「騙る詐欺メール」タグアーカイブ

迷惑な事, 迷惑行為を面倒だから公開, 障害, 驚いた

重要eオリコサービスのクレジットカード「お客様情報の確認」騙る詐欺メールに関する注意喚起、 注意!:Important e-Orico service credit card “Confirmation of customer information” Alerts and cautions regarding fraudulent emails! ::

重要eオリコサービスのクレジットカード「お客様情報の確認」騙る詐欺メールに関する注意喚起
https://www.orico.co.jp/support/careful/trouble_online/
Alerts and cautions regarding fraudulent emails that trick PayPay Bank!

180.215.120.46
IP Address 180.215.120.46
Decimal Representation 3034019886
ASN AS
City
Country Singapore
Country Code SG
ISP BGPNET Global
Latitude 1.3673° (1° 22′ 2″ N)
Longitude 103.8014° (103° 48′ 5″ E)
Organization BGPNET Global
Postal Code
Is Private IP Address no
PTR Resource Record
Is Reserved IP Address no
State
State Code
Timezone
Local Time

迷惑な事, 迷惑行為を面倒だから公開, 障害, 驚いた

PayPay銀行を騙る詐欺メールに関する注意喚起、 注意!:Alerts and cautions regarding fraudulent emails that trick PayPay Bank!

From: PayPay銀行
Subject: 【重要】不正出金被害防止のための本人確認(PayPay銀行
https://www.cc.uec.ac.jp/blogs/news/2021/08/20210830paypaybankphishing.html
Alerts and cautions regarding fraudulent emails that trick PayPay Bank!

27.157.223.43
IP Address 27.157.223.43
Decimal Representation 463331115
ASN AS4134
City Guangze
Country China
Country Code CN
ISP China Telecom
Latitude 27.5159° (27° 30′ 57″ N)
Longitude 117.3335° (117° 20′ 0″ E)
Organization China Telecom
Postal Code
Is Private IP Address no
PTR Resource Record 43.223.157.27.broad.np.fj.dynamic.163data.com.cn
Is Reserved IP Address no
State Fujian
State Code FJ
Timezone Asia/Shanghai

忘れないこと, 覚えておきたい問題点, 迷惑な事, 迷惑行為を面倒だから公開, 障害, 驚いた

Amazonを騙る詐欺メールに関する注意喚起しているよ。:I’m alerting you to fraudulent emails that trick Amazon.

Amazonを騙る詐欺メールに関する注意喚起しているよ。

Amazonアカウントの制限が解除されました

https://www.cc.uec.ac.jp/blogs/news/2021/06/20210605amazonphishing.html

注意してほしいのは、この後ろの 番号 だと思います。
これは、伏せて公開、報告したほうがいいですね。

どのサーバ、どのメールが生きているかこれで判断されますからアホの手伝いは避けましょう。
それと、ソース内の一意に関しても同様ですね。
ソース内の送付元情報です。
ベタな野郎ですね。

oaummccxon.xyz
メール送信ホスト名です。

Geolocation data from IP2Location (Product: DB6, updated on 2021-6-1)
Domain Name Country Region City
oaummccxon.xyz Japan Tokyo Tokyo
ISP Organization Latitude Longitude
RackIP Consultancy Pte. Ltd. Not Available 35.6895 139.6917
Geolocation data from ipinfo.io (Product: API, real-time)
Domain Name Country Region City
oaummccxon.xyz Japan Hokkaido Sapporo
ISP Organization Latitude Longitude
BGPNET Global ASN CTG Server Ltd. (ctgserver.net) 43.0667 141.3500
Geolocation data from DB-IP (Product: Full, 2021-6-1)
Domain Name Country Region City
oaummccxon.xyz Japan Tokyo Chiyoda
ISP Organization Latitude Longitude
BGP Consultancy Pte Ltd CTG Server Ltd. 35.694 139.754
Geolocation data from IPGeolocation.io (Product: API, real-time)
Domain Name Country Region City
oaummccxon.xyz Japan Tokyo
ISP Organization Latitude Longitude
BGP Consultancy Pte Ltd BGP Consultancy Pte Ltd 35.67619 139.65031

