Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
|
09-05-2010, 08:21 PM,
(This post was last modified: 09-05-2010, 10:28 PM by regic.)
Post: #1
|
|||
|
|||
Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
recommendation: do not buy an SSL certificate, or any service from the spammers at Comodo / PositiveSSL / InstantSSL
We received a total of 31 spam emails (subject line: "SSL CERTIFICATE IS EXPIRING. GET A NEW SSL FOR $...") from the spammers at Comodo / PositiveSSL /InstantSSL this weekend advertising their PositiveSSL SSL certificates ....and did I mention the 40 plus spam emails we received from them in August, or the countless unsolicited sales calls from them? They're sending their spam emails to email addresses like mail@..., admin@... etc. that w've never even used. Their spam sales calls are being made to our store's customer service phone numbers (which is not the same phone number as the domain contact phone number listed on the WHOIS records of the sites they've spammed). We've never done business with Comodo or any company affiliated with them, and we've never contacted them or signed up for any mailing list offered by them so the mass unsolicited emails from them are definitely spam. Congratulations boinktards at Comodo, due to your spam emails and phone calls, the 24 SSL certificates we buy annually will always be bought from your competitors not from you. Link to file FTC complaints if you've been spammed by Comodo: http://esupport.fcc.gov/complaints.htm?sid=d1e640&id=d1e697 Complaints may also be filed with the BBB, New Jersey State Attorney General, and Comodo's upstream providers. The nameservers for the positivessl.com domain name advertised in the emails are comododns.com and comododns.net Comodo's comododns.com domain name is registered through Dotster. You can file a spam complaint with Dotster at: https://secure.dotster.com/services/comp...iteid=4798 (file the complaint against comododns.com ) Comodo's comododns.net domain name/name server shows the same UK registrant street address as the positivessl.com name's WHOIS but the registrant of the .net name is listed as "Melih Abdulhayoglu" (the registrant for the comododns.com is listed as "Comodo IP Limited" and the registrant for positivessl.com is listed as "Comodo CA Ltd"). The registrar for the .net name is 123-reg.co.uk. Abuse complaints against comododns.net can be filed by emailing your complaint to: abuse @ 123-reg.co.uk. edited to add: http://www.google.com/search?q=Melih+Abdulhayoglu |
|||
09-06-2010, 12:49 PM,
(This post was last modified: 09-06-2010, 01:15 PM by regic.)
Post: #2
|
|||
|
|||
Re: Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
10 more spams from Comodo this morning making a total of 41 this holiday weekend.
If anyone else has been spammed by Comodo, received telemarketing calls from them, or had your contact info harvested by them, here are a few Comodo email addresses, telephone numbers, and IP addresses you can block: Telephone numbers used by Comodo's telemarketers: (888) 266-6361 (703) 581-6361 (201) 963-0004 (201) 716-4468 Spammer Comodo's Fax 1 (201) 963-9003 Spammer Comodo's email EnterpriseSolutions@comodo.com sales@comodo.com sales@comodojapan.com mfpenco@comodo.com sales@comodoISRAEL.com domain-admin@comodogroup.com melih@abdulhayoglu.com infra@comodo.net IP addresses used by spammer Comodo's servers: 91.199.212.0 - 91.199.212.255 -ip block controlled by Comodo (add 91.199.212.0/24 to your firewall to block their bots) 38.104.66.254 -mail.nj.office.comodo.net IP addresses Comodo's spam emails have been sent from: 216.83.51.201 184.82.44.50 174.34.166.149 64.120.27.63 67.213.69.54 ....and several other IPs *@instantssl-ev.com -spam email addresses used in emails *.secureinternetnews.net -spam sender host addresses In classic spammer tradition, they're very careful not to send the spam directly from the IP block their websites are hosted on, and both instantssl-ev.com and secureinternetnews.net hide their WHOIS data. Ironically, the spammers at Comodo distribute free antispam software to unsuspecting people : |
|||
09-06-2010, 06:19 PM,
Post: #3
|
|||
|
|||
Re: Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
2 more spams from Melih Abdulhayoglu's Comodo spam gang bringing the total to 43. All 43 have been reported to Spamcop and Comodo's upstream providers.
This is the text of the spam: Quote:You received this email because we thought you would benefit from the increased SSL protection. This is an advertisement. If you wish to unsubscribe from receiving e-mail offers from Comodo or if this message has been sent to you in error, please click on the unsubscribe link to be removed from our mailing list.... A reminder to anyone who receives an email from spammers: do not click on the unsubscribe in the spam email because by entering your email address on the spammer's site it will only verify to the spammer that the email address they spammed is functioning and you will likely see an increase in spam. |
|||
09-07-2010, 02:01 AM,
(This post was last modified: 09-07-2010, 02:54 AM by jezebel.)
Post: #4
|
|||
|
|||
Re: Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
Melih, dude, your company wouldn't need to spam to get customers if you'd just button your damn shirt and stop forcing visitors to Comodo's home page to look at your scrawny chicken chest! First impressions are everything!
P.S. to everyone else, check your server logs. Comodo's harvester bot is "mkt-search.comodo.com". IP addresses [size=12px]91.212.12.58, [/size]91.209.196.80 274,000 sites visited by the spammers' bot http://www.google.com/search?q=mkt-search.comodo.com block: [size=10px]91.209.196.0/24 [/size]http://www.robtex.com/cnet/91.209.196.html block: [size=10px]91.212.12.0/24 [/size]http://www.robtex.com/cnet/91.212.12.html block: [size=10px]91.199.212.0/24 [/size]http://www.robtex.com/cnet/91.199.212.html block: [size=10px]67.51.175.0/24 [/size]http://www.robtex.com/cnet/67.51.175.html block: [size=10px]149.5.128.0/24 [/size]http://www.robtex.com/cnet/149.5.128.html block: [size=10px]208.116.56.0/24 [/size]http://www.robtex.com/cnet/208.116.56.html AS48447 COMODO CA Ltd http://www.robtex.com/as/as48447.html#bgp |
|||
09-07-2010, 11:43 AM,
Post: #5
|
|||
|
|||
Re: Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates
Quote:P.S. to everyone else, check your server logs. Comodo's harvester bot is "mkt-search.comodo.com". IP addresses 91.212.12.58, 91.209.196.80 There are 1.24 million results (see log spam definition) if you search for its UA name http://www.google.com/search?q=Comodo-Certificates-Spider#q=Comodo-Certificates-Spider&hl=en . You can try to block it by disallowing its UA in robots.txt (User-agent: Comodo-Certificates-Spider Disallow: /) but there are reports that in true spammerbot fashion it often ignores robots.txt: http://www.projecthoneypot.org/ip_91.212.12.60 This quote is from a February 2010 discussion on Comodo's bot: Quote:This bot has hit my server several times looking at SSL certs that are linked to validation scripts that show when the SSL cert expires. I have also been sent several emails about 90-days before my SSL cert expires offering to renew it with them. Once these folks even sent me an email warning me that there was a security issue related to my cert/server configuration and even though the server had been upgraded over a month before that they still claimed it was vulnerable.http://www.webmasterworld.com/search_eng...002656.htm They have another bot that does its spidering from servers in Beijing China, IP range 114.255.52.160 - 114.255.52.175 http://www.botsvsbrowsers.com/details/421883/index.html http://www.robtex.com/ip/114.255.52.164.html#whois |
|||
« Next Oldest | Next Newest »
|
Users browsing this thread: 6 Guest(s)