Cymru Marketing Journal - (CMJUK) - Online Business Journal & Digital Marketing Agency. Business News, Directory, SEO, Social Media Management, Advertising, Reviews, Forum, Market Research, Content Writing & Website Design. Thinking Local, Acting Global.

Category: PHISHING EMAILS

Threatening Email Demanding Backlinks

Hacker using a laptop. Hacking the Internet. Cyberattack.

Threatening Email Demanding Backlinks.

Cyber threats come in all forms from computer viruses, data breaches, denial of service (DoS), blackmail (phishing attacks), to damage ranking and flagging sites causing search engine penalties or ransomware. A cyber attack or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general.

Disclaimer.

Firstly I would like to say I do not know this individual or the company this person is referring to and I have not upset anyone enough to threaten me. The only thing I could think of is that I do not outsource my work and I may have disgruntled a Website Designer or two from India thinking I am being awkward. My business is UK-based and I support local businesses. I never outsource my work offshore. Some of my clients have been burnt because either their websites have performed poorly or their domain names have been taken, hostage. Besides with so many people out of work in the UK, why on earth would I give my work to someone abroad?

The Email.

The email I received today was a demand to give this individual a backlink.

The said individual should have asked nicely and in most cases I oblige, but I do not think this was their ulterior motive.

The entity that wrote the email said if I do not give a backlink he will spam my site and damage my ranking. He did have a clickable URL in the email and I did not open it as it could have been a virus. I do not recommend anyone else typing it into their browser either as it could be malicious.

Ahh, Bless he said Best Wishes!

Investigation.

I did a Google search for his name and came up with someone working in LinkedIn but the entity may not be using a real name, so I am not going to contact this person as the name in the email could be fake.

I also did a Google search of the company the entity is referring to:

Bizcope | SEO, Web Design & Digital Marketing Company

Website: https://www.bizcope.com/ (I am not giving a backlink here as this company could be the victim or the instigator (no one knows for certain), although they firmly deny ever using such low-blow tactics in the reviews).

This email threat could be a malicious and elaborate way to damage this companies reputation. Maybe the entity is a disgruntled employee but reading the Google reviews the company seems to have never have heard of this person, again I reiterate he/she/it may not be using a false name.

Google Reviews.

It clearly shows I am not the only person being contacted by this individual also with the same jargon… I am not going to give a review as this company could well be the victim to getting one-star reviews.

https://www.google.com/search?client=firefox-b-d&q=Bizcope+SEO+company#lrd=0x3755b8497a7a0435:0xca6ecf4842d19100,1,,,

Google Webmaster Questions.

https://support.google.com/webmasters/thread/104275220/threats-of-blacklisting-my-site?hl=en

Name and Shame

“Dusyanthan Balasubramanian”

The email address:

sheaaestheticclinic@gmail.com

(“A WORD OF CAUTION – DO NOT EMAIL THIS PERSON OR TYPE ANY OF HIS LINKS INTO YOUR BROWSER”).

IP ADDRESS:

185.128.26.101

Through the email source, I managed to find the IP address but if the entity is using VPN then this location may not even be accurate.

FINAL THOUGHTS.

The said individual did get his/her 5 minutes of fame and gave me a post to write about but as for backlinks ask nicely.

I believe this person is a hacker and wants to ruin someone’s life and business. This tells me this person has a very sad life if they want to hurt other people. Imagine if the same thing happened to their family or friends would they be so eager to cause anguish and distress to another person?

I believe that search engines should do more and blacklist these people off the internet altogether. I think search engines should also make people show photo id to prove they are who they say they are so that they can eliminate fake accounts and websites and stop these idiots in their tracks. As an example, I am connected with some very important people and you would be amazed how many fake accounts add me every week near enough claiming to be the real person in question.

I believe in:

“What Goes Around, Comes Around”.

If you give out bad vibes then the UNIVERSE will pay you a visit but will punish you ten times harder.

If you do not believe me then research:

NEUROPLASTICITY.

#phishing #phishingemails #cybersecurity #cyberattacks #ransomeware #blackmail #ranking #emailthreats

Scam Alert: 07831623033

Hacker, Cyber Crime Beware.

Hacker Petending to be Amazon.

Who ever this person is knows who I am and is continuingly trying to scam me and break me down. I suspect who it might be but at the same time it could a coincidence of multiple people that may not be associated with one another. Either way I know enough about hacking to stay alert. Obviously either I am a hot commodity or someone is doing it out of spite. One way or another although I must admit it has played its toll on my mental health, I find that everytime someone tries to hack or scam me they have inevitabily created content for me to write on my blog.

