To all of us in the spam protection and/or spam auditing game, want to wish everyone a happy 2017. Of course, I wish I had better news and that our jobs will be easier this year, but it looks like 2017 will start off being more of the same.
It looks like trends are shifting though slightly, with compromised email accounts taking a larger role again, however the same old problems from the IoT (Internet of Things) being compromised and bad hosting company practices still a major concern.
And to start the year off, we are calling out a known trouble spot again, which is ColoCrossing, and companies that operate on that network (NewWave Connect), haven’s for spammers.
This morning report includes:
188.8.131.52 23 23-95-53-215-host.colocrossing.com 184.108.40.206 26 23-95-53-216-host.colocrossing.com 220.127.116.11 13 23-95-53-219-host.colocrossing.com 18.104.22.168 24 23-95-53-223-host.colocrossing.com 22.214.171.124 8 107-175-56-151-host.colocrossing.com 126.96.36.199 14 107-175-56-155-host.colocrossing.com 188.8.131.52 10 107-175-56-156-host.colocrossing.com 184.108.40.206 12 107-175-56-157-host.colocrossing.com 220.127.116.11 2 107-175-56-158-host.colocrossing.com 18.104.22.168 6 107-175-147-133-host.colocrossing.com
But we see large swathes of IP(s) on WowRack and Joe’s Data Centre, both North American hosting companies activated for spamming activities as well.
Maybe this is the year that regulators will target those companies as also responsible for the activity on their networks.
22.214.171.124 3 streonilli.net 126.96.36.199 3 arach.streonilli.net 188.8.131.52 1 ptm.kil4.homika.win 184.108.40.206 3 ptm.kil22.homika.win 220.127.116.11 3 ptm.kil21.homika.win 18.104.22.168 2 a111.luxurybrandscollection.com 22.214.171.124 4 ptm.kil18.homika.win 126.96.36.199 3 ptm.kil17.homika.win 188.8.131.52 2 ptm.kil30.homika.win 184.108.40.206 70 ptm.kil29.homika.win 220.127.116.11 69 ptm.kil28.homika.win 18.104.22.168 72 ptm.kil27.homika.win 22.214.171.124 68 ptm.kil26.homika.win 126.96.36.199 71 ptm.kil25.homika.win 188.8.131.52 67 ptm.kil24.homika.win 184.108.40.206 67 ptm.kil23.homika.win 220.127.116.11 62 mx1.mightylk.biz 18.104.22.168 58 millo32.barsatinalawich.ml 22.214.171.124 65 us-s3-mta5.smtpcampaigns.com 126.96.36.199 62 millo31.barsatinalawich.ml 188.8.131.52 69 abc11.1band1.xyz 184.108.40.206 68 falait.preservevision.net 220.127.116.11 72 isproject.preservevision.net 18.104.22.168 69 niall.preservevision.net 22.214.171.124 3 ptm.kil32.homika.win 126.96.36.199 3 ptm.kil31.homika.win
Of course, those are easier to address as more and more companies simply resort to ‘blacklisting’ companies which allow, condone, or are unable to prevent such activity.
Sometimes that is the only way to elicit change in behaviors.
And again, we do hope providers this year will work on simple to fix things like operating ‘rwhois’ servers for their networks, work on PTR naming conventions that help all those involved in stopping spam, including those in the policing space.
But we all have to work together, to help honest operators secure their networks, create stronger tools for email users to prevent their accounts and servers being hacked, and lock down the Internet of Things from the ability to spread the worst of the spam used to deliver ransom ware, virus’s, scams, phishing, and other very serious threats to the average user.
And making the world a safer place, is why we continue to work on the front lines battling these threats.
Have a safe and happy new year.
PS, this is a great time for those other email marketing companies to look at cleaning up their marketing databases, surprised how many big companies databases have so many invalid email address entries that they continue to send to.