Snowbat Posted November 27, 2020 Share Posted November 27, 2020 (edited) 20.33.0.0 - 20.128.255.255 is Microsoft but SpamCop reports 20.73.0.72 directly to the spammer. I've seen similar misreporting for other Microsoft-hosted spammers. https://www.spamcop.net/sc?id=z6692876685z0b26f07c4b20c3a2543ebe996cd74d4fz Routing details for 20.73.0.72[refresh/show] Cached whois for 20.73.0.72 : abuse@microsoft.com Using best contacts abuse@microsoft.com Using rdns to route to correct Microsoft department host 20.73.0.72 = vi44.viv0digital.com. (cached) abuse net viv0digital.com = postmaster@viv0digital.com In this case, the spammer is sending "invoice reminders" purporting to be from Brazilian carrier Vivo with "download/print" link that redirects to a java scri_pt-wrapped malware download. Edited November 27, 2020 by Snowbat Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.