Hello,
I'm Gustavo Treviño from NIC Mexico and we have received the next email in regards one domain that is used for phishing and that is hosted with the next DNS ns1.x10hosting.com ns2.x10hosting.com .
Best Regards
---------------------------------------------------------------------------------------
Hello,
We have just identified a phishing website under your administration.
As a result, we ask you to proceed with its takedown as soon as possible.
The phishing website is located at the following domain: x10.mx
and at the following URL: http://go-anonymes.x10.mx/pauth.asp...547635754673547635463574537637/pauth.aspx.htm
This URL leads to a fraudulent page containing a counterfeiting site of Caisse d'Epargne. So far, we have detected several phishing mail scams referring to this URL.
The site responds to the following IP address(es): 69.175.122.178
We have verified that none of these IP addresses belong to Caisse d'Epargne (http://www.caisse-epargne.fr).
Please consider reporting any data in your possession which may be related to the reported incident (such as connection logs, suspicious accounts in relation to this fraud...)
Thank you to confirm the reception of our request by responding to this email.
Thanks for your cooperation.
CERT-LEXSI - Cybercrime department
http://cert.lexsi.com
cert-soc@lexsi.com
CERT-LEXSI is a CSIRT team recognized by Enisa that conducts cybercrime monitoring and investigation and works with other CSIRTs and law enforcement agencies.
Our mission is to correlate information on phishers and cybercrime gangs to assist legal procedures and lead to arrests.
You may be in possession of critical information for investigations:
- server files you can send us (we research to find out identities and fraud evidence;
- IP addresses used for server administration;
- information related to billing (rejected credit card, card owner name, full or partial cc number).
I'm Gustavo Treviño from NIC Mexico and we have received the next email in regards one domain that is used for phishing and that is hosted with the next DNS ns1.x10hosting.com ns2.x10hosting.com .
Best Regards
---------------------------------------------------------------------------------------
Hello,
We have just identified a phishing website under your administration.
As a result, we ask you to proceed with its takedown as soon as possible.
The phishing website is located at the following domain: x10.mx
and at the following URL: http://go-anonymes.x10.mx/pauth.asp...547635754673547635463574537637/pauth.aspx.htm
This URL leads to a fraudulent page containing a counterfeiting site of Caisse d'Epargne. So far, we have detected several phishing mail scams referring to this URL.
The site responds to the following IP address(es): 69.175.122.178
We have verified that none of these IP addresses belong to Caisse d'Epargne (http://www.caisse-epargne.fr).
Please consider reporting any data in your possession which may be related to the reported incident (such as connection logs, suspicious accounts in relation to this fraud...)
Thank you to confirm the reception of our request by responding to this email.
Thanks for your cooperation.
CERT-LEXSI - Cybercrime department
http://cert.lexsi.com
cert-soc@lexsi.com
CERT-LEXSI is a CSIRT team recognized by Enisa that conducts cybercrime monitoring and investigation and works with other CSIRTs and law enforcement agencies.
Our mission is to correlate information on phishers and cybercrime gangs to assist legal procedures and lead to arrests.
You may be in possession of critical information for investigations:
- server files you can send us (we research to find out identities and fraud evidence;
- IP addresses used for server administration;
- information related to billing (rejected credit card, card owner name, full or partial cc number).
