Sponsored by..

Showing posts with label Senegal. Show all posts
Showing posts with label Senegal. Show all posts

Thursday, 16 June 2016

Spam: Dr Happy's Terrorism Conference

Fake conferences are a pretty common scam. The criminals send out spam about serious-looking upcoming conferences that don't exist and then rip victims off for travel costs, conference fees and hotel accommodation. This spam about a fake conference about terrorism caught my eye because it comes from the amusingly named (but fake) Dr Happy Wisdom:

From:    Dr. Happy [shreyag@bajajcapital.com]
Reply-To:    "Dr. Happy" [iedhsto.officedesk@gmail.com]
Date:    15 June 2016 at 23:24
Subject:    INTERNATIONAL CONFERENCE PROGRAM 2016

Dear Sir/Madam,

 On behalf of the International Economic Development on Human Security and Terrorism Organization, I am pleased to invite you to our conference that will be held from August 15th to 19th, 2016 @ the conference place in Dallas Texas USA and August 22nd-26th 2016 @ in Dakar Senegal. The conference meeting will contain various talks and mini workshops related to the issues of Challenges to Economic Development & Human Security in our society.

The topic of the conference is "The Effect of Terrorism on Global Economy and Human Security " the sponsors of this event shall cover your round-trip air tickets from your country to the USA and from USA to Dakar Senegal back to your country and we shall also provide visa assistance with the U.S Embassy in your country of residence and your ground transportation from the airport to the conference venue. The hotel accommodation booking cost will be your own responsibility in Republic of Senegal. Please contact the conference secretariat for more information and registration for participation: [iedhsto.officedesk@gmail.com].

We look forward to your confirmed presence at the conference.
Respectfully Yours,
Dr. Happy Wisdom,
Program Assistant.

The email does actually originate from an IP address in Senegal (41.82.15.40) but then it is routed through a hacked server belonging to the domain bajajcapital.com which is a finance company in India. The compromise email account can be seen in the "From" field.

At best this scam is some sort of financial fraud. At worst, turning up to it could put your life in danger. Avoid.


Monday, 19 August 2013

Malware sites to block 19/8/13

These sites and IPs belong to this gang, and this list follows one from this one:

5.39.14.148 (OVH, France)
24.173.170.230 (Time Warner Cable, US)
31.52.14.209 (BT Broadband, UK)
37.200.69.43 (Selectel Ltd, Russia)
42.121.84.12 (Aliyun Computing Co, China)
59.124.33.215 (Chunghwa Telecom Co, Taiwan)
61.36.178.236 (LG DACOM, Korea)
66.230.163.86 (Goykhman and Sons LLC, US)
66.230.190.249 (ISPrime Inc, US)
70.184.34.191 (Cox Communications, US)
74.207.251.67 (Linode, US)
75.147.133.49 (Comcast Business Communications, US)
78.47.248.101 (Hetzner, Germany)
86.183.191.35 (BT, UK)
95.87.1.19 (Trakia Kabel OOD, Bulgaria)
95.111.32.249 (Megalan Mobiltel EAD, Bulgaria)
95.188.76.14 (Sibirtelecom OJSC, Russia)
114.112.172.34 (Beijing STTD Communication Technology Co, China)
140.113.160.149 (TANET, Taiwan)
140.116.72.75 (TANET, Taiwan)
173.242.123.152 (Volumedrive, US)
177.53.80.39 (Telecom Cordeirópolis Ltda, Brazil)
185.5.54.162 (Interneto Vizija UAB, Lithunia)
186.251.180.205 (Infotech Informatica e Assistencia Tecnica Ltda, Brazil)
188.132.213.115 (Mars Global Datacenter Services LLC, Turkey)
188.134.26.172 (Perspectiva Ltd, Russia)
190.85.249.159 (Telmex Colombia, Colombia)
193.147.49.154 (Universidad Rey Juan Carlos, Spain)
196.1.95.44 (Ensut-computer Department, Senegal)
198.52.243.229 (Centarra Networks Inc, US)
198.211.115.228 (Digital Ocean, US)
212.68.34.88 (Mars Global Datacenter Services LLC, Turkey)
216.158.67.42 (TMZHosting LLC, US)
217.64.107.108 (Society Of Mali's Telecommunications, Mali)
221.133.1.21 (Saigon Postel Corporation, Vietnam)
222.35.102.133 (China Tietong Telecommunications Corporation, China)