137.220.180.59
メール送信IPです。
Geolocation data from IP2Location (Product: DB6, updated on 2021-6-1)
IP Address Country Region City
137.220.180.59 Japan Tokyo Tokyo
ISP Organization Latitude Longitude
RackIP Consultancy Pte. Ltd. Not Available 35.6895 139.6917
Geolocation data from ipinfo.io (Product: API, real-time)
IP Address Country Region City
137.220.180.59 Japan Tokyo Tokyo
ISP Organization Latitude Longitude
BGPNET Global ASN CTG Server Ltd. (ctgserver.net) 35.6895 139.6917
Geolocation data from DB-IP (Product: Full, 2021-6-1)
IP Address Country Region City
137.220.180.59 Japan Tokyo Chiyoda
ISP Organization Latitude Longitude
BGP Consultancy Pte Ltd CTG Server Ltd. 35.694 139.754
Geolocation data from IPGeolocation.io (Product: API, real-time)
IP Address Country Region City
137.220.180.59 Japan Tokyo
ISP Organization Latitude Longitude
BGP Consultancy Pte Ltd BGP Consultancy Pte Ltd 35.67619 139.65031

 

NetRange: 137.220.128.0 – 137.220.255.255
CIDR: 137.220.128.0/17
NetName: APNIC
NetHandle: NET-137-220-128-0-1
Parent: NET137 (NET-137-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2019-06-05
Updated: 2019-06-05
Ref: https://rdap.arin.net/registry/ip/137.220.128.0

ResourceLink: http://wq.apnic.net/whois-search/static/search.html
ResourceLink: whois://whois.apnic.net

OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC

ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2021, American Registry for Internet Numbers, Ltd.
#

Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to ‘137.220.128.0 – 137.220.191.255’

% Abuse contact for ‘137.220.128.0 – 137.220.191.255’ is ‘cs.com@ctgserver.net’

inetnum: 137.220.128.0 – 137.220.191.255
netname: CTG220-128-JP
descr: CTG Server Ltd.
country: JP
admin-c: RCPL3-AP
tech-c: RCPL3-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-RCPL-SG
mnt-irt: IRT-CTG-HK
last-modified: 2020-11-03T07:17:33Z
source: APNIC

irt: IRT-CTG-HK
address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
e-mail: cs.com@ctgserver.net
abuse-mailbox: cs.com@ctgserver.net
admin-c: RCPL3-AP
tech-c: RCPL3-AP
auth: # Filtered
mnt-by: MAINT-RCPL-SG
last-modified: 2020-11-03T02:24:51Z
source: APNIC

role: RACKIP CONSULTANCY PTE LTD administrator
address: No. 3, Pemimpin Drive, #07-04 Lip Hing, Industrial Building,, Singapore Singapore 576147
country: SG
phone: +603-7806-1316
fax-no: +603-7806-1316
e-mail: abuse@rackip.com
admin-c: RCPL3-AP
tech-c: RCPL3-AP
nic-hdl: RCPL3-AP
mnt-by: MAINT-RCPL-SG
last-modified: 2015-10-30T08:33:29Z
source: APNIC

% Information related to ‘137.220.180.0/24AS64050’

route: 137.220.180.0/24
origin: AS64050
descr: RACKIP CONSULTANCY PTE. LTD.
No. 3, Pemimpin Drive, #07-04 Lip Hing, Industrial Building,
mnt-by: MAINT-RCPL-SG
last-modified: 2020-05-20T04:58:07Z
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-SNAPSHOT (WHOIS-JP3)

 

I’m alerting you to fraudulent emails that trick Amazon.

Amazon account restrictions have been lifted
etc

I think it is the number behind this that I would like you to pay attention to.
This should be published and reported face down.

Avoid helping stupid people as this will determine which server and which email is alive.
And the same goes for uniqueness in the source.

 
有志の調査で
中国のレジストラで管理しているフィリピンドメインを、
シンガポールのIPV4アドレスの販売・リース会社から手に入れたIPを香港のクラウドに割り振り、
フィッシングサイトを運営、そのフィッシングサイトに誘導するメールを、
日本のサーバーを使って身元を偽装して配信していると考えることができます。
ですので、シンガポールのIPV4アドレスの販売・リース会社を、トレースすれば完了ですね。

In a volunteer survey
The Philippine domain managed by a Chinese registrar,
Allocate the IP obtained from the IPV4 address sales and leasing company in Singapore to the cloud in Hong Kong,
Operate a phishing site and send an email to the phishing site
You can think of it as using a Japanese server to disguise your identity and deliver it.
So, if you trace the IPV4 address sales and leasing company in Singapore, you’re done.