Guest Suspended: polinsr Posted July 7, 2020 Posted July 7, 2020 polinsr johnny polinsr.heliohost.org Can I know the reason why my account has been suspended, and if possible given a chance to rectify my faultThank you.
Sn1F3rt Posted July 7, 2020 Posted July 7, 2020 Your account cannot be unsuspended as it was flagged for phishing.
Guest Suspended: polinsr Posted July 7, 2020 Posted July 7, 2020 Is this for domain forwarding. If that is the case I can cancel the forwarding.
Sn1F3rt Posted July 7, 2020 Posted July 7, 2020 I'm not sure, because I don't have the exact cause. I'll escalate your request for our Admin to take a look.
wolstech Posted July 7, 2020 Posted July 7, 2020 This is banned because it was imitating a bank to steal financial information. The referenced domain indsuind.com is attached to this account, and the mailbox is full of stolen bank information. We received the following complaint from RSA on behalf of the real bank this account is imitating. Dear Team, RSA's Anti-Fraud Command Center has been appointed to assist IndusInd Bank in preventing or terminating online activity that target, or may target IndusInd Bank's customers as potential fraud victims. We have detected that a recently registered domain, indsuind[.]com, which appears to be under your authority is involved in fraudulent activity targeting IndusInd Bank's customers. Please be advised that this domain is contains the name bank and now redirects to their legitimate website. We request your assistance in ceasing this fraudulent activity through any means available at your disposal. We would appreciate if you let us know once action was taken or if you were unable to take action. In case you require further information, please inform us. Regards, Anti-Fraud Command Center RSA Security, LLC., a Dell Technologies business UK Phone: +44-800-032-7751 US Phone: +1-866-408-7525 CA Phone: +1-800-406-8651 E-mail: afcc@rsa.com www.rsa.com 103 Needless to say this isn't getting unsuspended and cannot be backed up either. If you weren't the one who engaged in this illegal activity, a hacker got into your account and did.
wolstech Posted July 13, 2020 Posted July 13, 2020 This guy promptly moved his phishing campaign to a host called Hoststud (a tiny cPanel startup running on what looks to be a Hetzner VPS) after we banned him...I just managed to get him shut down over there too.
Krydos Posted July 14, 2020 Posted July 14, 2020 Here is the IPs he's used 150.129.8.8 162.247.74.216 176.10.99.200 185.220.100.245 185.220.101.140 185.220.101.141 185.220.101.202 23.129.64.192 51.255.77.78 77.247.181.163 77.247.181.165 91.250.242.12 Probably all proxies and VPNs, but it would be useful to get this criminal banned from his VPN subscription too. The VPN company can probably look at their logs and notify the local authorities of where he lives too.
Recommended Posts