[Bpf-cybersecurity] Fwd: Phishing ad nauseam by sociopath
Marilson
marilson.mapa at gmail.com
Fri Dec 13 21:08:24 EST 2019
Hi Doctor, always a gentlemen. You disagree and argue without insulting or
mocking. I hope those who defend criminals learn from you how to accept the
contradictory.
Dr. I do not want to be cause for your sadness and I must say that I do not
believe the American authorities when they blame West African governments
for what they do. Advance Fee Scam is prior to the Internet and appears to
have started in Nigeria using physical mail. With the Internet this scam
has grown exponentially making it quite lucrative for... American companies
that run the Internet and not for WA countries. After all, Doctor, it's
only 500 billion spam and scam a day... The goal is a trillion. Since
submitting proof-of-evidence reports to ISPs, Registrars, ICANN, and public
authorities is a total waste of time, they need to blame someone, okay?
Unfortunately the strategies you expose didn't work, aren't working, and
won't work out. And the reason is very simple and obvious: excessive greed
and total lack of ethics. This is the general picture: an unbridled
laissez-faire where ends (profit) justify the means. Any resemblance to
companies like Enron, Goldman Sachs, HSBC, Volkswagen, Mitsubishi,
Theranos, Facebook, Cambridge Analytica, Google, is no mere coincidence.
The agenda of our globalized economy is: cheat as much as possible, just
try not to get caught.
We do not need more laws and regulations. Just enforce respect for existing
AUPs, ToSs, ASPs, Codes of Conduct, and Contracts. Impose severe penalties
on companies that do not comply with regulations. And obviously prevent the
current regulations be replaced by something more "appropriate". And
include breaking the anonymity of those domains reported with evidence for
illicit practice. This breach of anonymity alone will reduce scams by over
90%.
FUNDAMENTAL RIGHTS ARE NOT ABSOLUTE TO THE POINT OF PROTECTING ILLICIT ACTS.
Note that these measures do not concern borders, country sovereignty or
local laws. Data that is always used by those who do not want to discuss
cyber security. They only concern the companies involved no matter where
they are. They will discipline themselves with the freedom we all crave for
the Internet. But of course we will need a new ICANN. An ICANN that does
not protect and hide unlawfulness.
In today's economy people's data is worth gold and they want to be as rich
as the Facebook owner, but the difference is that Mark Elliot Zuckerberg
does not steal data, he collects what he is offered. And the envy is so
great that he lost billions of dollars, testified in Congress and runs the
risk of being arrested. While the others, the ones who steal data... well,
who cares?
I'm sorry for using the word subsidies in a context where it is apparently
not used in the English language. So I redo the comment:
Want to read a joke? IGF intends to elaborate *ideas and drafts* for a
cyber security policy without imposing ethics on the companies that will
administer IoT, AI and Big Data... May the gods or hackers help us.
Marilson
Em qui., 12 de dez. de 2019 às 11:55, Timothy Asiedu <kwadwotasiedu@ gmail.
com> escreveu:
> Dear Marilson,
>
> Thank you very much for the reply.
>
> I feel sad to read that certain government in our area sponsor some
> Electronic Fraud activities . This is news to me , since electronic fraud
> in any form should
> be condemned. Our electronic environments need to be secure in order for
> productivity to be achieved. We need put good strategies in place in our
>
> organization in order to minimize electronic crimes. Continuous education
> / training in information / Cyber Security should be embarked upon since
> Information / Cyber Security deployment is a collective
> efforts of all in the organization.
>
> Since I am too clear with the term Virtual Colonizer or Virtual Colonized,
> I will remain neutral here, since I am a Professional / Author helping to
> provide a secure environment globally.
>
> Well I believe a budget will have to be provided for Cyber Security
> Policy, since Cyber Security issues are growing at an alarming rate
> globally. In my role as a Information Security Coordinator / Manager with
> my former employers many years ago, we always had a budget for Information
> / Cyber Security deployment.