5.39.14.148
24.173.170.230
31.52.14.209
37.200.69.43
42.121.84.12
59.124.33.215
61.36.178.236
66.230.163.86
66.230.190.249
70.184.34.191
74.207.251.67
75.147.133.49
78.47.248.101
86.183.191.35
95.87.1.19
95.111.32.249
95.188.76.14
114.112.172.34
140.113.160.149
140.116.72.75
173.242.123.152
177.53.80.39
185.5.54.162
186.251.180.205
188.132.213.115
188.134.26.172
190.85.249.159
193.147.49.154
196.1.95.44
198.52.243.229
198.211.115.228
212.68.34.88
216.158.67.42
217.64.107.108
221.133.1.21
222.35.102.133
actiry.com
amnsreiuojy.ru
arriowzzetobe.net
askfox.net
avini.ru
bbmasterbuilders.net
beachfiretald.com
beldenindcontacts.net
bluavoughogma.com
bnamecorni.com
boardsxmeta.com
breakfast.su
businessdocu.net
calenderlabor.net
casinocnn.net
cbstechcorp.net
checklistsseesmics.su
condalekskajaunini77.net
condrskajaumaksa66.net
controlsalthoug.com
cosamortranas.com
countyforsetttttt21.net
credit-find.net
culturalasia.net
cyberflorists.su
devicesta.ru
dolekotoukart.com
dulethcentury.net
ehnihjrkenpj.ru
evishop.net
exhilaratingwiki.net
facebook.com.n.find-friends.lindoliveryct.net
fitstimekeepe.net
fivelinenarro.net
frutpass.ru
gaphotoid.net
garmonievieraboti50.net
gatumi.com
gonulpalace.net
hdmltextvoice.net
hotkoyou.net
includedtight.com
isightbiowares.su
jdbcandschema.su
jessesautobody.net.rcom-dns.eu
kneeslapperz.net
komsetup.com
labscaner.com
legalizacionez.com
liliputttt9999.info
lindoliveryct.net
logovend.net
lsstats.ru
lucams.net
magiklovsterd.net
mcneillseptictall.net
medusascream.net
melexcia.com
micnetwork100.com
mirris.ru
mobile-unlocked.net
musicstudioseattle.net
myaxioms.com
namastelearning.net
netbeirut.net
nightclubdisab.su
nvufvwieg.com
oneuppositions.net
ordersdeluxe.com
partyspecialty.su
pure-botanical.net
qualysguardviewin.su
quill.com.account.settings.musicstudioseattle.net
raekownholida.com
relectsdispla.net
restless.su
restlesz.su
ringosfulmobile.com
secureprotection5.com
shawnlautzlaw.net
srddesigns.net
suburban.su
tagcentriccent.net
taltondark.net
templateswell.net
thefastor.com
thegalaxyatwork.com
tigerdirect.com.secure.orderlogin.asp.palmer-ford.net
tor-connect-secure.com
u-janusa.net
uprisingquicks.net
vip-proxy-to-tor.com
wildgames-orb.net
x-pertwindscreens.net
zestrecommend.com
zinvolarstikel.com



Friday, 16 August 2013

"California Human Right Foundation CHRF USA" scam email

It's hard to say whether or not this scam is simply a version of the advanced fee fraud (you can come to the conference, but there will be fees and hotel charges), or if the idea is that you go down to Senegal and get kidnapped. In any case, this is a scam send to an email address scraped from the web via a hijacked email account in Indonesia. Similar scams have been seen before. Avoid.

From:     Mrs Cira Jonas [dede@yongjin.co.id]
Reply-To:     cirajo101@blumail.org
Date:     16 August 2013 18:06
Subject:     2013 USA (CHRF) CONFERENCE/INVITATION!!!

Dear Colleagues,

On behalf of California Human Right Foundation CHRF USA, It is a great privilege for us to invite you to global Congress meeting against Economic Crisis, Child Protection & HIV/AIDS Treatment, Prostitution, Sex Work and forced Labor. The aims of the conference are to bring together researchers and practitioners in an effort to lay the ground work for future collaborative research, advocacy, and program development as well as to educate social service, health care, and criminal justice professionals on human trafficking and the needs and risks of those victimized by the commercial sex industry.

The global Congress meeting against Economic Crisis, Child Protection & HIV/AIDS Treatment, Prostitution, Sex Work and forced Labor is scheduled to take place from October 20th – 24th 203, in California the United States and in Dakar-Senegal, from October 26th – 30th 2013. The global congress is hosted by the Campaign against Child Labor Coalition and sponsored by (The Bill & Melinda Gates Foundation, The William J. Clinton Foundation and other benevolent donors worldwide.

