Рубрика: microsoft.com

The host at this IP address is being (ab)used to «listbomb» email addresses: From: nancyuzos@outlook.com Subject: Top Rank In Search Engines Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================… Читать далее Abused / misconfigured newsletter service (listbombing)

The host at this IP address is being (ab)used to «listbomb» email addresses: From: clausjohnsens@outlook.com Subject: 1st page in ……..Google! Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In… Читать далее Abused / misconfigured newsletter service (listbombing)

The following domains land here: 40.74.135.74 www.smbc-cord.club 40.74.135.74 smbc-cord.club 40.74.135.74 smoccoad.link I sincerely doubt a bank would host on AZURE. Especially not with suspicious TLDs.

The host at this IP address is being (ab)used to «listbomb» email addresses: From: alexoclo@outlook.com Subject: Re: High-Quality / Low-Budget Gastronomy mobile app Development Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns.… Читать далее Abused / misconfigured newsletter service (listbombing)

accountpanelmembershiprecovery.com accountpremiummembershiprecovery.com auth2accountpremiummembershiprecovery.com auth2cgimymembershiprecoverypremium.com auth2cgipremiummembershipaccrecovery.com auth2cgipremiummembershiprecovery.com auth2cgirestoremypaymentmembershi.com auth2membershipaccountcgirecovery.com auth2mymembershiprecoverypremium.com auth2premiummembershipaccrecovery.com auth2premiummembershippaymentrecovery.com auth2recoverymymembershipaccount.com auth2recoverymymembershippayment.com auth2recoverymypremiummembership.com auth2rejoinpremiummembershipacc.com auth2renewmymembership.com auth2renewpaymentmembershipacc.com auth2restoremypremiummembershipacc.com auth2restorepaymentmembershipa.com auth2servicemymembershippayment.com auth2servicemypremiumaccountmembership.com auth2supportpremiummembership.com recoverymymembershipaccount.com service2recoverymymembershipacc.com servicemypremiumaccountmembership.com support2recoverymymembershipaccount.com support2recoverypaymentmembership.com support2rejoinpremiummembership.com web2cgirecoverymembershipaccount.com web2restoremypaymentmembership.com web2restoremypremiummembership.com web2supportmembershipaccount.com

The host at this IP address is being (ab)used to «listbomb» email addresses: From: brayden.chase34@hotmail.com Subject: WEB-QT Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================ In order to resolve… Читать далее Abused / misconfigured newsletter service (listbombing)

Phish source ==================================================================== Received: from srv01.ttnetwebim.com (srv01.ttnetwebim.com [93.155.109.2]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by X (Postfix) with ESMTPS id X for <X>; Thu, 1 Oct 2020 X Received: by srv01.ttnetwebim.com (Postfix, from userid 10632) id X; Fri, 2 Oct 2020 X To: X Subject: ***SPAM*** Bitte bestatigen… Читать далее Phish source @51.103.147.37

Spam source ==================================================================== Received: from collinsdictionary.com (mydpd1.canadacentral.cloudapp.azure.com [52.138.11.68]) by X (Postfix) with ESMTP id X for <X>; Fri, 2 Oct 2020 X Received: by collinsdictionary.com (Postfix, from userid 33) id X; Fri, 2 Oct 2020 X Date: Fri, 2 Oct 2020 X To: X From: =?utf-8?Q?dpd=2ech?= <ezv@dpd.ch> Subject: =?utf-8?Q?=e2=9c=88=20Benachrichtigungen=3a=20Zoll=2dKundendienst?= Message-ID: <X@52.138.11.68> […] ====================================================================

Resolving amonge-japanes-amz.cintaku-diatasbalkon.com (amonge-japanes-amz.cintaku-diatasbalkon.com)… 40.117.34.42 <—————- here. 40.117.34.42 dj8aso.com 40.117.34.42 accountsupportalert-amazon-com.dj8aso.com 40.117.34.42 acccountsupportalert-amazon-com.dj8aso.com 40.117.34.42 asukoecok.com 40.117.34.42 service-mailapp-supportid-32882r.hahipglow.com 40.117.34.42 camonis.com 40.117.34.42 csi.myvnc.com Received: from smtp189.octdeliver.in (smtp189.octdeliver.in [199.166.36.189]) (using TLSv1.2 Date: Sat, 3 Oct 2020 x +0530 To: «x» <x> From: アカウントアラート <support@yahoo.jp> Subject: * 【アラート】確認してください Message-ID: <x@tcmail15.in> Received: from Zioalfino (172.31.3.82) (wait, is this yahoo or amazon… Читать далее Chinese phisher trying to phish Amazon JP (landing site.)

The host at this IP address is being (ab)used to «listbomb» email addresses: From: mattzuziks@outlook.com Subject: driving traffic to your website Problem description ============================ Spammers signed up for the bulk email service using the victim’s email address. As a result, the victim is being «listbombed» with transactional messages and bulk email campaigns. Problem resolution ============================… Читать далее Abused / misconfigured newsletter service (listbombing)