We're seeing huge amounts of spam coming from cox.net (68.230.241.0/24) over the past few days. Going to our filtering system but also getting through to Office 365 and Gmail accounts without any issue at all.
They are all the well written, formatted "please remit" type emails with a Word Doc attached. Interesting, the example I've had sent to me today went directly to my users @domain.onmicrosoft.com address, so not to the custom domain. The customer has never actually used the onmicrosoft.com domain for anything. This is a repeat of what we saw from the same IP range in June. Anyone at Cox.net that can comment? Example of what we see: From: Coulson, Nick [mailto:bbulla...@cox.net] Sent: Wednesday, 31 August 2016 1:05 PM To: Real Staff Members Name <abc....@hidden.onmicrosoft.com> Subject: Companies Actual Full Legal Name; Ben, Please See and Clear - NET-30 01V950901 Hello Real Staff Members Name, Mechanical Engineer I am writing to inform you that we haven't got deposit of $1662.00 from Real Companies Name (), which appears outstanding. Since you are our returning customer, we are offering you 3 extra days to remit the payment. Please refer to the attached paper for payment requisites. Cheers, Coulson, Nick Forte School of Music Applecross | Accounts Team A.B.N 73 106069311 325-327 Queensberry Street North Melbourne Vic 3051
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
