It is obvious since I don’t have YouTube account using this email.
Looks Legit: Online Bill from Sprint
This is odd. I do not have any services on Sprint then why am I getting an email from them?
There are so many thing wrong with this email.
SpamCop.net
The evil admin forwarded me a message from a reader just a few minutes ago.
I’m writing to see if you’ve been able to make any headway on the “milkcheesedns.com” spammer that you posted about several times this year. I’ve been receiving a large amount of this junk mail through one of my accounts and it’s practically unbearable. There’s a new domain name every day and my email host isn’t doing anything to improve their filters. The WHOIS records of these offending domains all point back to eNom.com / namecheap.com. I’ve tried contacting eNom, as you did, but my results were the same — their abuse form is broken and they don’t seem very cooperative to begin with. Can you offer any suggestions on how this jerk can be stopped? Besides the registrar and the usual “abuse@___.com” address, which is useless, what else can be done? I appreciate your thoughts.
Fighting spammer is an ongoing battle. We suggest users to create accounts at SpamCop.net and report the spam.
Seems Legit: Vimeo Edition
Update:
We’ve been getting reports from a lot of people about this fake email from Vimeo. Some received more than 10 fake Vimeo emails for 24 hours.
More fake emails going around today. This time they are pretending from Vimeo.
Seems Legit: Dropbox Edition
Yet another reminder not to blindly click/tap on links in emails. This time it is brought to you by fake Dropbox email.
Spammer Alert: margretriverhosting.com
This is the continuation to milkcheesedns.com spammer.
properlymysteriouslyupbeat.com
Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.comDomain name: properlymysteriouslyupbeat.com
Registrant Contact:
margretriverhosting
Domain Management ()Fax:
PO Box 66738
Saint Louis, MO 63166-6738
USAdministrative Contact:
margretriverhosting
Domain Management (domains@margretriverhosting.com)
+1.3147146057
Fax: +1.3147146057
PO Box 66738
Saint Louis, MO 63166-6738
USTechnical Contact:
margretriverhosting
Domain Management (domains@margretriverhosting.com)
+1.3147146057
Fax: +1.3147146057
PO Box 66738
Saint Louis, MO 63166-6738
USStatus: Locked
Name Servers:
ns1.safetyorangeblazeorangemule.com
ns2.safetyorangeblazeorangemule.comCreation date: 30 May 2012 07:20:00
Expiration date: 29 May 2013 23:20:00
margretriverhosting.com
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Registration Service Provided By: PLANET ONLINE
Contact: +1.8887654932
Website: http://www.planetonline.netDomain Name: MARGRETRIVERHOSTING.COM
Registrant:
Margret River Hosting
Margret River Hosting (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366Creation Date: 20-Aug-2010
Expiration Date: 20-Aug-2012Domain servers in listed order:
ns1.planetonline.net
ns2.planetonline.net
ns3.planetonline.net
ns4.planetonline.netAdministrative Contact:
Margret River Hosting
Margret River Hosting (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366Technical Contact:
Margret River Hosting
Margret River Hosting (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366Billing Contact:
Margret River Hosting
Margret River Hosting (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366
From contact page, which most likely useless:
(314) 714-6057
PO Box 66738 Saint Louis, MO 63166-6738
The information provided in the contact page can be used to chart the spammer’s pattern.
Note the Name server: safetyorangeblazeorangemule.com
Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.comDomain name: safetyorangeblazeorangemule.com
Registrant Contact:
Technical Support ()
Fax:
PO Box 29502
Las Vegas, NV 89126
USAdministrative Contact:
Technical Support (domains@newbrandhosting.net)
+1.7026660363
Fax: +1.5555555555
PO Box 29502
Las Vegas, NV 89126
USTechnical Contact:
Technical Support (domains@newbrandhosting.net)
+1.7026660363
Fax: +1.5555555555
PO Box 29502
Las Vegas, NV 89126
USStatus: Locked
Name Servers:
dns1.registrar-servers.com
dns2.registrar-servers.com
dns3.registrar-servers.com
dns4.registrar-servers.com
dns5.registrar-servers.com
The problem is that domain name registrars such as eNom and NameCheap would not take pro-active stance in fighting against these type of spammer. It is pretty obvious that the same individuals are responsible for these domain names. They keep registering new domain names and the domain name registrars did not do a thing to stop them from doing so.
Diagram of a Spammer
Diagram of a spammer.
Fake hosting company:
- strongcloudhosting.com
- 3rdcloudhosting.com
- coomahosting.com
- newbrandhosting.net
- 5thavehost.com
- blackshosting.com
- 1stilinehosting.com
- railsonhosting.com
Spammer’s Name Servers:
- mobilegroble.com
- milkcheesedns.com
- grandfatherdns.com
- professdns.com
- safetyorangeblazeorangemule.com
Samples of spammer’s domain names:
- nimbleloaf.com
- hallcow.com
- questionableoverthrow.com
- cameraspadetoad.net
- answerloveonline.com
- spadesunmeasure.org (not listed in the diagram)
- boundarychannelbeam.net (not listed in the diagram)
Click on the image below to view the diagram.
