Beware of emails that LOOK Legitimate
This week we have seen an abundance of new scams that look legitimate but are not.
UPS and USPS forgeries that contain virus ridden attachments are making the rounds!
NEVER open .doc files sent from someone you do not know! No company should send editable documents as an official notification.
We are also detecting fake FAX Email that contains malware coming through a Netherlands IP range (un)Managed by Softlayer and assigned to a HOSTGATOR customer in Texas.
inetnum: 159.253.147.0 – 159.253.147.63
netname: NETBLK-SOFTLAYER-RIPE-CUST-LC8527-RIPE
descr: HostGator
country: US
admin-c: LC8527-RIPE
tech-c: LC8527-RIPE
status: ASSIGNED PA
mnt-by: MAINT-SOFTLAYER-RIPE
created: 2011-12-21T16:12:56Z
last-modified: 2011-12-31T20:34:04Z
source: RIPE # Filtered
person: Lance Custen
address: 11251 Northwest Freeway Suite 400 Houston, TX US 77092
phone: +1.866.398.7638
mnt-by: MAINT-SOFTLAYER-RIPE
nic-hdl: LC8527-RIPE
abuse-mailbox: abuse@hostgator.com
created: 2011-12-21T16:12:36Z
last-modified: 2012-01-19T00:18:57Z
source: RIPE # Filtered
The Parent is Softlayer Dutch Holdings
inetnum: 159.253.128.0 – 159.253.159.255
netname: NL-SOFTLAYER-EU-20110921
descr: SoftLayer Dutch Holdings BV
country: NL
org: ORG-SDHB1-RIPE
admin-c: SA8109-RIPE
tech-c: SA8109-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MAINT-SOFTLAYER-RIPE
mnt-routes: MAINT-SOFTLAYER-RIPE
mnt-domains: MAINT-SOFTLAYER-RIPE
remarks: SOFTLAYER-RIPE-4-1
created: 2011-09-21T15:01:21Z
last-modified: 2014-06-24T14:58:53Z
source: RIPE # Filtered
Also Beware of FAX spam with malware
72.38.64.0-72.38.79.255
NetRange: 72.38.64.0 – 72.38.79.255
CIDR: 72.38.64.0/20
NetName: CGOC-COMM5
NetHandle: NET-72-38-64-0-1
Parent: CGOC-7BLK (NET-72-38-0-0-1)
NetType: Reallocated
Organization: Cogeco Cable Inc. (CGOC)