[Bpf-cybersecurity] Fwd: Phishing ad nauseam by sociopath
Marilson
marilson.mapa at gmail.com
Fri Dec 13 23:24:50 EST 2019
>From trying to assist me in the future?!
Don't get upset, you were more helpful than you think.
But I have a question. Which Roy am I talking to now?
On Jul 25, 2019 you were harsh, aggressive but assertive as an experienced
technique:
*"No part of the IGF can help in this matter. Your attack on individuals as
below is quite gratuitous and certainly not productive to resolving your
issue."*
On Dec 12, 2019 you mocked, tried to be sarcastic, made fun of my bad
English and suggested I find another place to "my" problems:
*"Can I ask what you mean by: “IGF intends to elaborate subsidies”..."*
*"Lots of countries talking about similar stuff there (perhaps in a less
militant manner, but still)"*
And now you are a naive little girl with no technical knowledge that could
allow an assessment of my complaints:
*"I am not equipped to determine that your cause is correct or not."*
*"It sounds like there may be something there, but..."*
*"I am not a computer engineer... ...I am a lowly Internet user and it
seems to do what I need it to do."*
After all Roy, who are you? If you don't take off the masks everyone will
know who you really are.
Marilson
Em sex., 13 de dez. de 2019 às 07:09, <Chrystiane.Roy at international.gc.ca>
escreveu:
> Mr. Mapa,
>
>
>
> I am not equipped to determine that your cause is correct or not.
>
>
>
> It sounds like there may be something there, but ultimately, I don’t know.
> I am not a computer engineer. I do not code. I am a lowly Internet user and
> it seems to do what I need it to do. I plan on continuing to use it, even
> if I do have concerns about hacks, data thefts, ransom ware,
> surveillance....list is long.
>
>
>
> What I do know, from being on this mailing list for a few years now is
> that: in *this* forum, you and the evidence you provide, seem to be
> getting * zero traction*.
>
>
>
> Despite the long rants, the detailed descriptions, the accusations, etc.;
> you repeat the same things to people who either:
>
> · don’t understand,
>
> · don’t care, or, as you regularly suggest,
>
> · are “in with the criminals”.
>
>
>
> My suggestions to you to look to law enforcement, or UNODC, or ITU are
> offered kindly, with the hopes that perhaps others, beyond the BPF
> Cybersecurity mailing list, might have solutions to something which clearly
> bothers you a lot.
>
>
>
> I’m sorry that these suggestions are not well received. I will refrain
> from trying to assist in the future.
>
>
>
> Chrystiane
>
>
>
> *De :* Marilson <marilson.mapa at gmail.com>
> *Envoyé :* 13 décembre 2019 09:50
> *À :* Roy, Chrystiane -GENEV -GR <Chrystiane.Roy at international.gc.ca>
> *Cc :* Timothy Asiedu <kwadwotasiedu at gmail.com>;
> Bpf-cybersecurity at intgovforum.org
> *Objet :* Re: [Bpf-cybersecurity] Fwd: Phishing ad nauseam by sociopath
>
>
>
> Ms. Roy, the adventitious idea embedded in the phrase you use on social
> networking has been beautifully synthesized by Socrates: "I only know that
> I know nothing." deparlemonde, which world?
>
>
>
> Yes, Ms. Roy, there is another definition of "subsidies" that *"does not
> involve giving out money"*. In my native language, Portuguese, any set of
> information or data that underlies a work, a policy, a thesis, a lecture, a
> book, a movie, etc., are subsidies. For example: “Abordagens de Melanie
> Klein (psiquiatra austríaca) podem referenciar outros contos, os quais
> fornecem *subsídios* para que se possam analisar fatores”. (Nicolau
> Gregorin - Michaelis)
>
> Or in the language of Shakespeare: *...slowly, his breathing became easier
> and the panic in his mind subsided. The Dark Side Of The Moon by Willian
> Corlett.
>
>
>
> If IGF is low on money, it should be used for the benefit of the people
> and not for companies with illicit practices. You have used the correct
> phrase that explains the worthlessness of subsidies (data, ideas) created
> to maintain the criminal but lucrative status quo: "voluntary contributions
> from States and Stakeholders"
>
> From States: public money from taxpayers; those who pay taxes to be safe.
> Security they never had, don't have and won't have, if it's up to you.