So today I get a phone call and it is automated message that says my credit card associated with my Amazon account has had suspicious activity and it was prompting me to press options to either agree I made the transaction of over £1000 or decline or speak to an operator.

My gut feeling told me if this was really Amazon they would not be phoning from a mobile phone. My second gut reaction was not to say anything and not to press any buttons. This then made the caller hang up.

I did a reverse call lookup to see who called me and this is the screenshot of what I found (May I point out anyone can buy a telephone number from a different location / country and pretend to be phoning from th location they are targeting) Obviously this person forgot to hide his ip location:

Reverse Call Lookup:

https://whocalledmeuk.co.uk/phonenumber.php?numer=07831623033

What Amazon say about suspicious correspondence:

Report Suspicious Emails, Phone Calls, Text Messages, or Webpages

We take fraud, scam,phishing and spoofing attempts seriously. If you receive correspondence you think may not be from Amazon, please report it immediately.

Suspicious Emails or Webpages To report a phishing or spoofed email or webpage:

  1. Open a new email and attach the email you suspect is fake.For suspicious webpages, copy & paste the link into the email body. If you can’t send the email as an attachment, forward it.
  2. Send the email to stop-spoofing@amazon.com Note: Sending the suspicious email as an attachment is the best way for us to track it.

Note: Amazon can’t respond personally when you report a suspicious correspondence to stop-spoofing@amazon.com, but you may receive an automatic confirmation. If you have security concerns about your account, please contact us.

Suspicious Phone Calls or Text Messages

Report any suspicious phone call or text message to the Federal Trade Commission (FTC).

To report a phone call or text message visit ftc.gov/complaint and follow the onscreen assistant.

If you’re concerned about your account security, go to Protect Your System for tips and recommendations.

https://www.amazon.com/gp/help/customer/display.html/?nodeId=201909130

FINAL THOUGHTS

So now this entity has been reported, hopefully I have helped to stop someone else from being scammed.

What concerns me is that these entities that try to scam people out of money or ruin their businesses do not give two monkeys about the knock on effect it will have on a victim.

Not all people are internet savvy or cyber security astute. Imagine if the victim was someone who had mental health issues and this unlawful act pushed them over the edge.

People who scam need to find a real job that other people would be proud of them for, not be low life bottom feeders not thinking two pennies for someone elses downfall or situation if the domino effect happened.

All I can say is:

“What goes around comes around” !

If you only do good then only good things will happen but if you do bad then do not blame anyone other than yourself for the consequences of your actions.

“If people had empathy there would not be any wars”.

Joe Miller info@domainworld.com

Hope Karma Pays The Real Person Behind The Alias ‘Joe Miller’ A Visit.

Attempting to steal my of my domain name.

I have just received an email today attemptimg to steal my domain name www.cymrumarketing.com or put a virus on my computer.

The person must own www.domainworld.com to set up an email address appertaining to the domain name.

Obviously this person is visiting my site in order to physically fill out my online form.

Here is the email source:

