[Esa-l]The Spammers, and how they operate
forrie at navipath.com
Tue Jul 24 18:39:41 PDT 2001
For about 2 weeks (or more), we (a wholesale dial access provider) have
been getting 100's of complaints about a user that has these domains:
(and perhaps others).
He signed up for these on internetregistration.com, who uses opensrs.org as
The user then began signing up on various ISPs (some of which were our
customers), and apparently using fraudulent/fake credit card numbers --
where he began spamming.
In the spam, are urls that point to these web pages. What he is doing is
updating his DNS to point to the dynamically allocated address he
gets. AND, further more he's calling from Detroit, where there is no ANI
I contacted internetregisration.com (via phone) to explain what's
happening, and I'm not sure they understand how to handle this (I suggested
they delete the domain names :-) ).
The user moved on to UUNET (onlinewebads.com) where he was doing the same
thing. Fine, so I called UUNET to tell them what's going on.
The guy I spoke with told me about another "notorious spammer" that they
tracked, and with whom he spoke. The "spammer" offered this guy a job,
paying 7,000.00 a day (or something absurd like that), and went on to say
that they strategically identify areas like Detroit that do not have ANI
available (old phone lines), where they then proceed with their spamming
business. Apprently it is big money. *shrug*
Apparently some spammers are harboring in Hawaii areas, where there is no
ANI as well.
We were very busy today, doing lookups in our radius database, and
disconnecting him. Odd, sometimes we would get no ANI and others we'd get
a malformed ANI (bogus data, probably).
Thought you might find this of interest.
More information about the esd-l