>
> From Stakeholders: a filter is required here; there are companies that buy
> God and everyone; they buy public agents with bribes, buy politicians with
> donations for election campaigns; they buy the media with advertising and
> put their executives in organizations that make policies that will ensure
> the status quo is maintained. May the gods or hackers help us!
>
>
>
> Are you a socialist? Social Democrat? If you were a free market advocate,
> you would understand that our concern is to produce wealth and not to use
> the money of others. The Iron Lady put this into practice, raised the
> sinking island, and portrayed this situation in a nutshell: *"Socialism
> lasts until others' money runs out."* Same in Germany with the Free
> Market of Ludwig (Mises) Erhard, in France with Jacques Rueff, in Japan
> with native conservatives and ultra-conservative American advisers, and in
> Reagan's USA.
>
>
>
> Ms. Roy, this is the second time you suggest I go somewhere else. Which
> bothers you the most, the contradictory or the evidence of the crimes that
> all of you insist on not considering and refuse to discuss? Read the last
> message from Dr. Timothy K. Asiedu, a professional with an impressive
> academic background and many years of cyber security experience:
>
> *"...since Cyber Security issues are growing at an alarming rate
> globally." *
>
>
>
> Growing at an alarming rate... Well Ms. Roy, you have at your disposal
> extremely skilled technicians from Microsoft, Google, Akamai... drafts and
> more drafts, meetings and more meetings, years and more years ... and? Who
> do you think you fool? Why still growing at an alarming rate? With this
> pitiful historique what right do you have to suggest that I go somewhere
> else? Prove that my evidence is false. Show me that I am wrong to call
> criminals the ones you insist on isolating from cyber security issues.
>
>
>
> Your message is a jumble of sarcasm, but sarcasm is for smart people. Try
> to argue, it doesn't hurt.
>
> Militant manner?! No problem. Millor Fernandes, a respected Brazilian
> cartoonist and playwright, said: "I don't trust anyone who lives at the
> expense of his ideal."
>
> Are you paid to "defend" the Internet?
>
>
>
> Marilson
>
>
>
>
>
> Em qui., 12 de dez. de 2019 às 05:50, <Chrystiane.Roy@ international. gc.
> ca> escreveu:
>
> Hi Marlison,
>
>
>
> Can I ask what you mean by: “IGF intends to elaborate subsidies” as you
> write at the bottom of your e-mail?
>
>
>
> IGF has hardly any money to organise its one annual meeting because it is
> funded from voluntary contributions from States and Stakeholders (i.e. not
> exactly peanuts, but not much more).
>
> So where would they get the money to hand out “subsidies”?
>
> Or is there another definition of “subsidies” that exists which does not
> involve giving out money?
>
>
>
> Otherwise, on the other parts of your message, have you ever considered
> taking it to ITU Study Group 2 or Study Group 17, in their standardisation
> sector? Lots of countries talking about similar stuff there (perhaps in a
> less militant manner, but still) and trying to find solutions to it.
>
>
>
> Thanks for the clarification on “subsidies” otherwise,
>
> C.
>
>
>
> *De :* Marilson <marilson.mapa at gmail.com>
> *Envoyé :* 12 décembre 2019 02:35
> *À :* Timothy Asiedu <kwadwotasiedu at gmail.com>
> *Cc :* Bpf-cybersecurity at intgovforum.org
> *Objet :* Re: [Bpf-cybersecurity] Fwd: Phishing ad nauseam by sociopath
>
>
>
> Dr. Asiedu, in fact security incidents vary greatly from one region to
> another. They vary so much that they should be grounds for criticism for
> you. Let me cite two examples among hundreds who I have denounced and filed
> during more than six years:
>
>
>
> 1- Only from 11-10-2019 until 09-12-2019 I archived 118 messages **Advance
> Fee Scam** from scammers of "your zone 5" - Burkina Faso, Benin, Togo,
> Nigeria, Dhl Company of B. Faso. US officials say this theft is a major
> financial resource for some governments "in your zone." If you believe
> Americans are overreacting you should criticize. Otherwise you should
> criticize your governments and especially the providers involved in this
> cheating. Providers who have known these criminals for more than two
> decades and refuse to suspend the lucrative contract even when they are
> denounced with evidence. If this is not a reason to criticize I suggest
> changing profession. By the way, you're using the same domain and IP
> address of some scammers from those 118 messages that tried to steal my
> money: **mail-sor-f65.google(dot)com 209.85.220.65**. It is Google's most
> lucrative domain and preferred by criminals for anonymity guaranteed by the
> estelionate's accomplices. With this domain you run the risk of being
> confused with a scammer.
