net and I rarely see it come from that source again.  But AmazonAWS seems exempt.

Share this post


Link to post
Share on other sites
8 hours ago, MDMesser001 said:

About 95% of my spam ends up showing AMAZONAWS as the source.

I've been reporting it regularly but I always get more.  

I've been pleased with results from most of the other spam I get.  I forward it to Spamcop.net and I rarely see it come from that source again.  But AmazonAWS seems exempt.

Yes show a tracking URL

Share this post


Link to post
Share on other sites

Unless your ISP uses the SpamCop Blocklist to filter/sort your incoming email, you will not see a direct affect in your inbox for submitting spam. 

Share this post


Link to post
Share on other sites

Yes, we believe it helps to report.   I've been tracking them and if you follow SafeNetting or UGNN on Facebook or any of the "News" social medias you've seen my "Amazon complicit with Cyber Crime Cartels" alerts and warnings.  

Yet, when we report, it's the last time we get spam from that particular IP and domain.  Yes, they switch -- and have a billion opportunities to continue switching -- but I do believe those reports get some attention.   I have been unable to reach a spokesperson, it seems to all be automated without human intervention.

Cloudflare is much worse.  They actually admit that they are getting rich off cyber crime and nobody seems to care enough to speak up.   I contacted a major, national law firm to launch a class action suit, but they said the judges have so little knowledge of technology that they believe the Amazon, Google and Cloudflare yarn about having nothing to do with the content. 

Why is Google blocking Amazon?
https://medium.com/@showkster/why-is-google-blocking-amazon-d912e4b26ab2

 

 

amazon_cybercrime.jpg

Share this post


Link to post
Share on other sites

I get auto response for all the spam reports I send to Amazon. I don't track the IPs or spend to much time looking at the the spam so don't know what effect it has.

As in other threads, No the spam is not going away. As long as people respond to spam, with money or political action, spam will continue. SpamCop never really expected spam to stop. There first objective has always been to block the spam.  Like the spammers them self, there will always be ISPs that will take spammer's money.

Share this post


Link to post
Share on other sites

You could manually forward spam reports, but the people in the abuse@amazonaws department are USELESS.  Try sending a copy of the full header/email to stop-spoofing@amazon dot com.  Every time I've done that it all stops in a few days and can take as long as a week or more to return in the same numbers.

 

Yo spamcop!  Amazon owns amazonaws.  Any chance you could start forwarding amazonaws spam to a better Amazon owned abuse address that will actually do something about it?  Seriously -- I've had great results with stop-spoofing.

Share this post


Link to post
Share on other sites

Thanks, its8up, I appreciate your input.  In fact, my spam from amazonaws has dropped off pretty significantly over the last few weeks.  Hopefully that means they've taken some action to cut down on spam.

Share this post


Link to post
Share on other sites

You lucky dog!  Mine always drops to nil after manual reporting, then comes right back.

Several weeks back I had a chat with Amazon about Spamcop and they replied with genuine interest and whatnot.  This may have led to better communication with spamcop and some overall Amazon spam activity reduction, though I cannot be certain.  Unfortunately, as I'm sure you've noticed, spamcop still sends amazonaws reports to the trash which is a clear indicator that the amazonaws department is not active in this process.

My reporting from gmail to spamcop is automated on 3 accounts.  Automating direct mailings for amazonaws is not simple due to the vast number of small IP ranges they own.  Going back through spam to locate amazonaws mail for manual reporting is a real hassle, and the nuances of spamcop's IPv6 fiasco certainly does not help identify which of the 3 reporting accounts is the source.

Lacking any other automated choice, my fight against the amazonaws bad apples now includes mailings to their favorite URL shorteners, image hosts, and spoofed domain hosts.  Hootsuite is the absolute best about quickly redirecting their ow.ly and owl.li links to nothing, and ddnsfree is pretty quick about dropping/resetting domains.  Bit.ly and lnkd.in do OK too.  Others, including amazonaws image and link hosting, not so much.

Good luck in your spam battle!