Note that all interested delegates that requires entry visa to enter the United States to attend this meeting will be assisted by the organization, in obtaining the visa in their passport. Free air round trip tickets to attend this meeting will be provided to all participants. The Workshop welcomes paper presentation from any interested participants willing to present papers during the meeting.

For registration information you are to contact the conference secretariat via  Email: info.secretaryallissa@usa.com


Please share the information with your colleagues.

Sincerely,
Mrs Cira Jonas
E-mail: cirajo101@blumail.org
(M.D) Activities Coordinator

Tuesday, 30 July 2013

Malware sites to block 30/7/13

These sites and IPs are associated with this gang, and are either currently in use or they have been in use recently. The list has individual IPs and web hosts first, followed by a plain list of recommended items to block.

5.175.191.106 (GHOSTnet, Germany)
5.175.191.124 (GHOSTnet, Germany)
24.173.170.230 (Time Warner Cable, US)
24.188.19.227 (Optimum Online, US)
41.196.17.252 (Link Egypt, Egypt)
46.246.41.68 (Portlane Networks, Sweden)
50.97.253.162 (Softlayer Networks, US / ucvhost.com, India)
54.225.124.116 (Amazon AWS, US)
59.124.33.215 (Chungwa Telecom, Taiwan)
59.160.69.74 (TATA Communications, India)
68.174.239.70 (Time Warner Cable, US)
69.60.115.92 (Colopronto, US)
75.147.133.49 (Comcast Business Communications, US)
78.47.248.101 (Hetzner, Germany)
88.86.100.2 (Supernetwork, Czech Republic)
88.150.191.194 (Redstation, UK)
89.145.185.121 (Yeni Telekom Internet Hizmetleri, Turkey)
89.163.170.134 (Unitedcolo, Germany)
91.200.13.16 (SKS-Lugan, Ukraine)
91.210.189.157 (Eqvia LLC, Ukraine)
95.87.1.19 (Trakia Kabel OOD, Bulgaria)
95.111.32.249 (Megalan EAD, Bulgaria)
108.170.32.179 (Secured Servers, US / tudohost, Spain)
109.123.125.68 (UK2.NET, UK)
114.112.172.34 (Worldcom Teda Networks Technology Co. Ltd, China)
120.124.132.123 (TANET, Taiwan)
122.128.109.46 (Ximbo / CPCnet, Hong Kong)
162.209.80.221 (Rackspace, US)
166.78.124.4 (Rackspace, US)
182.72.216.173 (Cusdelight Consultancy SE, India)
185.4.252.124 (Eaglenet, Lebanon)
185.10.200.89 (GBServers Ltd, UK)
188.132.213.115 (Mars Global Datacenter Services LLC, Turkey)
190.85.249.159 (Telmex Colombia, Colombia)
192.162.100.225 (MediaServicePlus Ltd, Russia)
192.162.102.225 (MediaServicePlus Ltd, Russia)
193.105.210.211 (FOP Budko Dmutro Pavlovuch, Ukraine)
193.105.210.212 (FOP Budko Dmutro Pavlovuch, Ukraine)
193.239.242.83 (TRN Telecom, Russia)
196.1.95.44 (Ensut-Computer Department, Senegal)
198.61.213.12 (Rackspace, US)
198.98.102.165 (Enzu Inc, US)
202.197.127.42 (CERNET, China)
208.115.114.68 (Wowrack, US)
208.115.237.88 (Limestone Networks / 123Systems Solutions, US)
209.222.67.251 (Razor Inc, US)
211.224.204.141 (Korea Telecom, Korea)