>
>
>
> 2- Let's just stay with the malware I reported in this original message:
> ** Trojan.WinLNK.Agent **. Recalling that the original message I posted
> here on the 9th of this month is proof that the main scammers are the ISPs
> themselves protected and hidden by Registrars and ICANN.
>
>
>
> *"Malware of this family contains links for downloading malicious files,
> or the path for launching a different malicious executable file, designed
> to destroy, block, modify, or copy data, as well as interfere with the
> operation of computers or computer networks."* (Kaspersky)
>
>
>
> Note the Geographical distribution of attacks during 2016. (Kaspersky)
>
>
> Country % of users attacked
> worldwide
> 1 India 13.70
> 2 Algeria 10.06
> 3 Vietnam 7.20
> 4 Bangladesh 4.30
> 5 Mexico 3.48
> 6 Brazil 3.09
> 7 Kazakhstan 2.81
> 8 Morocco 2.33
> 9 Saudi Arabia 2.26
> 10 Kenya 2.22
>
>
>
> Now,look in this list for the USA, Canada or some Europe country...
>
> They are not under attack but the providers that hosting and distributing
> the scam are of those countries that are not under attack such as, Google,
> Endurance ICANN (why not?), Clouflare, Hostinger, Zoho, Namecheap,
> WhoisGuardian Protected, Yandex, Krek, Net-art, Ovh, etc, etc, etc. And
> most of them refuse to punish the criminal client who is most often the
> Provider itself. Ask Mr. Guterres Human Rights what he has been doing about
> it.
>
>
>
> Here we must make a reflection. There was a time when settlers came to
> distant lands and said, "Let's stay and pretend it's ours." But they did it
> personally, live, at risk of retaliation, disease, and widespread
> discomfort. Today, virtual settlers exploit and rob everyone with the
> internet in their comfortable and secure homes and offices. It is a
> cowardly society, rotten and unethical. These Internet companies, ICANN,
> RIRs, Registrars and ISPs make up the GGM21C, the Great Global Mafia of the
> 21st Century. Never in the history of mankind have so few done so much harm
> to so many.
>
>
>
> Tell me Dr. Asiedu, are you a virtual colonizer or a virtual colonized?
>
>
>
> Want to read a joke? IGF intends to elaborate subsidies for a cyber
> security policy without imposing ethics on the companies that will
> administer IoT, AI and Big Data... May the gods or hackers help us.
>
>
>
> Marilson
>
>
>
>
>
>
>
> Em qua., 11 de dez. de 2019 às 08:19, Timothy Asiedu <kwadwotasiedu@
> gmail. com> escreveu:
>
> Dear Marilson,
>
>
>
> Thank you very much for the reply.
>
>
>
> In fact I must say that I am the type who does not like criticizing about
> Security incidences, because based
>
> on my experiences I have come to realize that some Security incidences can
> vary from one regional
>
> environment to the other. There may be certain incidences I have heard or
> experienced in Africa and may not be common
>
> in US or Europe. But whatever policies , practices or procedures I have
> written about in my book or researches are
>
> issues or cases I have experienced practically during my role as
> Information Security Coordinator / Manager with DHL Ghana Ltd (i.e. www.
> dhl. com)
>
> , from 1997-2002 and training/education/consulting programs. From 1994
> -1997, I was the Systems Administrator of the same organization, DHL Ghana
> Ltd.
>
> During my role with DHL Ghana Ltd., I used to support the other technical
> officers in our zone 5 ( i.e. DHL Benin, Togo, Liberia, Burkina Faso and
> Niger).
>
>
>
> Best regards,
>
>
>
>
>
> Timothy K. Asiedu , PhD
>
> Author's page: www. amazon. com/author/timothy.asiedu
>
>
>
>
>
>
>
>
>
> On Wed, Dec 11, 2019 at 1:44 AM Marilson <marilson.mapa@ gmail. com>
> wrote:
>
> Dr. Asiedu, I am sorry if my version of the reasons for so much Internet
> crime does not match the version of those who make it an income motive.
> Millor Fernandes, a respected Brazilian cartoonist and playwright, said: *"I
> distrust every idealist who profits from his ideal."*
>
>
>
> Assessments such as yours have set cyber security policies that have never
> worked, are not working, and will never work because they are designed with
> the basic purpose of maintaining a criminal but profitable status quo. When
> these policies require ethical behavior from Internet companies, imposing
> severe punishments on those who do not abide by their AUPs, ToSs, ASPs,
> Codes of Conduct and Contracts, the Internet will perpetuate its threatened
> freedom and will no longer be that muddy sea where greedy sociopaths
> illegal enrichment themselves. The incompetent who cannot survive without
> illicit acts will break down. And be damned those who live at the expense
> of the threats that plague the Internet.
