Last updated on November 20th, 2015
Less than a week ago, Virgin suffered an email outage of quite some time because of a flood of emails pouring in. Spam causes Virgin email outage.
Just afterwards, I had some domain problems with my ISP which are now resolved. ADSL, Pipex Blocks my Web Access, Weirdly!
Now, starting about midnight last night, I had a zillion emails blocked by my Mailwasher Pro software from irate automated email servers across the globe! They had the standard replies of “Undelivered Mail Returned to Sender” or “failure notice”, say.
Fair enough. Except I hadn’t sent anything. They all arrived at a little used email account I’ve set up for Foetus Products. The trouble was, I did a little work some time ago and “temporarily” made an address “Catch All”! Whoa! Fatal Error. Warning Will Robinson…
I forgot to reset it. It was a kind of test to see what arrived. Well nothing arrived for ages until last night! Needless to say, I’ve closed the “Catch All” address now.
Returned Flood Details:
The first “returned” email arrived at 23:29.
Then at 23:52 and 00:18.
Then there was a flood of emails starting at 00:28. From then until 03:30 I had 123 almost identical “returned” emails to my non-existent email address. The timings are interesting. The attack flood lasted almost exactly two hours!!
I say almost identical, as actually the content varied quite a bit. Three languages were used for content; english, german and french. Only one message had an attachment. The content was all about flogging Quark, Photoshop, AutoCad and other high-end but popular software. Here’s a pointer one of to the websites flogging the stuff
I leave it to you to purchase the “goods” on offer, but do you really think a copy of AutoCAD 2008 supposedly retailing at 3996 Euro is going to be genuine at the knock-down price of 149.95 Euro!
The company is called “Euro Software” on the website and lives … in New York!
Now let’s see the WHOIS..
It’s a Henry Gonzales who “owns” the domain, and 194 others and he’s supposed to live in California. The domain is served from Seoul, South Korea, IP Address 188.8.131.52
lierkaser.com, is not really a long-standing company. The website was ICANN registered on the 10th of October, all of six days ago!!! He’s done dozens in the last week… A full Henry Gonzales search pulls in excess of 300 domains to that name over the last few years. The registered address in California looks like the picture from Google Streetview, where a few Trucking-type comapnies are also registered (ah, the power of Google 😉 ) These are “R&R Carrier” and “Trux Navigators Brokering Grp”.
View Larger MapThere’s a twat pick-up in the drive.
Of course, I wouldn’t be so annoyed and wouldn’t have to post these publicly available details and pictures on my website if I hadn’t had a load of metaphorical shite dumped on my doorstep.
You buy from “Henry” if you want to. For me, he’s a truckin’ twat.