Return-Path: <hello@cymrumarketing.com>
Delivered-To: hello@cymrumarketing.com
Received: from mx3.pub.mailpod7-cph3.one.com ([10.27.31.13])
	by mailstorage11.cst.mailpod7-cph3.one.com with LMTP id SOtuDYx1/182bwAAuBebmg
	for <hello@cymrumarketing.com>; Wed, 13 Jan 2021 22:34:52 +0000
X-HalOne-Spam: true
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=custmx.one.com; s=20201015;
	h=content-transfer-encoding:content-type:subject:reply-to:from:to:date:
	 message-id:mime-version:x-halone-refid:x-halone-sa:from:x-halone-sa:
	 x-halone-refid;
	bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=;
	b=YnT5IZgExxdj9xB9RbeitsFmfjOEe9fOHumJJcywYmtqIQFEl+3z1KWhA+dVaP4E+d2DcEnRG1XeG
	 nIubyyLvSd+Rqf1KQOvHiYpl2co1v6widYvKWgHhUDykdMS/OHft+fRIcICgI8B6rb8mTuE07BFszu
	 DpTNgpfcUfiX/yQqnEy9Xhp4nZ5ZfWBtIgwLL4Wl0MbWb5KITsAVaV2qa1BZzO+aEBFCEyWH7gKb5I
	 wAjLMyDT+kpUqaQsGfDw5uNXnyfKkGrMd8zSjQCRtuhyLvvSc+vPAmkalRlKsPUmn9anFk28PTbrEn
	 z2tJ4PxIT9t9CJk/MoT/Frfkhk4iDiA==
X-HalOne-SA: 10.3
X-HalOne-RefID: str=0001.0A682F28.5FFED7B8.0037,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8
Received: from mailout1-5.pub.mailoutpod1-cph3.one.com (mailout1-5.pub.mailoutpod1-cph3.one.com [193.202.110.150])
	by mx3.pub.mailpod7-cph3.one.com (Halon) with ESMTPS
	id 8cb76b45-55ef-11eb-bb52-506b4b1a9fd0;
	Wed, 13 Jan 2021 22:34:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=mailout.one.com; s=cust20200824;
	h=content-transfer-encoding:content-type:subject:reply-to:from:to:date:
	 message-id:mime-version:from;
	bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=;
	b=WJ2XNYOHH4uI31uy3kBGWZV7PxD+C88aC7dILgoVpPnmzKmY+EpcMzpgXvKHZy93kVHU4eBXKze9F
	 KttUkJ2spJy3zmyb36fKgGnYv2PIMr+91z8JbGodaUqpytbARweF+jbrkzo5G4YFkrMatlR29paxtx
	 fUH7pvedbkNmLd/k74nXfiutcvB/bgNY48+4BD/AIRxBDO9nzBdaESBkN+iYamiUxEeVSSh8+UbSmG
	 J/dH5wrgWCExDEc4+BXsqOFQfgzWaq4awGfxu3vsnqUONPoVcBQATaLIk10+NaoJmv4C+/TCm2ANoA
	 W94fj/Y9wZqcmRjG9dlW11YFWjQ2zgA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=cymrumarketing.com; s=20191106;
	h=content-transfer-encoding:content-type:subject:reply-to:from:to:date:
	 message-id:mime-version:from;
	bh=pxlGG9XBrN12C+0crgPcdw+d94ucLLWYzVsXG2traHQ=;
	b=x0vhD62d4mAbHWI01jY/BsiNmOwsLDbXBR+dD0C+3j+LQhjrrwOSMPVPGZeb/1IN2ur9zfuW/mu7Q
	 0mT9tJ5grw+YuqfTiQTqEleGFTlxxjqpusfc4OaBNFSu5noO6FgAtESyjlK0qLy4EY1P3WJ2MLQCKg
	 BdbyiFShiWz74uekkqWcwcp6vOk+BmCCL1sAYQF5khuQpfCDO75rWnDlj8Emi9g3un143lPUrsVmLS
	 86DcgmzKyUwokNHGttYnqgSyAQOJrgs+bNyTYqs7VjMmNjnk4iNP87240AwF7BaoR3xVHaHkSxsqfC
	 rQf+z7fT2C+2I7WusIXgafAvdc9qPrA==
X-HalOne-ID: 8cb76b45-55ef-11eb-bb52-506b4b1a9fd0
Received: from onecom-formmail1 (customer-nat.pub.webpod9-cph3.one.com [193.202.110.26])
	by mailout1.pub.mailoutpod1-cph3.one.com (Halon) with ESMTPSA
	id 8c884cf8-55ef-11eb-99e9-d0431ea8a29d;
	Wed, 13 Jan 2021 22:34:50 +0000 (UTC)
X-Originating-IP: 179.61.168.15
X-Onecom-RID: 07059d57-0dc5-441d-a45e-bab6e3416331
MIME-Version: 1.0
Message-ID: <1610577290817.26836.73294@formmail1>
Date: Wed, 13 Jan 2021 22:34:50 GMT
To: <hello@cymrumarketing.com>
From: <hello@cymrumarketing.com>
Reply-To: <info@domainworld.com>
Subject: New message via contact form on cymrumarketing.com - Contact page
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

You received a new message from info@domainworld.com sent via the contact f=
orm on cymrumarketing.com.
-------------------------------------------------------------------------

Name: Joe Miller

Email: info@domainworld.com

Message: Notice#: 491343
Date: 2021-01-14 =20

YOUR IMMEDIATE ATTENTION TO THIS MESSAGE IS ABSOLUTELY NECESSARY!

