Fraudulent Web Site Found on Server (http://217.108.248.234/local_bdno/bbx/index.html ) [BBV20100904(1)]

Tom "spot" Callaway tcallawa at redhat.com
Tue Sep 7 14:22:52 UTC 2010 

On 09/04/2010 02:18 AM, Antiphishing wrote:
> To Whom It May Concern,
> 
> S21sec
> <http://www.s21sec.com/servicios.aspx?sec=52&apr=54&HIVEDATA=dW2z6ApWhngR9FWUgvEY10RqCHWnVY0lTdLS%2FaGjop%2FvfsfiJElKFRxQoLWWZ0mNDnqO3aXWaOJT720m%2BvWsGkb9wO%2F%2BFfuTN5uRiEmtYmrvoPnNGHhh7ARq6qMOCCXD>
> has been informed that there is currently a website hosted by your
> company that is involved in a phishing scheme to obtain personal account
> information from the customers of BBVA. S21sec
> <http://www.s21sec.com/servicios.aspx?sec=52&apr=54&HIVEDATA=dW2z6ApWhngR9FWUgvEY10RqCHWnVY0lTdLS%2FaGjop%2FvfsfiJElKFRxQoLWWZ0mNDnqO3aXWaOJT720m%2BvWsGkb9wO%2F%2BFfuTN5uRiEmtYmrvoPnNGHhh7ARq6qMOCCXD> has
> received numerous complaints and e-mails regarding the Web site listed
> below:
> 
> http://217.108.248.234/local_bdno/bbx/index.html
> 
> The web IP: http://217.108.248.234/ shows a Fedora Test Page.

To whom it may concern at S21sec,

That website is not hosted by our company. Fedora is a popular Linux
distribution, and whomever set up that website used Fedora as their
operating system platform.

If you had bothered to actually look at the IP, you'd have been able to
figure out that it falls in this block:

inetnum:        217.108.248.232 - 217.108.248.239
netname:        FR-LA-RESERVE-A-RAMATUELLE
country:        FR
descr:          Interconnection with RAEI backbone
admin-c:        VD1393-RIPE
tech-c:         VD1393-RIPE
status:         ASSIGNED PA
mnt-by:         RAIN-TRANSPAC
source:         RIPE # Filtered

person:         Vincent DG
address:        CHEMDE LA QUESSINE   83350  RAMATUELLE
phone:          +33 494791428
e-mail:         vincent.dg at lareserve-ramatuelle.com
nic-hdl:        VD1393-RIPE
mnt-by:         RAIN-TRANSPAC
source:         RIPE # Filtered

% Information related to '217.108.0.0/16AS3215'

route:          217.108.0.0/16
descr:          RAIN
descr:          Reseaux d'Acces a l'INternet
remarks:        -------------------------------------------
remarks:        For Hacking, Spamming or Security problems
remarks:        send mail abuse at orange-business.com
remarks:        -------------------------------------------
origin:         AS3215
mnt-by:         RAIN-TRANSPAC
source:         RIPE # Filtered

Then, you'd know where to correctly send this information.

Please make a note of this for the future.

Thanks,

Tom Callaway, Fedora Admin

More information about the marketing mailing list