kluless Posted January 25, 2018 Share Posted January 25, 2018 Over the past couple of days I've had quite a surge in spam, from the usual 5 or 6 per day to 50+ today. This is on a Y! account... Anyone else having this problem? I've noticed that a lot of them are coming from a .win domain e.g. enarnusy@thrivedesigngrants.win and the host for all of the .win mails is limestonenetworks.com Link to comment Share on other sites More sharing options...
kluless Posted January 25, 2018 Author Share Posted January 25, 2018 Googled .win and got this... Quote .win is a generic top-level domain managed by Famous Four Media of Gibraltar, who pitch it as a memorable gTLD for "online gaming resources and services". Famous Four Media is managing "60 gTLD applications". Some ransomware posts ransom links that include .win and .onion URIs. Looks like it's a spammer's home from home Link to comment Share on other sites More sharing options...
Lking Posted January 25, 2018 Share Posted January 25, 2018 Not to sound flippant, but it must be your turn in the barrel. It seems to me that spam comes and goes in waves. Currently this forum is not receiving the 40-50 daily spam posting it usually receives. My email accounts also are on a low ebb. I have not noticed any email from the win TLD Link to comment Share on other sites More sharing options...
petzl Posted January 26, 2018 Share Posted January 26, 2018 12 hours ago, kluless said: Googled .win and got this... Looks like it's a spammer's home from home ONE/1 tracking url would be good? Link to comment Share on other sites More sharing options...
lisati Posted January 26, 2018 Share Posted January 26, 2018 I've noticed the pattern of having spam coming in waves, and recently noticed a flood of grumpy customers of the ISP I use on Facebook. I'm currently experiencing a lull in the amount of spam I'm receiving - the flow hasn't dried up completely, but it's a lot quieter for me. Link to comment Share on other sites More sharing options...
kluless Posted January 26, 2018 Author Share Posted January 26, 2018 7 hours ago, petzl said: ONE/1 tracking url would be good? 101.193.235.23 It's an APNIC address I got another 76 spams from them today, looks like if you report them they retaliate with even more... Link to comment Share on other sites More sharing options...
Lking Posted January 26, 2018 Share Posted January 26, 2018 A Tracking URL is at the top of the report page and looks like Quote SpamCop v 4.8.7 © 2018 Cisco Systems, Inc. All rights reserved. Here is your TRACKING URL - it may be saved for future reference: https://www.spamcop.net/sc?id=z6437551039z397c7682b607208ad3137a9ddf74157ez With that information we all can see the spam (your email address munged) and all the results of the parser. There may be some information you have overlooked. Link to comment Share on other sites More sharing options...
petzl Posted January 26, 2018 Share Posted January 26, 2018 11 hours ago, kluless said: 101.193.235.23 It's an APNIC address I got another 76 spams from them today, looks like if you report them they retaliate with even more... 101.193.235.23 don't tell one much need 1 tracking url your email is probably on a Chinese botnet. Online criminals continue to distribute spam and carry out scams - even with the Chinese government involved. Link to comment Share on other sites More sharing options...
kluless Posted January 27, 2018 Author Share Posted January 27, 2018 https://www.spamcop.net/sc?id=z6437942796zf3e2fda0357f6c503e5184f8a79ee8b0z Link to comment Share on other sites More sharing options...
Lking Posted January 27, 2018 Share Posted January 27, 2018 2 hours ago, kluless said: https://www.spamcop.net/sc?id=z6437942796zf3e2fda0357f6c503e5184f8a79ee8b0z I'm confused what does this tracking URL have to do with 101.193.235.23? The tracking URL wants to report "Re: 60.233.211.56 (Administrator of network where email originates)" By the way you can go ahead and report this spam and the Tracking URL will still be available. Link to comment Share on other sites More sharing options...
kluless Posted January 27, 2018 Author Share Posted January 27, 2018 I had already deleted the spam from 101.193.235.23, so I used the report from another .win spam, I had 76 to choose from so I went for the most recent one. Link to comment Share on other sites More sharing options...
petzl Posted January 27, 2018 Share Posted January 27, 2018 21 hours ago, kluless said: https://www.spamcop.net/sc?id=z6437942796zf3e2fda0357f6c503e5184f8a79ee8b0z phishing spam from china you didn't submit? Link to comment Share on other sites More sharing options...
kluless Posted January 29, 2018 Author Share Posted January 29, 2018 Of course I submitted it, how else would I receive the tracking URL? Link to comment Share on other sites More sharing options...
petzl Posted January 29, 2018 Share Posted January 29, 2018 11 hours ago, kluless said: Of course I submitted it, how else would I receive the tracking URL? The tracking URL you copy is only there BEFORE you submit, It canbe used after you submit to check report Link to comment Share on other sites More sharing options...
kluless Posted February 5, 2018 Author Share Posted February 5, 2018 No (dot)win spam for 3 days, looks like they've been shut down... Link to comment Share on other sites More sharing options...
petzl Posted February 6, 2018 Share Posted February 6, 2018 15 hours ago, kluless said: No (dot)win spam for 3 days, looks like they've been shut down... The "Alibamer" or "fake header" Spammer came alive again sent report to Cert, China from my email account, shut spammer down for a week last time. https://www.spamcop.net/sc?id=z6442078877zdcbce78955ff93c281d2d0169c7b6886z Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.