[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Phone Scam

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Phone Scam
From: Jacqui Caren-home <jacqui.caren@xxxxxxxxxxxx>
Date: Wed, 20 Jul 2011 15:23:50 +0100

On 20/07/2011 14:19, Dave wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> OK This is not new, but it happened to me just an hour ago.
>
> A stranger on the end of a phone call tells you your PC is infected, and you 
> should download and install a RC server so it can be fixed.

SOP.

> I just been through this and installed Ammyy admin from ammyy.com (Whois - 
> dataguarded) as per the strangers instruction on a VM XP install.
> Nothing to see here, so what, big deal etc. etc.
>
> What maybe interesting to some is the IP address it connected to:
> prag178.startdedicated.com 62.75.224.229 ports 443, 80, 8080

remarks:         *        ABUSE-Complaints are only handled at:         *
remarks:         *                  ABUSE@xxxxxxxxxxxxx                 *

> I reveal the IP address for those of you who might like to update IPTables, 
> databases or just like to write down numbers.

Or just block any traffic to or from plusserver.de - they do not have a good 
spam/abuse rep.

route:           62.75.128.0/17
descr:           Plusserver AG
origin:          AS8972
mnt-by:          INTERGENIA-MNT
mnt-lower:       INTERGENIA-MNT
source:          RIPE # Filtered

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Phone Scam
  - From: Dave

Prev by Date: Re: [Full-disclosure] It's just getting worse
Next by Date: Re: [Full-disclosure] Phone Scam
Previous by thread: Re: [Full-disclosure] Phone Scam
Next by thread: Re: [Full-disclosure] Phone Scam
Index(es):
- Date
- Thread