Strengthening trust and safety across the Internet, by being the authority on IP and domain reputation.
Mastodon: @spamhaus@infosec.exchange
Nov 13, 2021 • 4 tweets • 2 min read
We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake.
These fake warning emails are apparently being sent to addresses scraped from ARIN database. They are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure. They have no name or contact information in the .sig. Please beware!
Mar 26, 2021 • 4 tweets • 2 min read
Japanese shoppers are currently being phished with spoofed Amazon emails. 99% of this spam is being emitted from IPs originating from ASN 4134: CHINANET backbone @chinateleglobal. Read the thread for more detail. #chinese#botnet#phishing
Recently we've observed a huge spam run with the subject line "お支払い方法の情報を更新." Google translates this as "Updated payment method information." The message contents are phishing emails, spoofing Amazon, targeting Japanese shoppers.
Feb 12, 2021 • 6 tweets • 2 min read
If you're using our public mirrors, you need to check your return codes, and soon... here's why. spamhaus.org/news/article/8…