Date: Fri, 11 Dec 2015 19:38:44 -0500Subject: Fwd: [13-443577-405]: CloudFlare

1. Date: Fri, 11 Dec 2015 19:38:44 -0500
2. Subject: Fwd: [13-443577-405]: CloudFlare received a phishing report regarding your site.
3. From: tavonk.tk@gmail.com
4. To: OfficialDuckmodz@gmail.com
5.  
6.  
7. ---------- Forwarded message ----------
8. From: CloudFlare <abuse@cloudflare.com>
9. Date: Wed, Dec 9, 2015 at 6:49 PM
10. Subject: [13-443577-405]: CloudFlare received a phishing report regarding your site.
11. To: tavonk.tk@gmail.com
12.  
13.  
14. CloudFlare received a phishing report regarding:
15.  
16. mcsnipes.com
17.  
18. Below is the report we received:
19.  
20. Reporter's Name: RSA Security
21. Reporter's Email Address: afcc@rsa.com
22. Reported URLs:
23. http://www.mcsnipes.com/sign-in.html
24. Logs or Evidence of Abuse: Fraudulent site - please shut down![Microsoft E1881433] IP: 104.27.181.215
25.  
26.  
27. To whom it may concern,
28.  
29. RSA, The Security Division of EMC (“RSA”), an information security
30. company, has been appointed to assist Microsoft in preventing or
31. terminating online activity that targets, or may target Microsoft’s
32. clients as potential fraud victims.
33.  
34. RSA has been made aware that your company appears to be providing
35. internet services to a website, which is making unauthorized use of
36. Microsoft’s trademarks. This site http://www.mcsnipes.com/sign-in.html
37. not only violates Microsoft’s copyright, trademarks and other
38. intellectual property rights, but may also become a host to a phishing
39. attack, or other fraudulent scams directed against Microsoft and
40. Microsoft’s clients.
41.  
42. The fraudulent website not only represents a misappropriation of
43. Microsoft’s intellectual property; its purpose is to mislead Microsoft’s
44. clients. Our experience has shown that such sites become a host of
45. phishing* and other fraudulent scams against our customer’s account
46. holders.
47.  
48. Please take all necessary steps to immediately shut down the fraudulent
49. website, terminate its availability on the Internet and discontinue the
50. transmission of any e-mails associated with this website.
51.  
52. We understand that you may not be aware of this improper use of your
53. services and we appreciate your cooperation. We specifically ask that
54. you also take the following actions wherever relevant or possible:
55.  
56.  
57.  
58. * Please provide us with a tar/zip file of the source code for
59. this website, so that we may analyze it to help prevent further attacks;
60. * If any customer data has been captured that is stored on your
61. systems or equipment, please send us that data so that the customers to
62. whom that data relates can be notified and take steps to protect their
63. credit;
64.  
65. We specifically would ask that you also provide a copy of any records
66. you maintain that indicate the name, contact information, method of
67. payment or similar information that may be useful in helping learn the
68. identity and location of the customer for whom the website has been
69. operated.
70.  
71. The foregoing is without prejudice to any and all of rights and remedies
72. of any financial institution in connection with this matter, which are
73. hereby expressly reserved.
74.  
75. RSA is providing this notification to you in the interest of preventing
76. the proliferation of phishing scams and the information contained herein
77. is provided to you on an "AS-IS" basis, without representation or
78. warranty of any kind.
79.  
80. Thank you for your cooperation to prevent and terminate this fraudulent
81. activity.
82.  
83.  
84. If you need further information, please do not hesitate to contact RSA
85. at the numbers below.
86.  
87. Sincerely,
88.  
89. RSA SECURITY INC.
90.  
91.  
92.  
93. RSA Anti-Fraud Command Center
94. Tel: +44 (0)800-032-7751
95. Tel: +1-866-408-7525
96. E-mail:afcc@rsa.com
97.  
98. Title: Assistant General Counsel
99. Name: Richard Boscovich
100. Address: 5600 148th Ave. N.E., Redmond WA, 98052
101. Telephone: 425-704-0867
102. E-mail: rbosco@microsoft.com
103.  
104. *“Phishing” generally refers to a variety of web based scams that make
105. use of an illegitimate website which passes itself off as being that of
106. a targeted financial institution together with associated data
107. collection points (including web based email accounts) in order to
108. deceive the account holders of the financial institution into revealing
109. their personal information, including but not limited to their credit or
110. debit account numbers, checking account information, social security
111. numbers, or banking account passwords. Once these account holder
112. credentials are collected they can then be used to commit wire fraud or
113. other similar activities of a criminal nature.
114.  
115.  
116.  
117. 74
118.  
119.  
120. We have provided the name of your hosting provider to the reporter. Additionally, we have forwarded this complaint to your hosting provider. We have also restricted access to the phishing-related content until it has been removed.
121.  
122. Regards,
123.  
124. CloudFlare Abuse