skipper
03/11/2010, 19:00
Conozco a esta gente y es muy seria y muy efectiva en su trabajo, pero lo de colgar este mensaje en el foro...
phishing
kennysamuerto
02/11/2010, 19:03
Publicado inicialmente por tonysanchez
La madre que los pario....
tonysanchez
02/11/2010, 15:22
Eso aparte...
Pero vamos es puro spam...
Conozco alguno que solicito a una empresa de estas una auditoria, y lo primero que le pidieron es que desactivara el firewall.
Lo que pudimos reirnos.
Pero vamos es puro spam...
Conozco alguno que solicito a una empresa de estas una auditoria, y lo primero que le pidieron es que desactivara el firewall.
Lo que pudimos reirnos.
PacoSS
02/11/2010, 15:16
Publicado inicialmente por socs21
tonysanchez
02/11/2010, 15:07
Pues lo mejor de todo, es que aparte de parecer spam, ya que quien debe ponerse en contacto con alguien es Cajaloquesea y el abuse@ de dicho dominio, y no una empresa de terceros, por mucha subcontrata que tenga, y esto es netiquette, el rollo esta hermoso, para que una empresa española no tenga ni la decencia de mandar el email en castellano, catalan o lo que sea, siendo el titular del dominio un tal "Manolo El del Bombo..." o lo que sea.
A mi gusto es SPAM.
A mi gusto es SPAM.
socs21
31/10/2010, 12:01
To Whom It May Concern,
S21sec has been informed that there is currently a website hosted by your company that is involved in a phishing scheme to obtain personal account information from the customers of CECA. S21sec has received numerous complaints and e-mails regarding the Web site listed below:
http://cajaesonline.com/
We enclose below the legitimate url for Caja España:
www.cajaespana.es/
According to published WHOIS and DNS data, the Web Site involved is owned and hosted by:
Address lookup
canonical name cajaesonline.com.
aliases
addresses 87.98.231.19
Domain Whois record
Queried whois.internic.net with "dom cajaesonline.com"...
Domain Name: CAJAESONLINE.COM
Registrar: OVH
Whois Server: whois.ovh.com
Referral URL: http://www.ovh.com
Name Server: DNS17.OVH.NET
Name Server: NS17.OVH.NET
Status: clientDeleteProhibited
Status: clientTransferProhibited
Updated Date: 29-oct-2010
Creation Date: 29-oct-2010
Expiration Date: 29-oct-2011
>>> Last update of whois database: Sat, 30 Oct 2010 22:03:18 UTC <<<
Queried whois.ovh.com with "cajaesonline.com"...
