April 13th, 2005, 11:22 AM
Stopping fakes sites
I got this email supposedly from paypal saying that my account may become inactive, I am aware it is a scam and the link is an IP address belongs to a company in Vietnam. I have mailed the technical emamil address on there to let him know that this dodge link is on their web server but is there any chance that I can do anything else to stop other people clicking on this link?
This link is http://184.108.40.206/support/support.asp
April 13th, 2005, 12:23 PM
You already did all you can do
Reporting the dodgy site and perhaps the real sender's ISP of the email there's something fishy going on is about the only thing you could do. Just make sure you send them the complete email (including all the headers). Don't do any digging yourself as this usually results in your email being ignored. Just state what you think is going on and cut 'n past the headers and the body.
Oh, and if you can find it use the abuse email address. Most providers have one. If it isn't mentioned in the whois info just try firstname.lastname@example.org. If it bounces, see if they have any contact info on their website. Sometimes the technical contacts in the whois info is outdated.
Experience is something you don't get until just after you need it.
April 13th, 2005, 12:51 PM
Found this. Check it out.
- You might want to try to contact the above e-mail and report the incident.
Source - apnic - http://www.apnic.net/apnic-bin/whois.pl
- search for 220.127.116.11
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 18.104.22.168 - 22.214.171.124
descr: Vietnam Posts and Telecommunications (VNPT)
descr: 23 Phan Chu Trinh st., Hanoi capital, Vietnam
status: ALLOCATED PORTABLE
person: Nguyen Xuan Cuong
address: Vietnam Posts and Telecommunications (VNPT)
address: 18 Nguyen Du street, Hanoi capital, Vietnam
person: Khanh Nguyen Hien
address: Vietnam Datacommunications Company (VDC)
address: 258 Ba Trieu street, Hanoi capital, Vietnam
remarks: Contact: email@example.com
an\"to*nym (noun) [Greek: a word used in substitution for another]
A word of opposite meaning ; a counter-term ; used as a correlative of synonym
- Dr. Gung-ho
April 13th, 2005, 12:59 PM
I already have, I just wanted to know if I could let someone who allocates the IP addresses to that company as I informed them on monday morning and still the site stays up.
April 13th, 2005, 01:10 PM
ok I have the email an I am trying to find the orgin of the email I believe it could be techtarget.
Received: from aamta01-winn.mailhost.ntl.com ([126.96.36.199]) by mta08-winn.mailhost.ntl.com with ESMTP id <20050412184415.EGDD928.firstname.lastname@example.org>; Tue, 12 Apr 2005 19:44:15 +0100
Received: from muedsl-82-207-246-065.citykom.de ([188.8.131.52]) by aamta01-winn.mailhost.ntl.com with SMTP id <20050412184414.VYCA1187.email@example.com>; Tue, 12 Apr 2005 19:44:14 +0100
Received: from xesp.com by stout8184.108.40.206.82 (9.52.7/6.48.9) id vs38IPGdW9595 with SMTP; Tue, 12 Apr 2005 13:39:11 -0600
Date: Tue, 12 Apr 2005 23:41:11 +0400
April 13th, 2005, 01:12 PM
Have you informed PayPal? I've found that by dealing with them the problem gets resolved rather quickly and far more so than dealing with the "offending" ISP.
April 13th, 2005, 01:16 PM
I have mailed paypal about a previous attempt to gain my information and they never responded to my email telling me they were dealing with it
April 13th, 2005, 01:17 PM
That was through this page right?
Sometimes they may not respond right away. Additionally you may want to send it off to http://www.antiphishing.org
April 13th, 2005, 01:19 PM