>
>
>
> Kind regards
>
> Marilson
>
>
>
>
>
> Em ter., 10 de dez. de 2019 às 05:59, Timothy Asiedu <kwadwotasiedu@
> gmail. com> escreveu:
>
> Dear Marilson,
>
>
>
> Thank you for the update.
>
>
>
> Kind regards,
>
>
>
>
>
> Timothy K. Asiedu
>
> Author's page: www. amazon. com/author/timothy.asiedu
>
>
>
>
>
> On Mon, Dec 9, 2019 at 4:39 AM Marilson <marilson.mapa@ gmail. com> wrote:
>
>
>
> ---------- Forwarded message ---------
> De: *Marilson* <marilson.mapa@ gmail. com>
> Date: seg., 9 de dez. de 2019 às 01:22
> Subject: Fwd: Phishing ad nauseam by sociopath
> To: <abuse@ hostinger. com>
> Cc: <bpf-cybersecurity@ intgovforum. org>, <globalsupport@ icann. org>,
> US Department of Justice <contact@ usdoj. gov>, <feedback@ naag. org>,
> <abuse@ namecheap. com>, <guardian.readers@ theguardian. com>, <tips@
> nytimes. com>, WikiLeaks <sunshinepress@ this. is>, <adm@ weblink. com.
> br>, <info@ nic. br>
>
>
>
> FUNDAMENTAL RIGHTS ARE NOT ABSOLUTE TO THE POINT OF PROTECTING ILLICIT ACTS
>
> Theft of money, theft of personal and financial data, crime of larceny by
> fraud and damage to computer operating systems do not combine with any kind
> of secrecy. Fundamental rights are not absolute to the extent of
> safeguarding unlawful acts. Let me repeat so that the bastards do not say
> they did not read: Fundamental rights are not absolute to the point of
> protecting illicit acts. Any magistrate, judge, prosecutor, lawyer,
> politician or businessman who does not agree with this, belive, he has a
> skeleton in the closet.
>
>
>
> Scam with domains with the extension <.com (dot)>> abound my mail. All
> were reported with evidence. But Registrar and Host - Namecheap and
> Cloudflare - refuse to comply with their agreements, AUPs, ToSs and Code of
> Conduct that prohibit such unlawful activity. They are accomplices.
>
>
>
> I decided to report the latest scam with extension <.com(dot)de> without
> copying the report to anyone. I knew that by doing so I would awaken the
> worst in people. Said and done. With the arrogance that characterizes
> sociopathy and the certainty of impunity Hostinger responded to the
> complaint by asking for evidence to prove the scam. But the report sent
> contained full header, scam URL, final URL, VirusTotal links for malware
> identification by 11 scanners, domains, IP addresses and all providers
> involved in the scam (see below). But Hostinger had to mock the complaint.
>
> Warning that I knew they were being dishonest I resubmitted all the data
> but required scammer identification. After all, *fundamental rights are
> not absolute to the point of protecting illicit acts*. Hostinger replied
> that "*the reported domain name is currently pointing to Cloudflare"*.
>
>
>
> WHAT WAS DONE: Hostinger used two domains to send scam with
> **Trojan.WinLNK.Agent** malware:
>
> <contasjurisp. com> and <gerenteempresarial. com. de>
>
> Hosting registered <contasjurisp. com> with false data and told a truth to
> tell a lie when writing that "*the reported domain name is currently
> pointing to Cloudflare". *What Hostinger did not say is that they hired
> Cloudflare which offers reverse proxy and all WHOIS would point to
> Cloudflare. Hostinger hid behind Cloudflare to stay hidden in the use of
> Trojans. *Cloudflare has confirmed by email that the Hosting Provider is
> Hostinger*. Hostinger is committing various crimes such as attempted
> theft and property damage (Computer Fraud and Abuse Act), invasion of
> privacy and ideological falsehood. Notice the WHOIS records from the
> registrar:
>
>
>
> Domain contasjurisp. com
> IP addresses:104.27.160.184
> Registrar: HOSTINGER
> Registrant Name: zilda elenir - DOES NOT EXIST
> Registrant Street: calos lanser - DOES NOT EXIST
> Registrant City: novo hamburgo
> Registrant State/Province: RS
> Registrant Postal Code: 96222-642 - IT IS NOT FROM NOVO HAMBURGO
>
> Registrant Email: zilda-elenir900@ protonmail. com - IT IS FAKE -
> DomainIsWellKnownDea - *"At ProtonMail, privacy is our business model -
> GDPR"*
>
>
>
> Ask ICANN, which has a contract prohibiting illicit activity, why they
> admit this garbage and dirty stuff of Registrars. I have asked several
> times and the answer has always been "out of scope". That has always been
> the answer of GGM21C's Godfather, the Great Global Mafia of the 21st
> Century.