>
>
> Kind regards,
>
>
> Timothy K. Asiedu , PhD
> Author's page : www. amazon. com/author/timothy.asiedu
>
>
>
> On Thu, Dec 12, 2019 at 1:41 AM Marilson <marilson.mapa@ gmail. com>
> wrote:
>
>> Dr. Asiedu, in fact security incidents vary greatly from one region to
>> another. They vary so much that they should be grounds for criticism for
>> you. Let me cite two examples among hundreds who I have denounced and filed
>> during more than six years:
>>
>> 1- Only from 11-10-2019 until 09-12-2019 I archived 118 messages
>> **Advance Fee Scam** from scammers of "your zone 5" - Burkina Faso, Benin,
>> Togo, Nigeria, Dhl Company of B. Faso. US officials say this theft is a
>> major financial resource for some governments "in your zone." If you
>> believe Americans are overreacting you should criticize. Otherwise you
>> should criticize your governments and especially the providers involved in
>> this cheating. Providers who have known these criminals for more than two
>> decades and refuse to suspend the lucrative contract even when they are
>> denounced with evidence. If this is not a reason to criticize I suggest
>> changing profession. By the way, you're using the same domain and IP
>> address of some scammers from those 118 messages that tried to steal my
>> money: **mail-sor-f65.google(dot)com 209.85.220.65**. It is Google's most
>> lucrative domain and preferred by criminals for anonymity guaranteed by the
>> estelionate's accomplices. With this domain you run the risk of being
>> confused with a scammer.
>>
>> 2- Let's just stay with the malware I reported in this original message:
>> ** Trojan.WinLNK.Agent **. Recalling that the original message I posted
>> here on the 9th of this month is proof that the main scammers are the ISPs
>> themselves protected and hidden by Registrars and ICANN.
>>
>> *"Malware of this family contains links for downloading malicious files,
>> or the path for launching a different malicious executable file, designed
>> to destroy, block, modify, or copy data, as well as interfere with the
>> operation of computers or computer networks."* (Kaspersky)
>>
>> Note the Geographical distribution of attacks during 2016. (Kaspersky)
>>
>> Country % of users attacked
>> worldwide
>> 1 India 13.70
>> 2 Algeria 10.06
>> 3 Vietnam 7.20
>> 4 Bangladesh 4.30
>> 5 Mexico 3.48
>> 6 Brazil 3.09
>> 7 Kazakhstan 2.81
>> 8 Morocco 2.33
>> 9 Saudi Arabia 2.26
>> 10 Kenya 2.22
>>
>> Now,look in this list for the USA, Canada or some Europe country...
>> They are not under attack but the providers that hosting and distributing
>> the scam are of those countries that are not under attack such as, Google,
>> Endurance ICANN (why not?), Clouflare, Hostinger, Zoho, Namecheap,
>> WhoisGuardian Protected, Yandex, Krek, Net-art, Ovh, etc, etc, etc. And
>> most of them refuse to punish the criminal client who is most often the
>> Provider itself. Ask Mr. Guterres Human Rights what he has been doing about
>> it.
>>
>> Here we must make a reflection. There was a time when settlers came to
>> distant lands and said, "Let's stay and pretend it's ours." But they did it
>> personally, live, at risk of retaliation, disease, and widespread
>> discomfort. Today, virtual settlers exploit and rob everyone with the
>> internet in their comfortable and secure homes and offices. It is a
>> cowardly society, rotten and unethical. These Internet companies, ICANN,
>> RIRs, Registrars and ISPs make up the GGM21C, the Great Global Mafia of the
>> 21st Century. Never in the history of mankind have so few done so much harm
>> to so many.
>>
>> Tell me Dr. Asiedu, are you a virtual colonizer or a virtual colonized?
>>
>> Want to read a joke? IGF intends to elaborate subsidies for a cyber
>> security policy without imposing ethics on the companies that will
>> administer IoT, AI and Big Data... May the gods or hackers help us.
>>
>> Marilson
>>
>>
>>
>> Em qua., 11 de dez. de 2019 às 08:19, Timothy Asiedu <kwadwotasiedu@
>> gmail. com> escreveu:
>>
>>> Dear Marilson,
>>>
>>> Thank you very much for the reply.
>>>
>>> In fact I must say that I am the type who does not like criticizing
>>> about Security incidences, because based
>>> on my experiences I have come to realize that some Security incidences
>>> can vary from one regional
>>> environment to the other. There may be certain incidences I have heard
>>> or experienced in Africa and may not be common
>>> in US or Europe. But whatever policies , practices or procedures I have
>>> written about in my book or researches are
>>> issues or cases I have experienced practically during my role as
>>> Information Security Coordinator / Manager with DHL Ghana Ltd (i.e. www.
>>> dhl. com)
>>> , from 1997-2002 and training/education/consulting programs. From 1994
>>> -1997, I was the Systems Administrator of the same organization, DHL Ghana
>>> Ltd.
>>> During my role with DHL Ghana Ltd., I used to support the other
>>> technical officers in our zone 5 ( i.e. DHL Benin, Togo, Liberia, Burkina
>>> Faso and Niger).
