Stopping fakes sites
Results 1 to 9 of 9

Thread: Stopping fakes sites

  1. #1
    Junior Member
    Join Date
    Oct 2002
    Posts
    11

    Stopping fakes sites

    I got this email supposedly from paypal saying that my account may become inactive, I am aware it is a scam and the link is an IP address belongs to a company in Vietnam. I have mailed the technical emamil address on there to let him know that this dodge link is on their web server but is there any chance that I can do anything else to stop other people clicking on this link?

    This link is http://203.162.1.205/support/support.asp

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    You already did all you can do

    Reporting the dodgy site and perhaps the real sender's ISP of the email there's something fishy going on is about the only thing you could do. Just make sure you send them the complete email (including all the headers). Don't do any digging yourself as this usually results in your email being ignored. Just state what you think is going on and cut 'n past the headers and the body.

    Oh, and if you can find it use the abuse email address. Most providers have one. If it isn't mentioned in the whois info just try abuse@their.domain. If it bounces, see if they have any contact info on their website. Sometimes the technical contacts in the whois info is outdated.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Member
    Join Date
    Apr 2005
    Posts
    45

    Trace

    Found this. Check it out.

    Source - apnic - http://www.apnic.net/apnic-bin/whois.pl - search for 203.162.1.205

    % [whois.apnic.net node-1]
    % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

    inetnum: 203.162.0.0 - 203.162.255.255
    netname: VNPT-VNNIC-VN
    country: VN
    descr: Vietnam Posts and Telecommunications (VNPT)
    descr: 23 Phan Chu Trinh st., Hanoi capital, Vietnam
    admin-c: NXC1-AP
    tech-c: KNH1-AP
    status: ALLOCATED PORTABLE
    changed: hm-changed@vnnic.net.vn 20041011
    mnt-by: MAINT-VN-VNNIC
    mnt-lower: MAINT-VN-VNPT
    source: APNIC

    person: Nguyen Xuan Cuong
    nic-hdl: NXC1-AP
    e-mail: cuong.ng@vnn.vn
    address: Vietnam Posts and Telecommunications (VNPT)
    address: 18 Nguyen Du street, Hanoi capital, Vietnam
    phone: +84-4-9430427
    fax-no: +84-4-8226861
    country: VN
    changed: hm-changed@vnnic.net.vn 20040527
    mnt-by: VNPT
    source: APNIC

    person: Khanh Nguyen Hien
    address: Vietnam Datacommunications Company (VDC)
    address: 258 Ba Trieu street, Hanoi capital, Vietnam
    country: VN
    phone: +84-4-8212680
    fax-no: +84-4-9760397
    e-mail: pbthuy29@vnn.vn
    nic-hdl: KNH1-AP
    remarks: Contact: pbthuy29@vnn.vn
    mnt-by: VNPT
    changed: admin.vnn@vnnic.net.vn 20020604
    source: APNIC
    - You might want to try to contact the above e-mail and report the incident.

    -GONE
    an\"to*nym (noun) [Greek: a word used in substitution for another]
    A word of opposite meaning ; a counter-term ; used as a correlative of synonym
    - Dr. Gung-ho

  4. #4
    Junior Member
    Join Date
    Oct 2002
    Posts
    11
    I already have, I just wanted to know if I could let someone who allocates the IP addresses to that company as I informed them on monday morning and still the site stays up.

  5. #5
    Junior Member
    Join Date
    Oct 2002
    Posts
    11
    ok I have the email an I am trying to find the orgin of the email I believe it could be techtarget.

    Received: from aamta01-winn.mailhost.ntl.com ([212.250.162.8]) by mta08-winn.mailhost.ntl.com with ESMTP id <20050412184415.EGDD928.mta08-winn.mailhost.ntl.com@aamta01-winn.mailhost.ntl.com>; Tue, 12 Apr 2005 19:44:15 +0100
    Received: from muedsl-82-207-246-065.citykom.de ([82.207.246.65]) by aamta01-winn.mailhost.ntl.com with SMTP id <20050412184414.VYCA1187.aamta01-winn.mailhost.ntl.com@muedsl-82-207-246-065.citykom.de>; Tue, 12 Apr 2005 19:44:14 +0100
    Received: from xesp.com by stout853.140.118.182.82 (9.52.7/6.48.9) id vs38IPGdW9595 with SMTP; Tue, 12 Apr 2005 13:39:11 -0600
    Message-ID: <20041101163013.ED8DA244AE@mailhost10.lists.techtarget.com>
    Date: Tue, 12 Apr 2005 23:41:11 +0400
    ----------------------------------------------------
    Pegasys
    http://stephen.closednetworks.org.uk

    ----------------------------------------------------

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Have you informed PayPal? I've found that by dealing with them the problem gets resolved rather quickly and far more so than dealing with the "offending" ISP.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Junior Member
    Join Date
    Oct 2002
    Posts
    11
    I have mailed paypal about a previous attempt to gain my information and they never responded to my email telling me they were dealing with it
    ----------------------------------------------------
    Pegasys
    http://stephen.closednetworks.org.uk

    ----------------------------------------------------

  8. #8
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    That was through this page right?

    https://www.paypal.com/ewf/f=pps_spf

    Sometimes they may not respond right away. Additionally you may want to send it off to http://www.antiphishing.org

    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  9. #9
    Junior Member
    Join Date
    Oct 2002
    Posts
    11
    that will be the page
    ----------------------------------------------------
    Pegasys
    http://stephen.closednetworks.org.uk

    ----------------------------------------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •