klappa Posted January 15, 2016 Share Posted January 15, 2016 In about 1,5 years now i gotten spam from the now famous EvaPharmacy fraud group. They usually register their fake fraud Pharmacy domains at R01.ru which is famous for hosting the most fraud domains in the world. This REGISTER never shuts down anything and if they reply they usually come up with a lame excuse. I can safely say i have contacted everyone even Russian authorities and their CERT team. I even contacted the parent company of the Broadband service which hosts all those fraud domains, no answer. Nothing! Somehow they have gotten hold of my other mail address as well which has the same name but with a different provider and is also being bombarded with their spam. I don't even know how they got my mail from the beginning. I can take skammers and some phishing e-mails now and then but i usually get several of these spams every day and they never stop. They usually hack webservers through a php vulnerability to form e-mail addresses and using bots to distribute them that way they never will be tracked directly but all the sites connects to 220.127.116.11 which is owned by Russian Cortina Broadband and their parent company is Vimpelcom one of Russians biggest telecom companies. Here's a map which gives a good view over which domains connects to that ip number https://www.robtex.com/en/advisory/ip/95/31/22/193/ Here's a typical spamcop report https://www.spamcop.net/sc?id=z6205604617z1bd2598387ea9fcc19ace4ddc2e16443z. Here's a whois record on one of their domains domain: GLOBALHEALTHSUPPLY.RUnserver: ns1.globalhealthsupply.ru. 18.104.22.168nserver: ns2.globalhealthsupply.ru. 22.214.171.124state: REGISTERED, DELEGATED, VERIFIEDperson: Private Personregistrar: R01-RUadmin-contact: https://partner.r01.ru/contact_admin.khtmlcreated: 2015.11.09paid-till: 2016.11.09free-date: 2016.12.10source: TCI It is part of the Yambo Financials spamnetwork and bulker.biz organization: http://www.spamhaus.org/rokso/evidence/ROK3780/yambo-financials/media-oh-that-must-be-anton and http://fraud-reports.wikia.com/wiki/Bulker.biz. Is there anything more i can do? Or should i accept these spams? Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.