>>>
>>> Best regards,
>>>
>>>
>>> Timothy K. Asiedu , PhD
>>> Author's page: www. amazon. com/author/timothy.asiedu
>>>
>>>
>>>
>>>
>>> On Wed, Dec 11, 2019 at 1:44 AM Marilson <marilson.mapa@ gmail. com>
>>> wrote:
>>>
>>>> Dr. Asiedu, I am sorry if my version of the reasons for so much
>>>> Internet crime does not match the version of those who make it an income
>>>> motive. Millor Fernandes, a respected Brazilian cartoonist and playwright,
>>>> said: *"I distrust every idealist who profits from his ideal."*
>>>>
>>>> Assessments such as yours have set cyber security policies that have
>>>> never worked, are not working, and will never work because they are
>>>> designed with the basic purpose of maintaining a criminal but profitable
>>>> status quo. When these policies require ethical behavior from Internet
>>>> companies, imposing severe punishments on those who do not abide by their
>>>> AUPs, ToSs, ASPs, Codes of Conduct and Contracts, the Internet will
>>>> perpetuate its threatened freedom and will no longer be that muddy sea
>>>> where greedy sociopaths illegal enrichment themselves. The incompetent who
>>>> cannot survive without illicit acts will break down. And be damned those
>>>> who live at the expense of the threats that plague the Internet.
>>>>
>>>> Kind regards
>>>> Marilson
>>>>
>>>>
>>>> Em ter., 10 de dez. de 2019 às 05:59, Timothy Asiedu <kwadwotasiedu@
>>>> gmail. com> escreveu:
>>>>
>>>>> Dear Marilson,
>>>>>
>>>>> Thank you for the update.
>>>>>
>>>>> Kind regards,
>>>>>
>>>>>
>>>>> Timothy K. Asiedu
>>>>> Author's page: www. amazon. com/author/timothy.asiedu
>>>>>
>>>>>
>>>>> On Mon, Dec 9, 2019 at 4:39 AM Marilson <marilson.mapa@ gmail. com>
>>>>> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> ---------- Forwarded message ---------
>>>>>> De: Marilson <marilson.mapa@ gmail. com>
>>>>>> Date: seg., 9 de dez. de 2019 às 01:22
>>>>>> Subject: Fwd: Phishing ad nauseam by sociopath
>>>>>> To: <abuse@ hostinger. com>
>>>>>> Cc: <bpf-cybersecurity@ intgovforum. org>, <globalsupport@ icann.
>>>>>> org>, US Department of Justice <contact@ usdoj. gov>, <feedback@
>>>>>> naag. org>, <abuse@ namecheap. com>, <guardian.readers@ theguardian.
>>>>>> com>, <tips@ nytimes. com>, WikiLeaks <sunshinepress@ this. is>,
>>>>>> <adm@ weblink. com. br>, <info@ nic. br>
>>>>>>
>>>>>>
>>>>>> FUNDAMENTAL RIGHTS ARE NOT ABSOLUTE TO THE POINT OF PROTECTING
>>>>>> ILLICIT ACTS
>>>>>>
>>>>>> Theft of money, theft of personal and financial data, crime of
>>>>>> larceny by fraud and damage to computer operating systems do not combine
>>>>>> with any kind of secrecy. Fundamental rights are not absolute to the extent
>>>>>> of safeguarding unlawful acts. Let me repeat so that the bastards do not
>>>>>> say they did not read: Fundamental rights are not absolute to the point of
>>>>>> protecting illicit acts. Any magistrate, judge, prosecutor, lawyer,
>>>>>> politician or businessman who does not agree with this, belive, he has a
>>>>>> skeleton in the closet.
>>>>>>
>>>>>> Scam with domains with the extension <.com (dot)>> abound my mail.
>>>>>> All were reported with evidence. But Registrar and Host - Namecheap and
>>>>>> Cloudflare - refuse to comply with their agreements, AUPs, ToSs and Code of
>>>>>> Conduct that prohibit such unlawful activity. They are accomplices.
>>>>>>
>>>>>> I decided to report the latest scam with extension <.com(dot)de>
>>>>>> without copying the report to anyone. I knew that by doing so I would
>>>>>> awaken the worst in people. Said and done. With the arrogance that
>>>>>> characterizes sociopathy and the certainty of impunity Hostinger responded
>>>>>> to the complaint by asking for evidence to prove the scam. But the report
>>>>>> sent contained full header, scam URL, final URL, VirusTotal links for
>>>>>> malware identification by 11 scanners, domains, IP addresses and all
>>>>>> providers involved in the scam (see below). But Hostinger had to mock the
>>>>>> complaint.
>>>>>> Warning that I knew they were being dishonest I resubmitted all the
>>>>>> data but required scammer identification. After all, *fundamental
>>>>>> rights are not absolute to the point of protecting illicit acts*.