>
> The solution is very simple: just be decent. When someone reports a
> scammer with evidence, identify him and cancel the contract. Or continue to
> be accomplices and hiding the mobster colleagues.
>
> You who have acted in bad faith in drafting and approving the GDPR,
> remember this: FUNDAMENTAL RIGHTS ARE NOT ABSOLUTE TO THE POINT OF
> PROTECTING ILLICIT ACTS. This immoral defense of anonymity that the
> Providers make is only explained by the need to hide themselves when using
> scam. Natural and legal persons of good, spend fortunes promoting
> themselves.
>
>
>
> Even more immoral is the attitude of people who are paid to defend the
> population and use the same harmful expression "out of scope" so as not to
> have to demand decency and ethics from companies. I'm talking about Best
> Practice Forum on Cybersecurity of IGF-UN, the National Association of
> Attorneys General, US Department of Justice and the like around the world.
>
>
>
> *Rodrigo da Costa Wiethorn *Head of Hostinger Brazil and *Demi Getschko*
> President of NIC.br, you are both responsible for Hostinger's activity in
> Brazil and will be held responsible for the crimes Hostinger practices.
>
>
>
> A warning to mobsters: If you think your grandchildren will get home at
> 4:00 PM after an exhausting work day that started at 10:00 AM, will print a
> pizza and watch a movie on the wall or ceiling, you are dreaming. This will
> not happen because the queue of unemployed will move next door them.
>
>
>
> Marilson
>
>
>
>
>
> ---------- Received message ---------
> De: *Hostinger Abuse* <abuse-tracker@ hostinger. com>
> Date: sáb., 7 de dez. de 2019 às 04:20
> Subject: Re: Phishing ad nauseam by sociopath
> To: Marilson <marilson.mapa@ gmail. com>
>
>
> Hi,
>
> Thank you for your report. The reported domain name has been suspended.
>
> Hostinger Abuse Department
> abuse@ hostinger. com
> https:// www. hostinger. com
>
>
> * ------------------------------ *
>
> ---------- Forwarded message ---------
> De: *Marilson* <marilson.mapa@ gmail. com>
> Date: sex., 6 de dez. de 2019 às 22:52
> Subject: Re: Phishing ad nauseam by sociopath
> To: Hostinger Abuse <abuse-tracker@ hostinger. com>
> Cc: US Department of Justice <contact@ usdoj. gov>, info@ cec-zev. eu
> <info@ cec-zev. eu>, <feedback@ naag. org>, <globalsupport@ icann. org>,
> <guardian.readers@ theguardian. com>, WikiLeaks <sunshinepress@ this.
> is>, <abuse@ namecheap. com>
>
>
>
> Hostinger wrote: *"The reported domain name is currently pointing to
> Cloudflare."*
>
>
>
> What a f**k is that? No one else has ethics? Will all of you who run the
> internet keep on stealing the planet's population until when? How long will
> government authorities allow such illegal activities?