################################################## #############################
#
# Welcome to the OVH WHOIS Server.
#
# whois server : whois.ovh.com check server : check.ovh.com
#
# The data in this Whois is at your disposal with the aim of supplying you the
# information only, that is helping you in the obtaining of the information
# about or related to a domain name registration record. OVH Sas make this
# information available "as is", and do not guarantee its accuracy. By using
# Whois, you agree that you will use these data only for legal purposes and
# that, under no circumstances will you use this data to: (1) Allow, enable,
# or otherwise support the transmission of mass unsolicited, commercial
# advertisement or roughly or requests via the individual mail (courier),
# the E-mail (SPAM), by telephone or by fax. (2) Enable high volume, automated,
# electronic processes that apply to OVH Sas (or its computer systems).
# The copy, the compilation, the re-packaging, the dissemination or the
# other use of the Whois base is expressly forbidden without the prior
# written consent of OVH. Domain ownership disputes should be settled using
# ICANN's Uniform Dispute Resolution Policy: http://www.icann.org/udrp/udrp.htm
# We reserve the right to modify these terms at any time. By submitting
# this query, you agree to abide by these terms. OVH Sas reserves the right
# to terminate your access to the OVH Sas Whois database in its sole
# discretion, including without limitation, for excessive querying of
# the Whois database or for failure to otherwise abide by this policy.
#
# L'outil du Whois est à votre disposition dans le but de vous fournir
# l'information seulement, c'est-à-dire vous aider dans l'obtention de
# l'information sur ou lié à un rapport d'enregistrement de nom de domaine.
# OVH Sas rend cette information disponible "comme est," et ne garanti pas
# son exactitude. En utilisant notre outil Whois, vous reconnaissez que vous
# emploierez ces données seulement pour des buts légaux et ne pas utiliser cet
# outil dans les buts suivant: (1) la transmission de publicité non sollicitée,
# commerciale massive ou en gros ou des sollicitations via courrier individuel,
# le courrier électronique (c'est-à-dire SPAM), par téléphone ou par fax. (2)
# l'utilisation d'un grand volume, automatisé des processus électroniques qui
# soulignent ou chargent ce système de base de données Whois vous fournissant
# cette information. La copie de tout ou partie, la compilation, le
# re-emballage, la dissémination ou d'autre utilisation de la base Whois sont
# expressément interdits sans consentement écrit antérieur de OVH. Un désaccord
# sur la possession d'un nom de domaine peut être résolu en suivant la Uniform
# Dispute Resolution Policy de l'ICANN: http://www.icann.org/udrp/udrp.htm
# Nous nous réservons le droit de modifier ces termes à tout moment. En
# soumettant une requête au Whois vous consentez à vous soumettre à ces termes.
# local time : Sunday, 31-Oct-2010 00:03:43 CEST
# gmt time : Saturday, 30-Oct-2010 22:03:43 GMT
# last modify : Friday, 29-Oct-2010 12:45:01 CEST
# request from : 216.119.118.51:3541
Domain name: cajaesonline.com
Registrant:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ef184arkz1zlgracuc16@i.o-w-o.info
Administrative Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Technical Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Billing Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Registrar of Record: OVH.
Record last updated on 2010-10-29.
Record expires on 2011-10-29.
Record created on 2010-10-29.
################################################## #############################
# powered by GNU/Linux
Network Whois record
Queried whois.ripe.net with "-B 87.98.231.19"...
% Information related to '87.98.224.0 - 87.98.231.255'
inetnum: 87.98.224.0 - 87.98.231.255
netname: ES-OVH
descr: OVH Hispano
country: ES
org: ORG-OH1-RIPE
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
changed: noc@ovh.net 20050831
source: RIPE
organisation: ORG-OH1-RIPE
org-name: OVH Hispano
org-type: OTHER
address: Plaza de los Mostenses, n°13
address: Madrid 28015
address: Spain
abuse-mailbox: abuse@ovh.net
e-mail: noc@ovh.net
admin-c: OTC2-RIPE
mnt-ref: OVH-MNT
mnt-by: OVH-MNT
changed: noc@ovh.net 20071207
source: RIPE
role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
e-mail: noc@ovh.net
admin-c: OK217-RIPE
tech-c: GM84-RIPE
nic-hdl: OTC2-RIPE
notify: noc@ovh.net
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20101005
source: RIPE
person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
e-mail: noc@ovh.net
nic-hdl: OK217-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20101005
source: RIPE
% Information related to '87.98.224.0/21AS35540'
route: 87.98.224.0/21
descr: ES OVH
descr: Madrid, Spain
origin: AS35540
notify: noc@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20061218
source: RIPE
% Information related to '87.98.128.0/17AS16276'
route: 87.98.128.0/17
descr: OVH ISP
descr: Paris, France
origin: AS16276
notify: noc@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20061218
source: RIPE
On behalf of CECA, S21sec requests that the Web site(s) listed above be deactivated immediately and the domain name removed from your servers. CECA would like you to provide S21sec with the source code, including any data collected, of this Web site for analysis to help prevent further phishing schemes. If any customer data has been collected, it will be forwarded to CECA so that they may notify their customers regarding this issue and take other appropriate actions as needed.