>>>>>> Hostinger replied that "*the reported domain name is currently
>>>>>> pointing to Cloudflare"*.
>>>>>>
>>>>>> WHAT WAS DONE: Hostinger used two domains to send scam with
>>>>>> **Trojan.WinLNK.Agent** malware:
>>>>>> <contasjurisp. com> and <gerenteempresarial. com. de>
>>>>>> Hosting registered <contasjurisp. com> with false data and told a
>>>>>> truth to tell a lie when writing that "*the reported domain name is
>>>>>> currently pointing to Cloudflare". *What Hostinger did not say is
>>>>>> that they hired Cloudflare which offers reverse proxy and all WHOIS would
>>>>>> point to Cloudflare. Hostinger hid behind Cloudflare to stay hidden in the
>>>>>> use of Trojans. *Cloudflare has confirmed by email that the Hosting
>>>>>> Provider is Hostinger*. Hostinger is committing various crimes such
>>>>>> as attempted theft and property damage (Computer Fraud and Abuse
>>>>>> Act), invasion of privacy and ideological falsehood. Notice the WHOIS
>>>>>> records from the registrar:
>>>>>>
>>>>>> Domain contasjurisp. com
>>>>>> IP addresses:104.27.160.184
>>>>>> Registrar: HOSTINGER
>>>>>> Registrant Name: zilda elenir - DOES NOT EXIST
>>>>>> Registrant Street: calos lanser - DOES NOT EXIST
>>>>>> Registrant City: novo hamburgo
>>>>>> Registrant State/Province: RS
>>>>>> Registrant Postal Code: 96222-642 - IT IS NOT FROM NOVO HAMBURGO
>>>>>> Registrant Email: zilda-elenir900@ protonmail. com - IT IS FAKE -
>>>>>> DomainIsWellKnownDea - *"At ProtonMail, privacy is our business
>>>>>> model - GDPR"*
>>>>>>
>>>>>> Ask ICANN, which has a contract prohibiting illicit activity, why
>>>>>> they admit this garbage and dirty stuff of Registrars. I have asked several
>>>>>> times and the answer has always been "out of scope". That has always been
>>>>>> the answer of GGM21C's Godfather, the Great Global Mafia of the 21st
>>>>>> Century.
>>>>>> The solution is very simple: just be decent. When someone reports a
>>>>>> scammer with evidence, identify him and cancel the contract. Or continue to
>>>>>> be accomplices and hiding the mobster colleagues.
>>>>>> You who have acted in bad faith in drafting and approving the GDPR,
>>>>>> remember this: FUNDAMENTAL RIGHTS ARE NOT ABSOLUTE TO THE POINT OF
>>>>>> PROTECTING ILLICIT ACTS. This immoral defense of anonymity that the
>>>>>> Providers make is only explained by the need to hide themselves when using
>>>>>> scam. Natural and legal persons of good, spend fortunes promoting
>>>>>> themselves.
>>>>>>
>>>>>> Even more immoral is the attitude of people who are paid to defend
>>>>>> the population and use the same harmful expression "out of scope" so as not
>>>>>> to have to demand decency and ethics from companies. I'm talking about Best
>>>>>> Practice Forum on Cybersecurity of IGF-UN, the National Association of
>>>>>> Attorneys General, US Department of Justice and the like around the world.
>>>>>>
>>>>>> *Rodrigo da Costa Wiethorn *Head of Hostinger Brazil and *Demi
>>>>>> Getschko* President of NIC.br, you are both responsible for
>>>>>> Hostinger's activity in Brazil and will be held responsible for the crimes
>>>>>> Hostinger practices.
>>>>>>
>>>>>> A warning to mobsters: If you think your grandchildren will get home
>>>>>> at 4:00 PM after an exhausting work day that started at 10:00 AM, will
>>>>>> print a pizza and watch a movie on the wall or ceiling, you are dreaming.
>>>>>> This will not happen because the queue of unemployed will move next door
>>>>>> them.
>>>>>>
>>>>>> Marilson
>>>>>>
>>>>>>
>>>>>> ---------- Received message ---------
>>>>>> De: Hostinger Abuse <abuse-tracker@ hostinger. com>
>>>>>> Date: sáb., 7 de dez. de 2019 às 04:20
>>>>>> Subject: Re: Phishing ad nauseam by sociopath
>>>>>> To: Marilson <marilson.mapa@ gmail. com>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Thank you for your report. The reported domain name has been
>>>>>> suspended.
