MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
2 edits | Anyone have inside contacts at RR?
Ran out of effective options, thought maybe some RR techs/employees hang out here, or knowledgeable users.
There is a Chase Bank phishing site that has been operating for over a month on a RR Carolina residential box: »69.132.8.29:8008/chase/index.htm It was submitted to phishtrack »/phishtrack?pi···6&urls=1 on 3/18 by Lizz  . amysheehan made repeated complaints and phone calls to RR all to no avail. »/forum/phish,1···days=999 I also followed up and and sent several emails to RR, and the phish site is still operational.(received auto acks) The IP and trace clearly indicates it is RR. Not sure of anything else that can be done, but 34 days and multiple complaints is beyond the pale. Any suggestions ??
MGD |
|
Vamp
5c077
Premium
join:2003-01-28
MD | did they call the correct RR? you want to call the local office(s) in that state.
And also send the complaint to the local abuse email address (include the url). |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL | Thanks for the tip, I did not know they had localized abuse addresses, been dealing with Abuse[]rr.com. I just found abuse[]nc.rr.com listed on the regional site, plus a local tech support number.
MGD |
|
Anonymous99
@rr.com | reply to MGD
After doing a tracert on the ip address, it appears that the ip address is coming from Charlotte, NC. Here is the phone number to contact Time Warner in Charlotte - 704-377-9600. |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
 ·RoadRunner Cable
1 edit | reply to MGD
said by MGD :Ran out of effective options, thought maybe some RR techs/employees hang out here, or knowledgeable users. There is a Chase Bank phishing site that has been operating for over a month on a RR Carolina residential box: » 69.132.8.29:8008/chase/index.htm It was submitted to phishtrack » /phishtrack?pi···6&urls=1 on 3/18 by Lizz . amysheehan made repeated complaints and phone calls to RR all to no avail. » /forum/phish,1···days=999 I also followed up and and sent several emails to RR, and the phish site is still operational.(received auto acks) The IP and trace clearly indicates it is RR. Not sure of anything else that can be done, but 34 days and multiple complaints is beyond the pale. Any suggestions ?? MGD NOTE TO ADD: I have also FAXED corp security this info re this carolina rr addy as well as 3 in TX [2 hou & 1 Austin].
The rr BIZ addresses linked to 'phish' activity have also been a problem except for the NYC area biz RR offices who have been in touch with me twice.
MGD , there's a problem created by their requirement regarding attachments, full headers and other non-sense that I think we can find a way around.
Will contact you early this week.
What would really be helpful would be for RR customers to send me their local office's telephone number and if possible their fax numbers if they can get them as well.
 |
|
mario44222
join:2003-11-22
Cliffside Park, NJ | TWCNJ Office is: 201-886-0900 |
|
bananu
join:2003-02-19
Dallas, TX
| reply to MGD
have you guys also contacted the bank directly? I figure they would have the biggest interest in not having a phishing site and might have more effect if they contact Time Warner directly, tell them if they don't take the site down they'll slap them with suits etc. you know how corporate world works lol
Phising sites are a weird phenomenon. Like how many times do we get messages on Yahoo saying if you want to look at my pics click here and it takes you to a fake login screen for Yahoo. What someone has from accessing someone else's Yahoo account is beyond me. Maybe if that person does stock market stuff and banking with Yahoo I dunno. |
|
amysheehan
Premium,VIP,MVM
join:1999-12-21
Huntington Beach, CA
·RoadRunner Cable
1 edit | said by bananu :have you guys also contacted the bank directly? I figure they would have the biggest interest in not having a phishing site and might have more effect if they contact Time Warner directly, If you just glance thru the phishes listed on the 1st page here »/phishtrack you'll see Chase 'rules' [ and not in the good way].
Road Runner should've shut this down 6 weeks ago.
 |
|
maartena
Stacked.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| reply to MGD
Site still works.... accepts any username and password, I just filled something in. Next page is a page that tells clients they need to update something.... I would imagine that your computer gets loaded with spyware/adware if I were to press on update, so I did not do anything 
It is absolutely AMAZING to me that they would not shut this site down immediatly.
--
The Republican Party is a party of BAD ideas. The Democratic Party is a party of NO ideas. Every now and then a Republican stands up in congress and says: "I got a really BAD idea!", to which a Democrat reponds with: "And I can make it shittier!" |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to MGD
Thanks to all who helped,
I am going to go out on a limb here, and say that the Chase Bank phish on this hijacked box is finally down.
It went down once or twice before for an hour or two, but so far it has been down for almost 8 hours steady.
One thing is for sure, TW/RR has a lot of room for improvement in addressing abuse complaints. There is no acceptable excuse for this total lack of any coherent response to what was a continuous and multiple complaint stream.
MGD |
|
Anonymous_
Anonymous
Premium
join:2004-06-21
127.0.0.1
clubs:
3 edits | reply to MGD
Upon reflection, I do not wish to post. Take me back!
well what i put here is if it was up i would have opened 500 tabs refreshing ever 1 sec
 |
|
catseyenu
Ack Pfft
Premium
join:2001-11-17
Fix East
1 edit | reply to MGD
Upon reflection, I do not wish to post. Take me back! |
|
SPONGA
join:2005-01-19
Los Alamitos, CA
| reply to MGD
Please tell me somebody grabbed the source code off the page. From there you could usually find out where it forwards that information email address/proxy.
Next thing you do is you start trying to guess that password for the account or just brute force it. Next when you get into their email account you might find random emails that might lead you to another forum they registered on for something; and than the fun detective work happens. Oops forgot my password to that forum better have it sent to his email address.
If you cannot get in report it to the email provider or better yet you insert a malicious code into the section where you put in your username/password. When it sends it to the email and they open it; well you can do some nasty things to their comp or trace them from there. But most likely you cannot get the code past their firewall/filter. |
|