S21sec is the leading company specialized in computer security services. It was founded in 2000 with the aim of preventing and managing organization risks and people in the digital world.
Please contact us if any further information is required to expedite the process of removing this Web site from service. If needed, forward this e-mail and request to the appropriate contact that is able to deactivate this site.
Thank you for your time and consideration.
--
Security Operations Center (S.O.C.)
e-mail: antiphishing@s21sec.com
Phone number: +34914903747
www.s21sec.com
Security Operations Center (S.O.C.)
Tlf: 902 111 521
www.s21sec.com
S21sec has been informed that there is currently a website hosted by your company that is involved in a phishing scheme to obtain personal account information from the customers of CECA. S21sec has received numerous complaints and e-mails regarding the Web site listed below:
http://cajaesonline.com/
We enclose below the legitimate url for Caja España:
www.cajaespana.es/
According to published WHOIS and DNS data, the Web Site involved is owned and hosted by:
Address lookup
canonical name cajaesonline.com.
aliases
addresses 87.98.231.19
Domain Whois record
Queried whois.internic.net with "dom cajaesonline.com"...
Domain Name: CAJAESONLINE.COM
Registrar: OVH
Whois Server: whois.ovh.com
Referral URL: http://www.ovh.com
Name Server: DNS17.OVH.NET
Name Server: NS17.OVH.NET
Status: clientDeleteProhibited
Status: clientTransferProhibited
Updated Date: 29-oct-2010
Creation Date: 29-oct-2010
Expiration Date: 29-oct-2011
>>> Last update of whois database: Sat, 30 Oct 2010 22:03:18 UTC <<<
Queried whois.ovh.com with "cajaesonline.com"...
