Spammers, Phishers...

I keep getting flooded with spam from phishers. And this month has being crazy, all my domain emails being flooded with spam.

Interestingly if you attempt sending an email to notify the real company or try to find from the official website of say Chase email for support/reporting abuse you can't find one. I don't even own an account with Chase, or whatever CUNA stands for!

Anyway, l "dug" around and noticed the source IP seems to be from China/Taiwan/routed via Brazil see below if you care. I looked at the original email and searched for the owners of the IP addresses using samspade.

http://200.203.89.180:2324/.Chase.Com/index.htm

http://www.chase.com//cmserver/users/default/confirm.cfm

Server Used: [ whois.networksolutions.com ]
hinet.net = [ ]

Registrant:
Internet Dept. DCBG Chunghwa Telecom Co. Ltd.
Data-Bldg No. 21 Sec.1 Hsin-Yi Rd.
Taipei Taiwan 100
TW
Domain Name: HINET.NET
Administrative Contact Technical Contact:
Internet Dept. DCBG Chunghwa Telecom Co. vnsadm@hinet.net

Data-Bldg No. 21 Sec.1 Hsin-Yi Rd.
Taipei Taiwan 100
TW
886-2-23444720 fax: 886-2-23960399
Record expires on 20-Mar-2006.
Record created on 19-Mar-1994.
Database last updated on 9-Oct-2005 13: 15: 31 EDT.
Domain servers in listed order:
HNTP1.HINET.NET 168.95.192.1
HNTP3.HINET.NET 168.95.192.2
DNS.HINET.NET 168.95.1.1

Server Used: [ whois.lacnic.net ]
200.203.89.180 = [ ]

inetnum: 200.203.89.176/29
aut-num: AS8167
abuse-c: BTA17
owner: Hotel Radar Ltda
ownerid: 001.464.059/0001-01
responsible: Paulo Renato (Suprivale 51-32284242)
address: RS 118 km 22
address: 94040-700 - Gravata - RS
phone: (051) 4891033 []
owner-c: TEE11
tech-c: TEE11
created: 20050726
changed: 20050726
inetnum-up: 200.203.0/17
nic-hdl-br: BTA17
person: Brasil Telecom S. A - Abuso
e-mail: abuse@noc.brasiltelecom.net.br

created: 20030624
changed: 20050214
nic-hdl-br: TEE11
person: Terra Empresas
e-mail: amandaarsol@terra.com.br

created: 20010904
changed: 20051007
remarks: Security issues should also be addressed to
remarks: cert@cert.br
http://www.cert.br/
remarks: Mail abuse issues should also be addressed to
remarks: mail-abuse@cert.br

===================================================================

Sample FAKE letters – never reply or give out your personal information to these guys:

Dear client of Chase Bank,

Technical services of the Chase Bank are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation on customers data.

To get started, please click the link below:

http://www.chase.com//cmserver/users/default/confirm.cfm

This instruction has been sent to all bank customers and is obligatory to fallow.

Thank you,

Customers Support Service

===============================================================================

Dear CU holder account,

This notice informs you that your Credit Union bank has joined our Federal Credit Union(FCU) network. For both, our and your security, we are asking you to activate an online account on our database. After activation you can login on our system with your SSN and your Credit/Debit PIN number.

You must visit the FCU activation page and fill in the form to activate your online account:

http://www.ncua.gov/activate_account.html

In accordance with NCUA User Agreement, you can use your online account in 24 hours after activation. We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account.

We apologize for any inconvenience.

Sincerely, NCUA Account Review Department