Share this post


Link to post
Share on other sites

Well, amazonaws spam reports get sent to /dev/null in my case:

https://www.spamcop.net/sc?id=z6503507988zf04f1366f6ca8e5a872324eb4f96d690z

Tracking message source: 54.180.88.238:

Routing details for 54.180.88.238
[refresh/show] Cached whois for 54.180.88.238 : abuse@amazonaws.com
Using abuse net on abuse@amazonaws.com
abuse net amazonaws.com = abuse@amazonaws.com
Using best contacts abuse@amazonaws.com
Reports disabled for abuse@amazonaws.com

Using abuse#amazonaws.com@devnull.spamcop.net for statistical tracking.

Share this post


Link to post
Share on other sites
1 hour ago, RobiBue said:

Using abuse#amazonaws.com@devnull.spamcop.net for statistical tracking.

The REAL abuse address is "ipmanagement[at]amazon[dot]com"  

Share this post


Link to post
Share on other sites
17 minutes ago, petzl said:

The REAL abuse address is "ipmanagement[at]amazon[dot]com" 

The current refresh (just now) shows - as you suggest

Quote

Re: 54.180.88.238 (Administrator of network where email originates)

ipmanagement{AT}amazon{DOT}com"

It is a dynamic system.

Share this post


Link to post
Share on other sites
8 minutes ago, Lking said:

It is a dynamic system.

OK must be a long time-lag? I also refreshed cache ?

Share this post


Link to post
Share on other sites
35 minutes ago, Lking said:

The current refresh (just now) shows - as you suggest

It is a dynamic system.

Does this mean, that I should [refresh/show] every cached whois of every report?

thanks for the heads-up :)

Share this post


Link to post
Share on other sites
8 minutes ago, RobiBue said:

Does this mean, that I should [refresh/show] every cached whois of every report?

Should work now until the abuse address changes and SpamCop does not have it "hard coded" as a abuse address.

Share this post


Link to post
Share on other sites

I still get abuse#amazonaws.com@devnull.spamcop.net; so, I submit via SC & manually forward all spam email to ec2-abuseATamazonDOTcom

Amazon are very responsive to this method.

Share this post


Link to post
Share on other sites

I started doing that too for every amazonAWS spam.

I am not sure how effective they are, as their case numbers keep changing for every report and every other reply.

reporting to them gives me a case number, but when they reply about the action (which they can't tell me) they have yet another case number, and when I submit the same IP address a few days later (from a new spam) they give me yet another case number, so in this sense, I have no idea how they can even track their own cases...

although I have been able to get a live person answer there... so they do read the stuff they get...

Share this post


Link to post
Share on other sites
On 1/15/2019 at 12:49 AM, RobiBue said:

I started doing that too for every amazonAWS spam.

 

Good suggestion, I might start doing that too.

Share this post


Link to post
Share on other sites

I've constantly reporting and they even promised to resolve the issue or spammer that hosted it's domains on their services. But still i get spam from the spammer. Are they doing it for the money?

Share this post


Link to post
Share on other sites

yeah, pretty sure there's money involved. if someone complains they'll probably slap them on their wrist... if too many complain, they'll probably close the account, but the spamvertiser can easily open a new account and start anew...

Share this post


Link to post
Share on other sites

I contacted Amazon numerous times about spam sending them IP's.

I went to war with them as I have been a professional in mail servers.

99% of my spam is from Amazon Web Servers.

They refuse to identify the culprits due to privacy. They claim it is too hard for them. 

What rubbish. If you are spamming the world with trillions of spam that all have malformed headers you are a criminal.

I asked them why they have no scanner to make sure the data in the email headers were above board and they refused to answer.

Very simple to do and should be enforced on all aws mailservers that are deployed. Reject all malformed email so the sender just can't do it. Simple.

GMAIL works on the same principle. Deliver at any cost for speed instead of security.

I had to keep sending them full headers but only 1 line counts. The IP. I do look ups on all IP's and most are from Amazon.

They have insecure systems that are re-infecting mail servers on a continual basis.

They shut up with their cretinous responses and started doing something about it.

They obviously have no process nor procedure to stop the spammers from opening new accounts and continually doing the same.

