Jump to content

Being Bombarded by spam from Hotmail


Recommended Posts

For a couple months now I have been bombarded with emails from hotmail.    They used to point to spam content servers on Cloudfare.com.   I kept reporting them and sending them emails directly, and now they are not coming point to servers there, but now on apeironglobal.co

I am getting about 60 spam emails a day now.  everyone of them is coming from HOTMAIL, at least according the my Spamcop reporting.   Reporting to hotmail does not seem to curtail it.  Any suggestions?

https://www.spamcop.net/sc?id=z6755238869z59c1a5ab009aab684b0001e197efd08ez

https://www.spamcop.net/sc?id=z6755238870z77f49f166b311b8d9e9e75ca61dacb1ez

https://www.spamcop.net/sc?id=z6755238871z1eea6486f690da806102a2b97a589ca5z

Report spam to:

Re: 2603:10a6:20b:41c:0:0:0:11 (Administrator of network where email originates)
 To: report_spam@hotmail.com (Notes)

Re: 2a01:111:f400:7d00:0:0:0:613 (Administrator interested in intermediary handling of spam)
 To: report_spam@hotmail.com (Notes)

Re: http://hotjubziro.org.uk/rd/c4557SvGpD110460XTk... (Administrator of network hosting website referenced in spam)
 To: abuse@apeironglobal.co (Notes)

Re: http://hotjubziro.org.uk/rd/u4557adcWb110460LvG... (Administrator of network hosting website referenced in spam)
 To: abuse@apeironglobal.co (Notes)

 

THanks much for any direction!


Dennis

Link to comment
Share on other sites

Posted (edited)
On 5/14/2022 at 10:16 AM, dennis12 said:

For a couple months now I have been bombarded with emails from hotmail.    They used to point to spam content servers on Cloudfare.com.   I kept reporting them and sending them emails directly, and now they are not coming point to servers there, but now on apeironglobal.co

I am getting about 60 spam emails a day now.  everyone of them is coming from HOTMAIL, at least according the my Spamcop reporting.   Reporting to hotmail does not seem to curtail it.  Any suggestions?

https://www.spamcop.net/sc?id=z6755238869z59c1a5ab009aab684b0001e197efd08ez

https://www.spamcop.net/sc?id=z6755238870z77f49f166b311b8d9e9e75ca61dacb1ez

https://www.spamcop.net/sc?id=z6755238871z1eea6486f690da806102a2b97a589ca5z

Report spam to:

Re: 
I believe (Administrator of network where email originates)
 To: report_spam@hotmail.com (Notes)

Re: 2a01:111:f400:7d00:0:0:0:613 (Administrator interested in intermediary handling of spam)
 To: report_spam@hotmail.com (Notes)

Re: http://hotjubziro.org.uk/rd/c4557SvGpD110460XTk... (Administrator of network hosting website referenced in spam)
 To: abuse@apeironglobal.co (Notes)

Re: http://hotjubziro.org.uk/rd/u4557adcWb110460LvG... (Administrator of network hosting website referenced in spam)
 To: abuse@apeironglobal.co (Notes)

 

THanks much for any direction!


Dennis

Hotmail/microsoft seem to use 
CERT[AT]microsoft[DOT]com 
they have a myriad of abuse addresses for different ambitions,/
I suspect "report_spam" maybe a SpamCop legacy issue(not working or ignored).
SpamCop reports URL's to the IP owner, the registrar needs to be contacted also you can get that info here
https://mxtoolbox.com
I use a Windows freeware program
http://www.gena01.com/win32whois/

Edited by petzl
Link to comment
Share on other sites

On 5/13/2022 at 6:16 PM, dennis12 said:
Report spam to:

Re: 2603:10a6:20b:41c:0:0:0:11 (Administrator of network where email originates)
 To: report_spam@hotmail.com (Notes)

Re: 2a01:111:f400:7d00:0:0:0:613 (Administrator interested in intermediary handling of spam)
 To: report_spam@hotmail.com (Notes)

Much of what I have seen of 2603:10a6::/32 seems to be an internal hotmail relay.  I am not sure that SpamCop has the mailhosts properly detecting the millions of IPs they are using for mail movement.

