[nsp-sec] ACK 3356 Re: THEPLANET hosting vonage phishing site advertised via smsspam.

David Rossbach david at rossbachs.com
Mon Jun 16 09:14:48 EDT 2008 

ACK 3356

Dave Rossach
AS3356
Level3 Communications




----- Original Message ----- 
From: "Smith, Donald" <Donald.Smith at qwest.com>
To: "nsp-security NSP" <nsp-security at puck.nether.net>
Sent: Friday, June 13, 2008 4:38 PM
Subject: [nsp-sec] THEPLANET hosting vonage phishing site advertised via 
smsspam.


> ----------- nsp-security Confidential --------
>
>
> SMS messages are being spammed out via smtp to smtp-sms gateways
> advertising a Vonage phishing site.
>
> Your VONAGE account is expired,for renewal use www.vonage-secure.com
>
> $ whois -h whois.cymru.com 216.127.74.116
> AS      | IP               | AS Name
> 21844   | 216.127.74.116   | THEPLANET-AS - ThePlanet.com Internet
> Service
>
> $ whois -h upstream-whois.cymru.com 216.127.74.116
> PEER_AS | IP               | AS Name
> 2914    | 216.127.74.116   | NTT-COMMUNICATIONS-2914 - NTT America, Inc.
> 3356    | 216.127.74.116   | LEVEL3 Level 3 Communications
> 3561    | 216.127.74.116   | SAVVIS - Savvis
>
> I didn't see any malware on the phishing site but that doesn't guarentee
> there isn't any there.
>
>
> Security through obscurity WORKS against some worms and ssh attacks:)
> Donald.Smith at qwest.com giac
>
>
> This communication is the property of Qwest and may contain confidential 
> or
> privileged information. Unauthorized use of this communication is strictly
> prohibited and may be unlawful.  If you have received this communication
> in error, please immediately notify the sender by reply e-mail and destroy
> all copies of the communication and any attachments.
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security 
> counter-measures.
> _______________________________________________

More information about the nsp-security mailing list