To all of us in the spam protection and/or spam auditing game, want to wish everyone a happy 2017. Of course, I wish I had better news and that our jobs will be easier this year, but it looks like 2017 will start off being more of the same.
It looks like trends are shifting though slightly, with compromised email accounts taking a larger role again, however the same old problems from the IoT (Internet of Things) being compromised and bad hosting company practices still a major concern.
And to start the year off, we are calling out a known trouble spot again, which is ColoCrossing, and companies that operate on that network (NewWave Connect), haven’s for spammers.
This morning report includes:
220.127.116.11 23 23-95-53-215-host.colocrossing.com 18.104.22.168 26 23-95-53-216-host.colocrossing.com 22.214.171.124 13 23-95-53-219-host.colocrossing.com 126.96.36.199 24 23-95-53-223-host.colocrossing.com 188.8.131.52 8 107-175-56-151-host.colocrossing.com 184.108.40.206 14 107-175-56-155-host.colocrossing.com 220.127.116.11 10 107-175-56-156-host.colocrossing.com 18.104.22.168 12 107-175-56-157-host.colocrossing.com 22.214.171.124 2 107-175-56-158-host.colocrossing.com 126.96.36.199 6 107-175-147-133-host.colocrossing.com
But we see large swathes of IP(s) on WowRack and Joe’s Data Centre, both North American hosting companies activated for spamming activities as well.
Maybe this is the year that regulators will target those companies as also responsible for the activity on their networks.
188.8.131.52 3 streonilli.net 184.108.40.206 3 arach.streonilli.net 220.127.116.11 1 ptm.kil4.homika.win 18.104.22.168 3 ptm.kil22.homika.win 22.214.171.124 3 ptm.kil21.homika.win 126.96.36.199 2 a111.luxurybrandscollection.com 188.8.131.52 4 ptm.kil18.homika.win 184.108.40.206 3 ptm.kil17.homika.win 220.127.116.11 2 ptm.kil30.homika.win 18.104.22.168 70 ptm.kil29.homika.win 22.214.171.124 69 ptm.kil28.homika.win 126.96.36.199 72 ptm.kil27.homika.win 188.8.131.52 68 ptm.kil26.homika.win 184.108.40.206 71 ptm.kil25.homika.win 220.127.116.11 67 ptm.kil24.homika.win 18.104.22.168 67 ptm.kil23.homika.win 22.214.171.124 62 mx1.mightylk.biz 126.96.36.199 58 millo32.barsatinalawich.ml 188.8.131.52 65 us-s3-mta5.smtpcampaigns.com 184.108.40.206 62 millo31.barsatinalawich.ml 220.127.116.11 69 abc11.1band1.xyz 18.104.22.168 68 falait.preservevision.net 22.214.171.124 72 isproject.preservevision.net 126.96.36.199 69 niall.preservevision.net 188.8.131.52 3 ptm.kil32.homika.win 184.108.40.206 3 ptm.kil31.homika.win
Of course, those are easier to address as more and more companies simply resort to ‘blacklisting’ companies which allow, condone, or are unable to prevent such activity.
Sometimes that is the only way to elicit change in behaviors.
And again, we do hope providers this year will work on simple to fix things like operating ‘rwhois’ servers for their networks, work on PTR naming conventions that help all those involved in stopping spam, including those in the policing space.
But we all have to work together, to help honest operators secure their networks, create stronger tools for email users to prevent their accounts and servers being hacked, and lock down the Internet of Things from the ability to spread the worst of the spam used to deliver ransom ware, virus’s, scams, phishing, and other very serious threats to the average user.
And making the world a safer place, is why we continue to work on the front lines battling these threats.
Have a safe and happy new year.
PS, this is a great time for those other email marketing companies to look at cleaning up their marketing databases, surprised how many big companies databases have so many invalid email address entries that they continue to send to.