>
>
>
> You from Hostinger acting as sociopaths asked me to prove that the message
> was scam. Something that even retarded can know. I did what you asked for
> though knowing that you were acting dishonestly. And you give me in
> response exactly what I informed you in my message sent on 12-05-2019:
>
>
>
> I wrote on Dec 5, 2019:
>
> *Originating IP address: 5.53.125.27*
>
> *Originating hostmane: traype7.gerenteempresarial. com. de*
>
> *Network owner: Selectel Ltd*
>
> *Domain: gerenteempresarial. com. de*
>
> *IP address: 104.31.92.45*
>
> *Host Company: Cloudflare Inc*
>
>
>
> Who do you think you are fooling? Your answers are so stupid that they
> reveal the certainty of impunity. I also informed you on 12-05-2019:
>
> I wrote on Dec 5, 2019:
>
> *"Scam URL: **http:// 4siae80eseo8e.**contasjurisp. com*
> */5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)*
>
> *This URL downloads .zip file: Bombei-ro05.12.2019_01.09.39.1239 which
> instals malware.*
>
>
>
>
> *Domain contasjurisp. com IP addresses:104.27.160.184*
>
> *Registrar: HOSTINGER*
>
> *Registrant Name: zilda elenir - DOES NOT EXIST*
>
> *Registrant Street: calos lanser - DOES NOT EXIST*
>
> *Registrant City: novo hamburgo *
>
> *Registrant State/Province: RS *
>
> *Registrant Postal Code: 96222-642 - IT'S NOT FROM NOVO HAMBURGO*
>
>
>
> *Mr. Arnas, your customer is committing various crimes such as ideological
> falsehood, attempted theft and invasion of privacy. Unregistering is your
> contractual and legal obligation. What about identifying a criminal? Is a
> criminal entitled to anonymity? If the actual registrant is Cloudflare or
> Namecheap would you have the decency to say?"*
>
>
>
> Stop acting like whores and tell us WHO_is your client that is committing
> crime with the domain *<accountsjurisp. com>* registered with you.
>
> *And answer why your customer is still active if he's a denounced
> criminal?*
>
>
>
> If you refuse to provide this information, I will have no doubt that you
> are protecting your Cloudflare or Namecheap colleagues to whom I have
> already sent multiple reports from their criminal customers with
> *<.com(dot)de>* extension domains. These two companies host and register
> the scammer that keeps sending his scams. And this mafia does nothing. It
> is always useless denounce scammers or spammers. They don't even forbid the
> scammer to use my email. Go be arrogant like that in hell! Keep using my
> email and I will use adjectives that you deserve. And the world will know
> who you are.
>
>
>
> Can you from the US Department of Justice, NAAG and the European Center
> for Consumer Protection answer why a criminal accused with evidence is not
> suspended and identified? Why are these damned companies are not required
> to respect their contracts that prohibit illegal activities? Why do these
> companies not respect their AUPs, ToSs and Codes of Conduct? Why denounced
> bandits with evidence are entitled to anonymity? Why do these providers
> provide their services to terrorists? Remember that the damage these
> providers cause to humanity is infinitely greater than the damage done by
> terrorists, then? Do we have to seek help from mercenaries or hackers to
> protect us from those we pay to protect us?
>
>
>
> You are rotten, and all that is rotten must be buried to end the stench.
>
>
>
> Marilson
>
>
>
>
>
> Em sex., 6 de dez. de 2019 às 07:12, Hostinger Abuse <abuse-tracker@
> hostinger. com> escreveu:
>
> Hi,
>
> The reported domain name is currently pointing to Cloudflare.
>
> Please report it at https:// www.cloudflare. com/abuse/
>
> Hostinger Abuse Department
> abuse@ hostinger. com
> https:// www. hostinger. com
>
>
> * ------------------------------ *
>
> ---------- Forwarded message ---------
>
> De: *Marilson* <marilson.mapa@ gmail. com>
> Date: qui., 5 de dez. de 2019 às 20:26
> Subject: Re: Phishing ad nauseam by sociopath
> To: Hostinger Abuse <abuse-tracker@ hostinger. com>
>
>
>
> Please don't treat me like a layman and don't underestimate people's
> intelligence. I spent two years at RIPE (abuse working group) two years at
> ARIN (Public Policy Mailing List) and I have been for two years at IGF / UN
> (BPF Cybersecurity) and have been reporting sociopaths for over six years.
>
>
>
> All the URLs in my report are still active, but BUT you need to put the
> words together to work as links. Google and Gmail flood my mail every day
> with trash, but if I forward spam or scam to a scanner or provider as a
> report, without turning links OFF, Gmail returns stating that I am sending
> malicious files or spamming . Only criminals are entitled to commit crimes
> and with anonymity guaranteed by mobsters.
>
>
>
> Join the protocol to the domain and join the extension to the domain for
> the link to be activated. Mamma Mia !!!
>
>
> I don't know how my location can interfere with your assessment, but I'm
> in Sao Paulo city in Brazil.
>
>
>
> <REMOVED IMAGE>
>
>
>
> If I forward the scam without removing formatting gmail will return it to
> me. I can put the scam in a PDF file with its active links but probably its
> protection system will return due to malicious file attached. In other
> words, be decent and don't waste my time. I do this job as a citizen duty,
> so I'm not paid.