>>>>>>
>>>>>> Hostinger Abuse Department
>>>>>> abuse@ hostinger. com
>>>>>> https:// www. hostinger. com
>>>>>>
>>>>>> *------------------------------*
>>>>>> ---------- Forwarded message ---------
>>>>>> De: Marilson <marilson.mapa@ gmail. com>
>>>>>> Date: sex., 6 de dez. de 2019 às 22:52
>>>>>> Subject: Re: Phishing ad nauseam by sociopath
>>>>>> To: Hostinger Abuse <abuse-tracker@ hostinger. com>
>>>>>> Cc: US Department of Justice <contact@ usdoj. gov>, info@ cec-zev.
>>>>>> eu <info@ cec-zev. eu>, <feedback@ naag. org>, <globalsupport@
>>>>>> icann. org>, <guardian.readers@ theguardian. com>, WikiLeaks
>>>>>> <sunshinepress@ this. is>, <abuse@ namecheap. com>
>>>>>>
>>>>>> Hostinger wrote: *"The reported domain name is currently pointing
>>>>>> to Cloudflare."*
>>>>>>
>>>>>> What a f**k is that? No one else has ethics? Will all of you who run
>>>>>> the internet keep on stealing the planet's population until when? How long
>>>>>> will government authorities allow such illegal activities?
>>>>>>
>>>>>> You from Hostinger acting as sociopaths asked me to prove that the
>>>>>> message was scam. Something that even retarded can know. I did what you
>>>>>> asked for though knowing that you were acting dishonestly. And you give me
>>>>>> in response exactly what I informed you in my message sent on 12-05-2019:
>>>>>>
>>>>>> I wrote on Dec 5, 2019:
>>>>>> *Originating IP address: 5.53.125.27*
>>>>>>
>>>>>> *Originating hostmane: traype7.gerenteempresarial. com. de*
>>>>>> *Network owner: Selectel Ltd*
>>>>>>
>>>>>> *Domain: gerenteempresarial. com. de*
>>>>>> *IP address: 104.31.92.45*
>>>>>> *Host Company: Cloudflare Inc*
>>>>>>
>>>>>> Who do you think you are fooling? Your answers are so stupid that
>>>>>> they reveal the certainty of impunity. I also informed you on 12-05-2019:
>>>>>> I wrote on Dec 5, 2019:
>>>>>> *"Scam URL: http:// 4siae80eseo8e.contasjurisp.
>>>>>> com/5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)*
>>>>>> *This URL downloads .zip
>>>>>> file: Bombei-ro05.12.2019_01.09.39.1239 which instals malware.*
>>>>>>
>>>>>>
>>>>>> *Domain contasjurisp. comIP addresses:104.27.160.184*
>>>>>> *Registrar: HOSTINGER*
>>>>>> *Registrant Name: zilda elenir - DOES NOT EXIST*
>>>>>> *Registrant Street: calos lanser - DOES NOT EXIST*
>>>>>> *Registrant City: novo hamburgo *
>>>>>> *Registrant State/Province: RS *
>>>>>> *Registrant Postal Code: 96222-642 - IT'S NOT FROM NOVO HAMBURGO*
>>>>>>
>>>>>> *Mr. Arnas, your customer is committing various crimes such as
>>>>>> ideological falsehood, attempted theft and invasion of privacy.
>>>>>> Unregistering is your contractual and legal obligation. What about
>>>>>> identifying a criminal? Is a criminal entitled to anonymity? If the actual
>>>>>> registrant is Cloudflare or Namecheap would you have the decency to say?"*
>>>>>>
>>>>>> Stop acting like whores and tell us WHO_is your client that is
>>>>>> committing crime with the domain *<accountsjurisp. com>* registered
>>>>>> with you.
>>>>>> *And answer why your customer is still active if he's a denounced
>>>>>> criminal?*
>>>>>>
>>>>>> If you refuse to provide this information, I will have no doubt that
>>>>>> you are protecting your Cloudflare or Namecheap colleagues to whom I have
>>>>>> already sent multiple reports from their criminal customers with
>>>>>> *<.com(dot)de>* extension domains. These two companies host and
>>>>>> register the scammer that keeps sending his scams. And this mafia does
>>>>>> nothing. It is always useless denounce scammers or spammers. They don't
>>>>>> even forbid the scammer to use my email. Go be arrogant like that in hell!
>>>>>> Keep using my email and I will use adjectives that you deserve. And the
>>>>>> world will know who you are.
