A phish operation is sending phish from a number of Linode IP addresses. SENDING IPs: 139.177.202.32 139.177.202.85 139.177.202.14 170.187.144.35 170.187.155.146 194.195.214.65 194.195.214.86 SPAM SAMPLE: Received: from omaik.com (170-187-155-146.ip.linodeusercontent.com [170.187.155.146]) Date: Fri, 8 Apr 2022 13:##:## +0000 (UTC) From: Danske Bank <support@omaik.com> Reply-To: support@omaik.com Subject: ? Sinulla on uusi viestie <snip> Sinulla on (1) tärkeä viesti… Читать далее Phish Emitters! (Target: Danske Bank)
Автор: blog
Phish Emitters! (Target: Danske Bank)
A phish operation is sending phish from a number of Linode IP addresses. SENDING IPs: 139.177.202.32 139.177.202.85 139.177.202.14 170.187.144.35 170.187.155.146 194.195.214.65 194.195.214.86 SPAM SAMPLE: Received: from omaik.com (170-187-155-146.ip.linodeusercontent.com [170.187.155.146]) Date: Fri, 8 Apr 2022 13:##:## +0000 (UTC) From: Danske Bank <support@omaik.com> Reply-To: support@omaik.com Subject: ? Sinulla on uusi viestie <snip> Sinulla on (1) tärkeä viesti… Читать далее Phish Emitters! (Target: Danske Bank)
Spam Emitter (Malaysian Export Academy) (P2P Hub)
This IP address is sending spam for the Malaysian Export Academy (P2P Hub), a Malaysia-based business training provider that spams scraped, purchased or appended lists to advertise its services. Received: from mail.aksaplt.com (mail.aksaplt.com [51.79.240.72]) Received: from [118.101.251.241] (helo=MEAPC0021) Date: Fri, 8 Apr 2022 12:##:## +0800 From: «Industry 4.0 Seminar» <info@aksaplt.com> Reply-To: shafinaahmea@gmail.com Subject: Incentives and… Читать далее Spam Emitter (Malaysian Export Academy) (P2P Hub)
Malware botnet controller @185.251.90.118
The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse. Malware botnet controller located at 185.251.90.118 port 443: $ telnet 185.251.90.118 443 Trying 185.251.90.118… Connected to 185.251.90.118. Escape character is ‘^]’… Читать далее Malware botnet controller @185.251.90.118
Spam Hosting (medscijrnlresearchelicit.biz) (OMICS)
Namecheap hosts the A record and website for the domain medscijrnlresearchelicit.biz, which is registered by OMICS and is used in spam URIs to accept submissions to OMICS journals. OMICS is a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased or appended email addresses. Received:… Читать далее Spam Hosting (medscijrnlresearchelicit.biz) (OMICS)
Spam MX Services (OMICS)
The following iP addresses are hosting inbound MX services for domains registered by OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased, or appended lists. Most OMICS spam relies wholling or partly on dropbox email addresses not at the sending domain to receive… Читать далее Spam MX Services (OMICS)
Spam MX Services (OMICS)
The following iP addresses are hosting inbound MX services for domains registered by OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased, or appended lists. Most OMICS spam relies wholling or partly on dropbox email addresses not at the sending domain to receive… Читать далее Spam MX Services (OMICS)
Spam MX Services (OMICS)
The following iP addresses are hosting inbound MX services for domains registered by OMICS, a publisher of «open-access» journals that solicits contributions and (by implication) fees and/or subscriptions through spam sent to scraped, purchased, or appended lists. Most OMICS spam relies wholling or partly on dropbox email addresses not at the sending domain to receive… Читать далее Spam MX Services (OMICS)
phishing server
20.89.68.45|eqcwsljodm.com|2022-04-10 09:56:28 20.89.68.45|sdguffycjz.com|2022-04-09 22:06:30 hXXps://eqcwsljodm.com/kuatkanlah/bos/
phishing server
104.209.195.167|emiratepost.online|2022-04-09 05:31:48 104.209.195.167|form.irsgovusa.com|2022-04-07 18:21:29 104.209.195.167|paymentdata.irsgovusa.com|2022-04-07 18:21:29 104.209.195.167|portal.irsusagovernment.com|2022-04-08 12:55:47 104.209.195.167|web.irsusagovernment.com|2022-04-07 14:31:37 104.209.195.167|web.payirsgov.com|2022-04-09 15:01:10 104.209.195.167|webirsgov.com|2022-04-09 14:11:15 104.209.195.167|websiteemiratespost.online|2022-04-09 07:12:00 104.209.195.167|websiteemiratespost.site|2022-04-09 06:36:15