Loads and loads of spam for 'Canadian Ph ... / 2008-11-30

2008-11-30 Loads and loads of spam for 'Canadian Ph ...
Loads and loads of spam for 'Canadian Pharmacy'. Spam rates are in messages per hour. I noticed that the sending machines are almost all in south-america and the sites pointed at seem to live at IPs in China. But with very short TTL values so they can change any minute. Literally:
;; ANSWER SECTION:
currentneighbor.com.    60      IN      A       203.93.208.87
Other standards like valid SOA records and stuff like that aren't needed, potential customers just have to be able to reach the spamvertised site. I haven't seen a lot of IPs (yet). All running nginx, the choice of spammers and virus-spreaders. Or rather guided by language: the documentation for nginx is in russian so that part of the cybercriminals of this world can read it. Since nginx can do a lot with proxying I guess there is just a proxy at that IP pointing somewhere else where the real processing happens (or maybe that just goes to another proxy). I received 94 of these spams in the last 2 days (sofar). I can't imagine anybody receiving this not seeing that this must be some kind of scam.

Tags: , ,

IPv6 check

Running test...
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newsitem.cgi,v 1.55 2021/11/09 13:09:49 koos Exp $ in 0.005558 seconds.