>>>>>>
>>>>>> Can you from the US Department of Justice, NAAG and the European
>>>>>> Center for Consumer Protection answer why a criminal accused with evidence
>>>>>> is not suspended and identified? Why are these damned companies are not
>>>>>> required to respect their contracts that prohibit illegal activities? Why
>>>>>> do these companies not respect their AUPs, ToSs and Codes of Conduct? Why
>>>>>> denounced bandits with evidence are entitled to anonymity? Why do these
>>>>>> providers provide their services to terrorists? Remember that the damage
>>>>>> these providers cause to humanity is infinitely greater than the damage
>>>>>> done by terrorists, then? Do we have to seek help from mercenaries or
>>>>>> hackers to protect us from those we pay to protect us?
>>>>>>
>>>>>> You are rotten, and all that is rotten must be buried to end the
>>>>>> stench.
>>>>>>
>>>>>> Marilson
>>>>>>
>>>>>>
>>>>>> Em sex., 6 de dez. de 2019 às 07:12, Hostinger Abuse <abuse-tracker@
>>>>>> hostinger. com> escreveu:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> The reported domain name is currently pointing to Cloudflare.
>>>>>>>
>>>>>>> Please report it at https:// www.cloudflare. com/abuse/
>>>>>>>
>>>>>>> Hostinger Abuse Department
>>>>>>> abuse@ hostinger. com
>>>>>>> https:// www. hostinger. com
>>>>>>>
>>>>>>
>>>>>> *------------------------------*
>>>>>> ---------- Forwarded message ---------
>>>>>> De: Marilson <marilson.mapa@ gmail. com>
>>>>>> Date: qui., 5 de dez. de 2019 às 20:26
>>>>>> Subject: Re: Phishing ad nauseam by sociopath
>>>>>> To: Hostinger Abuse <abuse-tracker@ hostinger. com>
>>>>>>
>>>>>>
>>>>>> Please don't treat me like a layman and don't underestimate people's
>>>>>> intelligence. I spent two years at RIPE (abuse working group) two years at
>>>>>> ARIN (Public Policy Mailing List) and I have been for two years at IGF / UN
>>>>>> (BPF Cybersecurity) and have been reporting sociopaths for over six years.
>>>>>>
>>>>>> All the URLs in my report are still active, but BUT you need to put
>>>>>> the words together to work as links. Google and Gmail flood my mail every
>>>>>> day with trash, but if I forward spam or scam to a scanner or provider as a
>>>>>> report, without turning links OFF, Gmail returns stating that I am sending
>>>>>> malicious files or spamming . Only criminals are entitled to commit crimes
>>>>>> and with anonymity guaranteed by mobsters.
>>>>>>
>>>>>> Join the protocol to the domain and join the extension to the domain
>>>>>> for the link to be activated. Mamma Mia !!!
>>>>>>
>>>>>> I don't know how my location can interfere with your assessment, but
>>>>>> I'm in Sao Paulo city in Brazil.
>>>>>>
>>>>>> <REMOVED IMAGE>
>>>>>>
>>>>>> If I forward the scam without removing formatting gmail will return
>>>>>> it to me. I can put the scam in a PDF file with its active links but
>>>>>> probably its protection system will return due to malicious file attached.
>>>>>> In other words, be decent and don't waste my time. I do this job as a
>>>>>> citizen duty, so I'm not paid.
>>>>>>
>>>>>> *https:// www. virustotal.
>>>>>> com/gui/url/3257ed42f18c47e048ef86d75bd5a4ce568f3cbda764d24ac04116deaaca0820/detection*
>>>>>>
>>>>>> Join the protocols and domain extension at the URL above and you will
>>>>>> get the scam URL and rating.
>>>>>>
>>>>>> The zipped file changes its name but the content is the same:
>>>>>> Defensor543505.12.2019_18.19.05.1205.
>>>>>>
>>>>>> Click on the scam URL and upload the zipped file to VirusTotal and
>>>>>> you will get evaluation of 11 scanners:
>>>>>>
>>>>>> <REMOVED IMAGE>
>>>>>>
>>>>>> Just missed you asking me to click on the contents of the zipped
>>>>>> file. Do it you. And since you made me waste more time than necessary I
>>>>>> advocate the right to know who your client is, after all, criminals are not
>>>>>> entitled to anonymity. Deny me that right and I will treat Hostinger, at
>>>>>> the UN and social media, as accomplices of criminals.