>
>
>
> *https:// www. virustotal.
> com/gui/url/3257ed42f18c47e048ef86d75bd5a4ce568f3cbda764d24ac04116deaaca0820/detection*
>
>
>
> Join the protocols and domain extension at the URL above and you will get
> the scam URL and rating.
>
>
> The zipped file changes its name but the content is the same:
> Defensor543505.12.2019_18.19.05.1205.
>
>
> Click on the scam URL and upload the zipped file to VirusTotal and you
> will get evaluation of 11 scanners:
>
>
>
> <REMOVED IMAGE>
>
>
>
> Just missed you asking me to click on the contents of the zipped file. Do
> it you. And since you made me waste more time than necessary I advocate the
> right to know who your client is, after all, criminals are not entitled to
> anonymity. Deny me that right and I will treat Hostinger, at the UN and
> social media, as accomplices of criminals.
>
>
>
> Thanks
>
> Marilson
>
>
>
>
>
> Em qui., 5 de dez. de 2019 às 05:45, Hostinger Abuse <abuse-tracker@
> hostinger. com> escreveu:
>
> Hi,
>
> Thank you for contacting Hostinger Abuse department. Unfortunately, we
> failed to locate any phishing-related content on the URL listed in your
> complaint. Please provide the following details for us to investigate the
> issue deeper:
> - exact links to the abusive pages the forms to enter sensitive details
> are located at;
> - country your IP address belongs to (we will try using the corresponding
> proxy);
> - a device used to access the content;
> - (optional) screenshot of the abusive page.
>
> Thank you
>
> Hostinger Abuse Department
> abuse@ hostinger. com
> https:// www. hostinger. com
>
>
>
> ------------------------------
>
>
>
> ---------- Forwarded message ---------
> De: *Marilson* <marilson.mapa@ gmail. com>
> Date: qui., 5 de dez. de 2019 às 04:54
> Subject: Phishing ad nauseam by sociopath
> To: <arnas@ hostinger. com>
> Cc: <abuse@ hostinger. com>
>
>
>
> Mr. Arnas, I need your help to stop a sociopathic criminal from sending
> out phishing and malware. I've reported him several times, with evidence,
> but the providers hosting and sending his scams do nothing. This scammer is
> registered with Hostinger:
>
>
>
> Scam *URL: **http:// 4siae80eseo8e.**contasjurisp. com*
> */5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)*
>
> This URL downloads .zip file: *Bombei-ro05.12.2019_01.09.39.1239* which
> instals malware.
>
>
>
> *https:// www. virustotal.
> com/gui/url/3257ed42f18c47e048ef86d75bd5a4ce568f3cbda764d24ac04116deaaca0820/details *
>
>
>
> *https:// www. virustotal.
> com/gui/file/3b59cf7d1e45a15615995f6978c51b0cdad07c286a45067a792e26d075876316/detection * -
> 11 engines detected this file.
>
>
>
> Domain contasjurisp. com
> IP addresses:104.27.160.184
>
> Registrar: *HOSTINGER*
>
> Registrant Name: zilda elenir - DOES NOT EXIST
>
> Registrant Street: calos lanser - DOES NOT EXIST
>
> Registrant City: novo hamburgo
>
> Registrant State/Province: RS
>
> Registrant Postal Code: 96222-642 - IT'S NOT FROM NOVO HAMBURGO
>
>
>
> Mr. Arnas, your customer is committing various crimes such as ideological
> falsehood, attempted theft and invasion of privacy. Unregistering is your
> contractual and legal obligation. What about identifying a criminal? Is a
> criminal entitled to anonymity? If the actual registrant is Cloudflare or
> Namecheap would you have the decency to say?