They will not admit publicly that their systems are extremely vulnerable and have been attacked and abused due to legal damages they would incur.

If you have ever bought anything in the last 10 years from Amazon or that uses Amazon web server then your email is in criminal hands. Databases that are onsold.

Amazon is busted. Should be smashed with a 5 Billion law suit just like facebook.

The following are the severe spam constructs.

singlehosti.com

itlgopk.uk

yelp

If you are telling me you can't follow the trail of people who opened the accounts to put this type of scri_pt in place as they stated to me they send them abuse reports, you are a liar as you have date of registration and credit card details connected to the imbecile who has done it. They should have there accounts frozen and any other connected accounts. The people should then have to explain why they did it and if the owner is too dumb then a list of any IT person that has touched the system should be surrendered. Bloody simple and doable.

Amazon it rubbish and should be made to face court and severe legal actions.

Share this post


Link to post
Share on other sites
Posted (edited)
On 11/29/2018 at 1:40 PM, petzl said:

Should work now until the abuse address changes and SpamCop does not have it "hard coded" as a abuse address.

Well now AmazonAWS are spaming me, DDOS at my Gmail address fake drug, child. porn, get rich quick scams. Amazom claim they cannot frace the criminals (which mean it's them covering up). I now have added stop-spoofing[x]amazon.com, "cis[x]amazon.com" Amazons support, to my abuse report .
This "IT". Which need to be escorted out to the pavement by security IMO
Just 2  reporst below although diferent abuse address's same crowd.
https://www.spamcop.net/sc?id=z6549536779z843c22dfec1467a4f38a289d33596c23z  
https://www.spamcop.net/sc?id=z6549341751z467c51f91f70334d0775498a288d3a8cz

I report with full copy and paste from Gmail account to
"abuse[x]amazonaws.com" , "cis[x]amazon.com", "ipmanagemen[x]amazon.com", "phishing-repor[x]us-cert.gov", "spam[x]uce.gov"
stop-spoofing[x]amazon.com,
Amazon has lost me as a customer forever!

Edited by petzl

Share this post


Link to post
Share on other sites
On 5/16/2019 at 11:27 AM, Amazon Busted said:

I contacted Amazon numerous times about spam sending them IP's.

I went to war with them as I have been a professional in mail servers.

99% of my spam is from Amazon Web Servers.

They refuse to identify the culprits due to privacy. They claim it is too hard for them. 

What rubbish. If you are spamming the world with trillions of spam that all have malformed headers you are a criminal.

I asked them why they have no scanner to make sure the data in the email headers were above board and they refused to answer.

Very simple to do and should be enforced on all aws mailservers that are deployed. Reject all malformed email so the sender just can't do it. Simple.

GMAIL works on the same principle. Deliver at any cost for speed instead of security.

I had to keep sending them full headers but only 1 line counts. The IP. I do look ups on all IP's and most are from Amazon.

They have insecure systems that are re-infecting mail servers on a continual basis.

They shut up with their cretinous responses and started doing something about it.

They obviously have no process nor procedure to stop the spammers from opening new accounts and continually doing the same.

They will not admit publicly that their systems are extremely vulnerable and have been attacked and abused due to legal damages they would incur.

If you have ever bought anything in the last 10 years from Amazon or that uses Amazon web server then your email is in criminal hands. Databases that are onsold.

Amazon is busted. Should be smashed with a 5 Billion law suit just like facebook.

The following are the severe spam constructs.

singlehosti.com

itlgopk.uk

yelp

If you are telling me you can't follow the trail of people who opened the accounts to put this type of scri_pt in place as they stated to me they send them abuse reports, you are a liar as you have date of registration and credit card details connected to the imbecile who has done it. They should have there accounts frozen and any other connected accounts. The people should then have to explain why they did it and if the owner is too dumb then a list of any IT person that has touched the system should be surrendered. Bloody simple and doable.

Amazon it rubbish and should be made to face court and severe legal actions.