>>>>>>
>>>>>> Thanks
>>>>>> Marilson
>>>>>>
>>>>>>
>>>>>> Em qui., 5 de dez. de 2019 às 05:45, Hostinger Abuse <abuse-tracker@
>>>>>> hostinger. com> escreveu:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Thank you for contacting Hostinger Abuse department. Unfortunately,
>>>>>>> we failed to locate any phishing-related content on the URL listed in your
>>>>>>> complaint. Please provide the following details for us to investigate the
>>>>>>> issue deeper:
>>>>>>> - exact links to the abusive pages the forms to enter sensitive
>>>>>>> details are located at;
>>>>>>> - country your IP address belongs to (we will try using the
>>>>>>> corresponding proxy);
>>>>>>> - a device used to access the content;
>>>>>>> - (optional) screenshot of the abusive page.
>>>>>>>
>>>>>>> Thank you
>>>>>>>
>>>>>>> Hostinger Abuse Department
>>>>>>> abuse@ hostinger. com
>>>>>>> https:// www. hostinger. com
>>>>>>
>>>>>>
>>>>>>
>>>>>> ------------------------------
>>>>>>
>>>>>> ---------- Forwarded message ---------
>>>>>> De: Marilson <marilson.mapa@ gmail. com>
>>>>>> Date: qui., 5 de dez. de 2019 às 04:54
>>>>>> Subject: Phishing ad nauseam by sociopath
>>>>>> To: <arnas@ hostinger. com>
>>>>>> Cc: <abuse@ hostinger. com>
>>>>>>
>>>>>>
>>>>>> Mr. Arnas, I need your help to stop a sociopathic criminal from
>>>>>> sending out phishing and malware. I've reported him several times, with
>>>>>> evidence, but the providers hosting and sending his scams do nothing. This
>>>>>> scammer is registered with Hostinger:
>>>>>>
>>>>>> Scam *URL: http:// 4siae80eseo8e.contasjurisp.
>>>>>> com/5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)*
>>>>>> This URL downloads .zip file: *Bombei-ro05.12.2019_01.09.39.1239*
>>>>>> which instals malware.
>>>>>>
>>>>>> *https:// www. virustotal.
>>>>>> com/gui/url/3257ed42f18c47e048ef86d75bd5a4ce568f3cbda764d24ac04116deaaca0820/details *
>>>>>>
>>>>>> *https:// www. virustotal.
>>>>>> com/gui/file/3b59cf7d1e45a15615995f6978c51b0cdad07c286a45067a792e26d075876316/detection * -
>>>>>> 11 engines detected this file.
>>>>>>
>>>>>> Domain contasjurisp. com
>>>>>> IP addresses:104.27.160.184
>>>>>> Registrar: *HOSTINGER*
>>>>>> Registrant Name: zilda elenir - DOES NOT EXIST
>>>>>> Registrant Street: calos lanser - DOES NOT EXIST
>>>>>> Registrant City: novo hamburgo
>>>>>> Registrant State/Province: RS
>>>>>> Registrant Postal Code: 96222-642 - IT'S NOT FROM NOVO HAMBURGO
>>>>>>
>>>>>> Mr. Arnas, your customer is committing various crimes such as
>>>>>> ideological falsehood, attempted theft and invasion of privacy.
>>>>>> Unregistering is your contractual and legal obligation. What about
>>>>>> identifying a criminal? Is a criminal entitled to anonymity? If the actual
>>>>>> registrant is Cloudflare or Namecheap would you have the decency to say?
>>>>>>
>>>>>> Originating IP address: 5.53.125.27
>>>>>> Originating hostmane: traype7.gerenteempresarial. com. de
>>>>>> Network owner: Selectel Ltd
>>>>>> Domain: gerenteempresarial. com. de
>>>>>> IP address: 104.31.92.45
>>>>>> Host Company: Cloudflare Inc
>>>>>>
>>>>>> Thanks
>>>>>> Marilson
>>>>>>
>>>>>> *HEADER - truncated*
>>>>>> Delivered-To: marilson.mapa@ gmail. com
>>>>>> Received: by 2002:a1c:4c0f:0:0:0:0:0 with SMTP id z15csp1042308wmf;
>>>>>> Wed, 4 Dec 2019 12:00:04 -0800 (PST)
>>>>>> X-Google-Smtp-Source:
>>>>>> APXvYqxELpEHz1ZXbAcebUMZnoC0ggYZeQnbBXWR4b6XzGf6BYDWgzplHWv9pgTmY2FXoQ9NqUEM
>>>>>> X-Received: by 2002:a2e:87ca:: with SMTP id
>>>>>> v10mr3220073ljj.253.1575489604766;