>
>
>
> Originating IP address: 5.53.125.27
>
> Originating hostmane: traype7.gerenteempresarial. com. de
>
> Network owner: Selectel Ltd
>
> Domain: gerenteempresarial. com. de
>
> IP address: 104.31.92.45
>
> Host Company: Cloudflare Inc
>
>
>
> Thanks
>
> Marilson
>
>
>
> *HEADER - truncated*
>
> Delivered-To: marilson.mapa@ gmail. com
> Received: by 2002:a1c:4c0f:0:0:0:0:0 with SMTP id z15csp1042308wmf;
> Wed, 4 Dec 2019 12:00:04 -0800 (PST)
> X-Google-Smtp-Source:
> APXvYqxELpEHz1ZXbAcebUMZnoC0ggYZeQnbBXWR4b6XzGf6BYDWgzplHWv9pgTmY2FXoQ9NqUEM
> X-Received: by 2002:a2e:87ca:: with SMTP id
> v10mr3220073ljj.253.1575489604766;
> ARC-Authentication-Results: i=1; mx.google. com;
> dkim=pass header.i=@ traype7.gerenteempresarial. com. de
> header.s=mail header.b=qiYiUh6k;
> spf=pass (google. com: domain of bombeiros@
> traype7.gerenteempresarial. com. de designates 5.53.125.27 as permitted
> sender) smtp.mailfrom=bombeiros@ traype7.gerenteempresarial. com. de;
> dmarc=pass (p=NONE sp=NONE dis=NONE)
> header.from=traype7.gerenteempresarial. com. de
> Return-Path: <bombeiros@ traype7.gerenteempresarial. com. de>
> Received: from traype7.gerenteempresarial. com. de
> (traype7.gerenteempresarial. com. de. [5.53.125.27])
> by mx.google. com with ESMTP id
> g9si4888237ljk.77.2019.12.04.12.00.04
> for <marilson.mapa@ gmail. com>;
> Wed, 04 Dec 2019 12:00:04 -0800 (PST)
> Received-SPF: pass (google. com: domain of bombeiros@
> traype7.gerenteempresarial. com. de designates 5.53.125.27 as permitted
> sender) client-ip=5.53.125.27;
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
> d=traype7.gerenteempresarial. com. de; s=mail; t=1575489604;
> bh=yR9+/UvPPF7VyTbAl08VvfYRmtfYD18mTW1Zc+ks+nA=;
> h=To:Subject:From:Date:Reply-To:From;
> b=qiYiUh6kR5+qNvk3i8VKTO4SXvdqBTbVsimF+tMf6AUkG7RAt49IslZnDBYoDBlVo
> Message-Id: <20191204200004.33CAB8B23F@ traype7.gerenteempresarial. com.
> de>
>
>
>
> *TEXTO - formatting removed*
>
> De: Bombeiros24145307 <bombeiros@ traype7.gerenteempresarial. com. de>
> Date: qua., 4 de dez. de 2019 às 17:00
> Subject: ****ULTIMO AVISO*** para sua regularizacao, com vistas a
> continuidade do servicos - 34/187 -
> To: <marilson.mapa@ gmail. com>
>
> AVISO DE VIGÊNCIA DE DOCUMENTOS VENCIDOS
>
>
> Protocolo: 7530398377
>
> Serviço: (Segurança contra incêndio)
>
> inicio automático do protocolo : 04/12/2019
>
> Status atual: Regularizar pendente ou VENCIDO
>
> Alertamos que o prazo de validade do(s) documento(s) referente ao Termo
> de Colaboração nº 13882017 celebrado entre Secretaria
> Municipal dos bombeiros e CENTRO SOCIAL NOSSA SENHORA, para funcionamento
> da CEI: CR.P.CONV - CNPJ cadastrado para este e-mail ( marilson.mapa@
> gmail. com ) que devem ser regularizados com urgência
> está(ão) na situação de vencido. Encaminhe a respectiva
> documentação à DIR EDUC - DIRETORIA REGIONAL DOS BOMBEIROS
> A não regularização dos itens informados pode implicar na
> suspensão de seu CNPJ em 30 DIAS bem como multa previstos no Art 37 da
> Lei 10.860 de 19 de Julho de 1988.
>
> *Ultimo documento enviado VENCIDO*
> <a href="http:// 4siae80eseo8e.contasjurisp.
> com/5NAT40PKU37/XBV7WB6M7J7A5532S10EEZE4KVP71/SMB-Vistoria_contra_incendio_(VENCIDA_860)">
> </a>
>
> - AVCB – Auto de Vistoria do Corpo de Bombeiros
> 01/12/2019
>
> Providencie a sua regularização, com vistas à continuidade
> da prestação do serviço.
> Atenciosamente,
> SMB – Secretaria Municipal dos Bombeiros
>
>
>
> --
> Bpf-cybersecurity mailing list
> Bpf-cybersecurity at intgovforum.org
> http://intgovforum.org/mailman/listinfo/bpf-cybersecurity_intgovforum.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bpf-cybersecurity_intgovforum.org/attachments/20191214/2dd0dea0/attachment.htm>
More information about the Bpf-cybersecurity
mailing list