Recommended blocklist:
5.175.191.106
5.175.191.124
24.173.170.230
24.188.19.227
41.196.17.252
46.246.41.68
50.97.253.160/27
54.225.124.116
59.124.33.215
59.160.69.74
68.174.239.70
69.60.115.92
75.147.133.49
78.47.248.101
88.86.100.2
88.150.191.194
89.145.185.121
89.163.170.134
91.200.13.0/24
91.210.189.157
95.87.1.19
95.111.32.249
108.170.32.176/29
109.123.125.68
114.112.172.34
120.124.132.123
122.128.109.46
162.209.80.221
166.78.124.4
182.72.216.173
185.4.252.124
185.10.200.89
188.132.213.115
190.85.249.159
192.162.100.225
192.162.102.225
193.105.210.0/24
193.239.242.83
196.1.95.44
198.61.213.12
198.98.102.165
202.197.127.42
208.115.114.68
208.115.237.88
209.222.67.251
211.224.204.141
50plus-login.com
aa.com.reservation.viewfareruledetailsaccess.do.sai-uka-sai.com
acehheadline.net
aldenizturizm.com
allgstat.ru
annot.pl
antidoctorpj.com
aqua-thermos.com
astarts.ru
auditbodies.net
aurakeep.net
beachfiretald.com
bebomsn.net
blindsay-law.net
bnamecorni.com
boats-sale.net
buffalonyroofers.net
businessdocu.net
businessua.com
buycushion.net
casinocnn.net
cbstechcorp.net
centow.ru
chromeupd.pw
cirriantisationsansidd79.net
condaleunvjdlp55.net
condalinaradushko5.ru
condalininneuwu36.net
condalinneuwu37.net
condalnua745746.ru
condrskajaumaksa66.net
crossplatformcons.com
doorandstoned.com
dulethcentury.net
duzybiust.net
ehnihjrkenpj.ru
eliroots.ru
erminwanbuernantion20.net
ermitirationifyouwau30.net
evenyouseemeinmin49.net
explicitlyred.com
facebook.com.n.find-friends.oncologistoncology.net
firerice.com
foremostorgand.su
fulty.net
generationpasswaua40.net
goingtothestreetofive59.net
gormoshkeniation68.net
gotoraininthecharefare88.net
greenleaf-investment.net
gromovieotvodidiejj40.net
hdmltextvoice.net
heidipinks.com
hotkoyou.net
housesales.pl
independinsy.net
info-for-health.net
jessesautobody.net
jonkrut.ru
kennebunkauto.net
klermont.net
klwines.com.order.complete.prysmm.net
kneeslapperz.net
linkedin.com.e.v2.kennebunkauto.net
links.emails.bmwusa.com.open.pagebuoy.net
locavoresfood.net
lsstats.ru
made-bali.net
medusascream.net
metanoiaonline.com
microsoftnotification.net
mifiesta.ru
mobile-unlocked.net
modshows.net
moonopenomy.com
motobrio.net
neplohsec.com
ns3.ozyurtdesign.com
ns4.ozyurtdesign.com
nvufvwieg.com
oncologistoncology.net
onemessage.verizonwireless.com.verizonwirelessreports.com
ontria.ru
organizerrescui.pl
oydahrenlitu346357.ru
pagebuoy.net
paypal.com.us.planetherl.net
playtimepixelating.su
prgpowertoolse.su
privat-tor-service.com
prothericsplk.com
prysmm.net
quill.com.account.settings.managemyaccount.moonopenomy.com
quipbox.com
relectsdispla.net
renouveaugatinois.com
saberig.net
sai-uka-sai.com
scourswarriors.su
secureprotection5.com
sendkick.com
sensetegej100.com
sludgekeychai.net
templateswell.net
thegalaxyatwork.com
thosetemperat.net
thybrothers.net
tintencenter.net
tor-connect-secure.com
tvblips.net
u-janusa.net
usergateproxy.net
verizonwirelessreports.com
viperlair.net
vip-proxy-to-tor.com
vitans.net
vivendacalangute.net
whitegocteenviet.com
wow-included.com
zestrecommend.com
zinvolarstikel.com
zukkoholsresv.pl

Thursday, 6 October 2011

Scam: "Conference on racism/human trafficking and child abuse 2011"

This fake conference is actually likely to be a form of advanced fee fraud:


From: Ms Regina Linus reginafedrick@yahoo.com
Reply-To: regina.linus200@globomail.com
Date: 5 October 2011 19:53
Subject: Conference on racism/human trafficking and child abuse 2011,,,,,,,,,,
   
Dear Colleagues,

You are cordially invited to participate in a Global Combined conference taking
place from (22ND-25th November 2011) in Atlanta-Georgia, United States of
America at the Hilton Atlanta Conference Center, and from (28th-30th
November2011) in Olympic Stadium Hall Dakar Senegal.

Applicant that are interested and want to represent his/her country should
Contact the conference secretariat via Email :{ csecretaryoffice@aol.com }
{giyf.newoffice@globomail.com } for more details and Information.

Endeavor to inform them that you were invited to participate by (Ms. Regina
Linus). Note that the Organizing Committee is responsible for the air
tickets, visas and lodging accommodation in USA only.

Sincerely Yours,
Ms. Regina Linus.
(regina.linus200@globomail.com)
Of course, there will be "problems" with the Senegal leg which will require a fee payment in advance, and the Atlanta part of the conference will never materialise. If you actually are involved in stopping racism, human trafficking and child abuse then consider just what scumbags these scammers are.

Mail is routed via 41.207.177.16 in Togo from an ADSL subscriber in Dakar (Senegal). Two sample originating IPs are 41.82.79.108 and 41.82.64.163.


Avoid.