Link to comment
Share on other sites

Thanks all. --- I've expanded my reporting.......I am getting various responses like:

 

----

Based on the information you have provided, this may have originated from an account hosted on Microsoft Azure.

We forwarded your complaint to the CERT team for review and action.

Should you encounter additional reports from the same IP, send them directly to Cert@Microsoft.com.

--------

or

Based on the information you provided, it appears to have originated from an Office 365 or Exchange Online tenant account.

To report junk mail from Office 365 tenants, send an email to junk@office365.microsoft.com and include the junk mail as an attachment.

 

Hopefully they can make it stop.

 

 

Link to comment
Share on other sites

Posted (edited)
6 hours ago, dennis12 said:

Hopefully they can make it stop.

unfortunately spammer will just use another free/or compromised account

However attack is your only defense!

Edited by petzl
Link to comment
Share on other sites

12 hours ago, petzl said:

unfortunately spammer will just use another free/or compromised account

I wonder who is going to spin up the next cloud to offer a try before you buy account.  Most of the cloud offerings such as Azure offer free incentives to get new customers and spammers abuse that.  Block the spammers and they block their advertising to get new customers.....

Link to comment
Share on other sites

Posted (edited)
5 hours ago, gnarlymarley said:

I wonder who is going to spin up the next cloud to offer a try before you buy account.  Most of the cloud offerings such as Azure offer free incentives to get new customers and spammers abuse that.  Block the spammers and they block their advertising to get new customers.....

Well Elon Musk claims 90% of Twitter user are bots or fake.
Probably Facebook similar? His method of checking was a user with 1000 followers he checked every tenth one, 90% were spam bots.
https://nypost.com/2022/05/16/elon-musk-says-twitter-claims-bot-check-broke-nda/?utm_source=NYPTwitter&utm_medium=SocialFlow&utm_campaign=SocialFlow

Edited by petzl
Link to comment
Share on other sites

On 5/16/2022 at 8:15 PM, petzl said:

Well Elon Musk claims 90% of Twitter user are bots or fake.
Probably Facebook similar?

I am curious how companies can really tell the difference between real users and bots.  My personal facebook account was labeled as fake until I went in and verified added my phone.  I know others that just left facebook when their accounts were called "fake" and have never gone back.  There are some accounts that are obviously bots.  There are others that steal/share abandoned accounts.  I do not believe that everyone can distinguish the line between bots and us as easy as I would hope.  Most bots have some sort of human control and the reporting of those can sometimes slow the bots.

Link to comment
Share on other sites

5 hours ago, gnarlymarley said:

I am curious how companies can really tell the difference between real users and bots.  My personal facebook account was labeled as fake until I went in and verified added my phone.  I know others that just left facebook when their accounts were called "fake" and have never gone back.  There are some accounts that are obviously bots.  There are others that steal/share abandoned accounts.  I do not believe that everyone can distinguish the line between bots and us as easy as I would hope.  Most bots have some sort of human control and the reporting of those can sometimes slow the bots.

I don't like using my real name on internet but because long lost friends have moved everywhere I opened a Facebook account with real name and a Gmail with real name. Before I used it were getting spam from Russia, I went into his server using it's IP address, they had encryption bots so I then set about shutting down their Youtube Crypto currency videos and full spam report to email provider registrar etc! Pretty sure it was sold to them by Facebook, they have a lot of con advertisements even with PayPal accounts.

Companies can use Bots to detect other Bots.
Since Musk let the cat out of the bag, it's become a concern to many.
Norton say this is how
7 ways to recognize a Twitter bot
Here are several ways to help detect if a Twitter account is a bot or not. Keep in mind, a bot’s setup and activity often appears automated.
When trying to determine if an account might be a bot, beware of the following red flags:
IP correlation — the geographical location of Twitter accounts.
Time-based correlation — the release of tweets in close proximity. 
Automation — when an account tweets short replies that appear automated.
Content similarity — when the same content is tweeted at the same time.
Account creation — Twitter bots with recent creation dates.
Account description — when an account looks automated because its username contains numbers. Also, it appears anonymous in the absence of a photo, biography, or profile description.
Account activity — when a bot follows a lot of accounts but does not have many followers, and it’s retweeting and tweeting content faster than a human could.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...