YOUR DOMAIN cymrumarketing.com WILL BE TERMINATED WITHIN 24 HOURS

We have not received your payment for the renewal of your domain cymrumarke=
ting.com

We have made several attempts to reach you by phone, to inform you regardin=
g the TERMINATION of your domain cymrumarketing.com

CLICK HERE FOR SECURE ONLINE PAYMENT: https://yourdomainregistration.ga/?n=
=3Dcymrumarketing.com&r=3Da&t=3D1610577289&p=3Dv1

IF WE DO NOT RECEIVE YOUR PAYMENT WITHIN 24 HOURS, YOUR DOMAIN cymrumarketi=
ng.com WILL BE TERMINATED

CLICK HERE FOR SECURE ONLINE PAYMENT: https://yourdomainregistration.ga/?n=
=3Dcymrumarketing.com&r=3Da&t=3D1610577289&p=3Dv1

ACT IMMEDIATELY.=20

The submission notification cymrumarketing.com will EXPIRE WITHIN 24 HOURS =
after reception of this email

This person is a parasite, the lowest of the low and I hope karma teaches him or her a lesson. Consider the consequences of your actions, next time you try to steal a domain name or try to ruin someone’s business!

This is the Whois Data.

Registrar Info

Name TUCOWS, INC. Whois Server whois.tucows.com

Referral URL http://tucowsdomains.com Status client

https://icann.org/epp#client

Transfer Prohibited

Transfer Prohibited
client

Update Prohibited

https://icann.org/epp#client

UpdateProhibited
Important Dates Expires

On 2021-04-24

Registered On

1997-04-23

Updated On 2020-12-04

Name Servers ns.domainkeep.com216.40.47.18ns2.domainkeep.com64.98.148.11

Registrar Data

We will display stored WHOIS data for up to 30 days.
refresh


Registrant Contact Information:

Name REDACTED FOR PRIVACY

Organization REDACTED FOR PRIVACY

Address REDACTED FOR PRIVACY

City REDACTED FOR PRIVACY

State / ProvinceCAPostal Code REDACTED FOR PRIVACY

Country US

Phone REDACTED FOR PRIVACY

Fax REDACTED FOR PRIVACY

Email

Administrative Contact Information:

Name REDACTED FOR PRIVACY

Organization REDACTED FOR PRIVACY

Address REDACTED FOR PRIVACY

City REDACTED FOR PRIVACY

State / Province CA

Postal Code REDACTED FOR PRIVACY

Country US

Phone REDACTED FOR PRIVACY

Fax REDACTED FOR PRIVACY

Email

Technical Contact Information:

Name REDACTED FOR PRIVACY

Organization REDACTED FOR PRIVACY

Address REDACTED FOR PRIVACY

City REDACTED FOR PRIVACY

State / Province CA

Postal Code REDACTED FOR PRIVACY

Country US

Phone REDACTED FOR PRIVACY

Fax REDACTED FOR PRIVACY

Email

Information Updated: 2021-01-13 03:39:05

FINAL THOUGHTS

With what is going on in the world right now you would think low lifes in this world would learn to be honest and not harm people.

Obviously this individual thinks I am totally stupid and would fall for this scam.

I have done some research and I am not the only person this scumbag has attempted to con.

https://omniworxinc.ca/news/phishing-joemiller-domainworld

https://www.facebook.com/mywebtoday/photos/a.679099268804336/3199422500105321/?type=3&eid=ARAHBfMsrZFAyn23JVMm7bBNi3lkvgpK0Tbf2grOBzOb-bIjIf8d7JR6v0uwC2VSD-SZGV4QuT55pv4G

https://wedgwoodinsurance.com/blog/cyber-awareness/domain-scam-targets-businesses/

https://www.signal-arnaques.com/en/scam/view/271973

If you get any emails from this individual, ignore or report as phishing, do not press any links or reply.

Angry Is An Understatement To How I Am Feeling Right Now!

To the sender of this email “you reap what you sow”.

Anyone who has any information on this person please contact me.

Amazon Phising Email

Amazon Phishing Email.

Does the sender of the following email think I am totally STUPID?

Animated GIF

I have had two emails within the last 24 hours to my private email from the following HACKER MUPPET LOW LIFE.

I have tried to find out who this IDIOT is with “whois” and the domain name seems to have no DATA (www.mastahmakeng.online).

You would think with what is going on round the world right now these bottom feeder scam artists would have something better to do than try and scam people.

Here is the email screenshot which I have forwarded to: stop-spoofing@amazon.com

You can read what Amazon says here about phishing emails: https://www.amazon.co.uk/gp/help/customer/display.html?nodeId=GRGRY7AQ3LMPXVCV

FINAL THOUGHTS.

Registrars should have a service if someone reports a domain name that is performing illegal activities and one can prove phishing emails by looking up the email source code, then registrars should take these emails and domain names down.

It angers me that people do not have anything better to do other than hurt others, send viruses online and try to scam people out of money.

I just hope for Karma to pay the Hacker and his/her Family a visit 🤬

Calendar

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Loading