[nsp-sec] Ping AS19463 / AS6582 Active phishing
Christoph Sprongl
ch at it-austria.net
Wed Apr 16 03:27:09 EDT 2008
Hi Stijn,
it seems they are a new target :-(
Yesterday we requested to take mail.ccdetroit.org | 65.48.4.187 offline,
which bothered them badly.
I am in contact with the bank responsible security person.
I am afraid we will see coming up other domains, like Rock the years before.
christoph
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello All,
>
> Is there any contact from AS19463 and/or AS6582 on the list, one of
> our customers is targetted in a phishing attack, currently the
> phishing site is hosted at:
>
> hxxp:// mail.keeltyconstruction.com /BancaTransilvania/index.htm
>
> Can you please take action?
>
> [whois.cymru.com]
> AS | IP | AS Name
> 19463 | 216.237.86.70 | SOPS-JABWI - Sopris Surfers
>
> [peer.whois.cymru.com]
> PEER_AS | IP | AS Name
> 6582 | 216.237.86.70 | FRII - Front Range Internet Inc.
>
>
> Yours Sincerly,
>
> Stijn Jonker
> Security Manager
> UPC Broadband
> +31 20 7789993
> SJonker at UPCBroadband.com
> SJCJonker at SJC.nl
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
>
> iEYEARECAAYFAkgFopgACgkQjU9r45tKnODOoACgzNNxj4qUN+Q68kN8YcjG5sUU
> UdgAnR3y/HquYmAHk7aENC9qOE1aOixs
> =7dyo
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>
>
More information about the nsp-security
mailing list