################################################## #############################
#
# Welcome to the OVH WHOIS Server.
#
# whois server : whois.ovh.com check server : check.ovh.com
#
# The data in this Whois is at your disposal with the aim of supplying you the
# information only, that is helping you in the obtaining of the information
# about or related to a domain name registration record. OVH Sas make this
# information available "as is", and do not guarantee its accuracy. By using
# Whois, you agree that you will use these data only for legal purposes and
# that, under no circumstances will you use this data to: (1) Allow, enable,
# or otherwise support the transmission of mass unsolicited, commercial
# advertisement or roughly or requests via the individual mail (courier),
# the E-mail (SPAM), by telephone or by fax. (2) Enable high volume, automated,
# electronic processes that apply to OVH Sas (or its computer systems).
# The copy, the compilation, the re-packaging, the dissemination or the
# other use of the Whois base is expressly forbidden without the prior
# written consent of OVH. Domain ownership disputes should be settled using
# ICANN's Uniform Dispute Resolution Policy: http://www.icann.org/udrp/udrp.htm
# We reserve the right to modify these terms at any time. By submitting
# this query, you agree to abide by these terms. OVH Sas reserves the right
# to terminate your access to the OVH Sas Whois database in its sole
# discretion, including without limitation, for excessive querying of
# the Whois database or for failure to otherwise abide by this policy.
#
# L'outil du Whois est à votre disposition dans le but de vous fournir
# l'information seulement, c'est-à-dire vous aider dans l'obtention de
# l'information sur ou lié à un rapport d'enregistrement de nom de domaine.
# OVH Sas rend cette information disponible "comme est," et ne garanti pas
# son exactitude. En utilisant notre outil Whois, vous reconnaissez que vous
# emploierez ces données seulement pour des buts légaux et ne pas utiliser cet
# outil dans les buts suivant: (1) la transmission de publicité non sollicitée,
# commerciale massive ou en gros ou des sollicitations via courrier individuel,
# le courrier électronique (c'est-à-dire SPAM), par téléphone ou par fax. (2)
# l'utilisation d'un grand volume, automatisé des processus électroniques qui
# soulignent ou chargent ce système de base de données Whois vous fournissant
# cette information. La copie de tout ou partie, la compilation, le
# re-emballage, la dissémination ou d'autre utilisation de la base Whois sont
# expressément interdits sans consentement écrit antérieur de OVH. Un désaccord
# sur la possession d'un nom de domaine peut être résolu en suivant la Uniform
# Dispute Resolution Policy de l'ICANN: http://www.icann.org/udrp/udrp.htm
# Nous nous réservons le droit de modifier ces termes à tout moment. En
# soumettant une requête au Whois vous consentez à vous soumettre à ces termes.
# local time : Sunday, 31-Oct-2010 00:03:43 CEST
# gmt time : Saturday, 30-Oct-2010 22:03:43 GMT
# last modify : Friday, 29-Oct-2010 12:45:01 CEST
# request from : 216.119.118.51:3541
Domain name: cajaesonline.com
Registrant:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ef184arkz1zlgracuc16@i.o-w-o.info
Administrative Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Technical Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Billing Contact:
Manolo Alvaro
cajaesonline.com, office #2745937
c/o OwO, BP80157
59053, Roubaix Cedex 1
FR
+33.899701761
ppcx2j0sshxz3paffq1d@a.o-w-o.info
Registrar of Record: OVH.
Record last updated on 2010-10-29.
Record expires on 2011-10-29.
Record created on 2010-10-29.
################################################## #############################
# powered by GNU/Linux
Network Whois record
Queried whois.ripe.net with "-B 87.98.231.19"...
% Information related to '87.98.224.0 - 87.98.231.255'
inetnum: 87.98.224.0 - 87.98.231.255
netname: ES-OVH
descr: OVH Hispano
country: ES
org: ORG-OH1-RIPE
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
changed: noc@ovh.net 20050831
source: RIPE
organisation: ORG-OH1-RIPE
org-name: OVH Hispano
org-type: OTHER
address: Plaza de los Mostenses, n°13
address: Madrid 28015
address: Spain
abuse-mailbox: abuse@ovh.net
e-mail: noc@ovh.net
admin-c: OTC2-RIPE
mnt-ref: OVH-MNT
mnt-by: OVH-MNT
changed: noc@ovh.net 20071207
source: RIPE
role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
e-mail: noc@ovh.net
admin-c: OK217-RIPE
tech-c: GM84-RIPE
nic-hdl: OTC2-RIPE
notify: noc@ovh.net
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20101005
source: RIPE
person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
e-mail: noc@ovh.net
nic-hdl: OK217-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20101005
source: RIPE
% Information related to '87.98.224.0/21AS35540'
route: 87.98.224.0/21
descr: ES OVH
descr: Madrid, Spain
origin: AS35540
notify: noc@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20061218
source: RIPE
% Information related to '87.98.128.0/17AS16276'
route: 87.98.128.0/17
descr: OVH ISP
descr: Paris, France
origin: AS16276
notify: noc@ovh.net
mnt-by: OVH-MNT
changed: noc@ovh.net 20061218
source: RIPE
On behalf of CECA, S21sec requests that the Web site(s) listed above be deactivated immediately and the domain name removed from your servers. CECA would like you to provide S21sec with the source code, including any data collected, of this Web site for analysis to help prevent further phishing schemes. If any customer data has been collected, it will be forwarded to CECA so that they may notify their customers regarding this issue and take other appropriate actions as needed.
S21sec is the leading company specialized in computer security services. It was founded in 2000 with the aim of preventing and managing organization risks and people in the digital world.
Please contact us if any further information is required to expedite the process of removing this Web site from service. If needed, forward this e-mail and request to the appropriate contact that is able to deactivate this site.
Thank you for your time and consideration.
--
Security Operations Center (S.O.C.)
e-mail: antiphishing@s21sec.com
Phone number: +34914903747
www.s21sec.com
Security Operations Center (S.O.C.)
Tlf: 902 111 521
www.s21sec.com