>>>>>> ARC-Authentication-Results: i=1; mx.google. com;
>>>>>> dkim=pass header.i=@ traype7.gerenteempresarial. com. de
>>>>>> header.s=mail header.b=qiYiUh6k;
>>>>>> spf=pass (google. com: domain of bombeiros@
>>>>>> traype7.gerenteempresarial. com. de designates 5.53.125.27 as permitted
>>>>>> sender) smtp.mailfrom=bombeiros@ traype7.gerenteempresarial. com. de;
>>>>>> dmarc=pass (p=NONE sp=NONE dis=NONE)
>>>>>> header.from=traype7.gerenteempresarial. com. de
>>>>>> Return-Path: <bombeiros@ traype7.gerenteempresarial. com. de>
>>>>>> Received: from traype7.gerenteempresarial. com. de
>>>>>> (traype7.gerenteempresarial. com. de. [5.53.125.27])
>>>>>> by mx.google. com with ESMTP id
>>>>>> g9si4888237ljk.77.2019.12.04.12.00.04
>>>>>> for <marilson.mapa@ gmail. com>;
>>>>>> Wed, 04 Dec 2019 12:00:04 -0800 (PST)
>>>>>> Received-SPF: pass (google. com: domain of bombeiros@
>>>>>> traype7.gerenteempresarial. com. de designates 5.53.125.27 as permitted
>>>>>> sender) client-ip=5.53.125.27;
>>>>>> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
>>>>>> d=traype7.gerenteempresarial. com. de; s=mail; t=1575489604;
>>>>>> bh=yR9+/UvPPF7VyTbAl08VvfYRmtfYD18mTW1Zc+ks+nA=;
>>>>>> h=To:Subject:From:Date:Reply-To:From;
>>>>>> b=qiYiUh6kR5+qNvk3i8VKTO4SXvdqBTbVsimF+tMf6AUkG7RAt49IslZnDBYoDBlVo
>>>>>> Message-Id: <20191204200004.33CAB8B23F@ traype7.gerenteempresarial.
>>>>>> com. de>
>>>>>>
>>>>>> *TEXTO - formatting removed*
>>>>>> De: Bombeiros24145307 <bombeiros@ traype7.gerenteempresarial. com.
>>>>>> de>
>>>>>> Date: qua., 4 de dez. de 2019 às 17:00
>>>>>> Subject: ****ULTIMO AVISO*** para sua regularizacao, com vistas a
>>>>>> continuidade do servicos - 34/187 -
>>>>>> To: <marilson.mapa@ gmail. com>
>>>>>>
>>>>>> AVISO DE VIGÊNCIA DE DOCUMENTOS VENCIDOS
>>>>>>
>>>>>> Protocolo: 7530398377
>>>>>>
>>>>>> Serviço: (Segurança contra incêndio)
>>>>>>
>>>>>> inicio automático do protocolo : 04/12/2019
>>>>>>
>>>>>> Status atual: Regularizar pendente ou VENCIDO
>>>>>>
>>>>>> Alertamos que o prazo de validade do(s) documento(s) referente ao
>>>>>> Termo de Colaboração nº 13882017 celebrado entre Secretaria
>>>>>> Municipal dos bombeiros e CENTRO SOCIAL NOSSA SENHORA, para funcionamento
>>>>>> da CEI: CR.P.CONV - CNPJ cadastrado para este e-mail ( marilson.mapa@
>>>>>> gmail. com ) que devem ser regularizados com urgência
>>>>>> está(ão) na situação de vencido. Encaminhe a respectiva
>>>>>> documentação à DIR EDUC - DIRETORIA REGIONAL DOS BOMBEIROS
>>>>>> A não regularização dos itens informados pode
>>>>>> implicar na suspensão de seu CNPJ em 30 DIAS bem como multa previstos
>>>>>> no Art 37 da Lei 10.860 de 19 de Julho de 1988.
>>>>>>
>>>>>> *Ultimo documento enviado VENCIDO*
>>>>>> <a href="http:// 4siae80eseo8e.contasjurisp.
>>>>>> com/5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)">
>>>>>> </a>
>>>>>>
>>>>>> - AVCB – Auto de Vistoria do Corpo de Bombeiros
>>>>>> 01/12/2019
>>>>>>
>>>>>> Providencie a sua regularização, com vistas à
>>>>>> continuidade da prestação do serviço.
>>>>>> Atenciosamente,
>>>>>> SMB – Secretaria Municipal dos Bombeiros
>>>>>>
>>>>>> --
>>>>>> Bpf-cybersecurity mailing list
>>>>>> Bpf-cybersecurity at intgovforum.org
>>>>>>
>>>>>> http://intgovforum.org/mailman/listinfo/bpf-cybersecurity_intgovforum.org
>>>>>>
>>>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bpf-cybersecurity_intgovforum.org/attachments/20191213/1462cadd/attachment.htm>
More information about the Bpf-cybersecurity
mailing list