To help anyone else, AMAZON have sent me responses to the effect that the EC2 server was misconfigured. IP addresses are not resolving properly. This only happens from a hacker or criminal employee. They stopped the yelp spam in its tracks eventually after I abused them with vile language and they responded telling me they won't help me and then I bombarded them with all my spam headers and they apologised and shut up. Means they don't stop spam if you don't harass them. I also have a singlehosti.com, itlgopk.uk, rf-cheats.ru super spammer. What started to happen is the spammers started altering their headers to stop getting triangulated. Most of these were coming from AMAZON but not all. I remembered that years ago I tried stopping this one and got more spam. I reported it back then but nothing was done about it. Now after shoving it down their throat and asking why the fu** they don't parse every part of a header and make sure all domains aren't fake before forwarding the email as I received over 400 spam in less than a month using the same spoofing domains and tricks again they stated EC2 corrupt configuration.

The spam is slowing but goes through increases when the spammers are trying to find who is pinning them down. To my comments above use spamcop and abuseipdb. Be careful with abuseipdb as if you put too much info in the spammers can track the complaint source. Exclude and numbers or generated alphabetic scramble. The pricks looked at the country of complaint and started trying to fu** my countries AMAZON server. Use CHROME incognito to assist hiding your location. Not very good but safer than all other browsers. Most of the spam is rf-cheats.ru and uses the singlehosti.com and itlgopk.uk domains in their headers frequently with some others such as raynair, goodridge and a couple more. It takes time initially but is worth it. The bad AMAZON servers are mainly Israel (top), Germany, France and Japan. You can include Portland and Virgin Islands in the US.

The AMAZON spam is slowing but AMAZON is hiding their incompetent systems that have most likely been hacked with a mail scri_pt to hide the spammers trail.

To any noobs, UNSUBSCRIBING from spam gets you more spam. I have read that some people think this works. It does not with real spam. Do not confuse unsubscribing from legitimate newsletters or promotional material as an answer. You must report the spam. spam is spam and you have rights. It will mentally get you and you will never have mental peace and if you get this and it is a lot to move all your stuff to another email address then get to it.

You will find the spammers send messages in their spam if they think they have trumped you and also if you have pulverised them. Its a bit sad really but if you don't be vigilant for a few months it will get worse.

At this stage I have them on the run and want all you people to help squash this sh** and the owners. They are vermin.

Share this post


Link to post
Share on other sites
Posted (edited)
11 hours ago, Amazon Busted said:

The AMAZON spam is slowing but AMAZON is hiding their incompetent systems that have most likely been hacked with a mail scri_pt to hide the spammers trail.

To any noobs, UNSUBSCRIBING from spam gets you more spam. I have read that some people think this works. It does not with real spam. Do not confuse unsubscribing from legitimate newsletters or promotional material as an answer. You must report the spam. spam is spam and you have rights. It will mentally get you and you will never have mental peace and if you get this and it is a lot to move all your stuff to another email address then get to it.

You will find the spammers send messages in their spam if they think they have trumped you and also if you have pulverised them. Its a bit sad really but if you don't be vigilant for a few months it will get worse.

At this stage I have them on the run and want all you people to help squash this sh** and the owners. They are vermin.

Mine only stopped just after dobbing DC2 into their sales online shopping department telling them there abuse department needed a shake-up.
This was going on for years and being ignored it doesn't help they refuse spamcop reports they need security to pick them up and escort the abuse them from the building, I suspect it was a inside job as to many reports were just being ignored for years.

Edited by petzl

Share this post


Link to post
Share on other sites
Posted (edited)
12 hours ago, Amazon Busted said:

Use CHROME incognito to assist hiding your location

FYI, to all:

Opera (browser) have an inbuilt, free VPN, works well, not a lot of lag...

Brave has TOR, but, it's a bit buggy...

Cheers!

G🦗H

Edited by MIG

Share this post


Link to post
Share on other sites
1 hour ago, MIG said:

FYI, to all:

Opera (browser) have an inbuilt, free VPN, works well, not a lot of lag...

Brave has TOR, but, it's a bit buggy...

Cheers!

G🦗H

Just check how much info it leaks
https://ipleak.net
also advise disabling  IPv6 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×