[dba-Tech] My American colleagues from CA, could you please help me to stop them?!

Shamil Salakhetdinov shamil at users.mns.ru
Wed Jun 8 15:55:05 CDT 2005 

Hi All,

I'm trying to stop the W32.Mytob.DF at mm zip virus coming to me for several
days from 67.151.53.66.
I did write several times to abuse at paetec.com but it didn't work.
Moreover today I've got a new kind of e-mail, which looks like a fishing
attempt:

<<<<
>From support at smsconsulting.spb.ru  Thu Jun  9 00:16:11 2005
Received: from smsconsulting.spb.ru ([67.151.53.66])
  by batman.mns.ru with esmtp; Thu, 09 Jun 2005 00:16:09 +0400
  id 00018DC4.42A7520A.000037BA
From: support at smsconsulting.spb.ru
To: shamil at smsconsulting.spb.ru
Subject: Account Alert
Date: Wed, 8 Jun 2005 13:12:57 -0700

<<< skipped>>>

<html>
<body>
<BR><STRONG>Dear Valued Member, </STRONG><BR>
<BR>According to our site policy you will have to confirm your account by
the following link or else your account will be suspended within 24 hours
for security reasons.<BR>
<BR>

<<<<<< here is a hidden link to 62.193.220.183, which is in France (I did
insert blanks here for it to not be interpreted as legal URL:

<a href="http: // 62.193.220.183 /confirm.php?email=
shamil at smsconsulting.spb.ru"> http: //
www.smsconsulting.spb.ru/confirm.php?email=shamil at smsconsulting.spb.ru</a><B
R>


<BR>Thank you for your attention to this question. We apologize for any
inconvenience.<BR>
<BR>Sincerely,Smsconsulting Security Department Assistant.<BR>
</body>
</html>
>>>>

Somebody there in CA, USA could you please call +1-877-340-2600 to inform
them about what happening with their IP-addresses?

Thank you,
Shamil

<<<<
WHOIS results for !NET-67-151-53-64-1
Generated by www.DNSstuff.com
Location: Unknown

Looking up !NET-67-151-53-64-1 at whois.arin.net.

NOTE: More information appears to be available at IP43-ARIN.

Using 4 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).


CustName:   DOCUSOURCE
Address:    10450 PIONEER
City:       SANTA FE SPRINGS
StateProv:  CA
PostalCode: 90670
Country:    US
RegDate:    2004-10-21
Updated:    2004-10-21

NetRange:   67.151.53.64 - 67.151.53.127
CIDR:       67.151.53.64/26
NetName:    PAET-AN-DOCUS-1
NetHandle:  NET-67-151-53-64-1
Parent:     NET-67-151-0-0-1
NetType:    Reassigned
Comment:
RegDate:    2004-10-21
Updated:    2004-10-21

AbuseHandle: ABUSE741-ARIN
AbuseName:   Abuse
AbusePhone:  +1-877-340-2600
AbuseEmail:  *****@paetec.com

TechHandle: IP43-ARIN
TechName:   IP Administrator
TechPhone:  +1-877-340-2555
TechEmail:  *******@paetec.com

OrgTechHandle: IP43-ARIN
OrgTechName:   IP Administrator
OrgTechPhone:  +1-877-340-2555
OrgTechEmail:  *******@paetec.com

# ARIN WHOIS database, last updated 2005-06-03 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.>>>>
--
Web: http://smsconsulting.spb.ru/shamil_s

More information about the dba-Tech mailing list