Hi,

I have suspended the mentioned account from the server. Please find the details below.

================

On Tuesday 24 April 2012 10:01 AM, Nexcess wrote:

We've received the following complaint regarding content on your site. Please remove the content in question and let us know when it's been taken down so that we can notify them that it's removed. Thanks.

-----------------------------

On 4/21/2012 9:11 PM, Russell Langner wrote:

http://152.160.238.133/~ip1/item.html





Dear Internet 123, Inc.,



We have just learned that your service is being used to display false or "spoofed" eBay.com pages, apparently in an effort to steal personal and financial information from consumers, including eBay users, in order to defraud them. Specifically, it appears that an Internet 123, Inc. user is sending unsolicited messages to consumers, misrepresenting itself as eBay, and making statements that encourage the recipient to go to a page hosted by you at



152.160.238.133 - http://152.160.238.133/~ip1/item.html







to enter personal and account information. The deceptively gathered information is then sent to an email account and, based on our investigation of similar schemes, used to gain access to consumers’ personal accounts in order to commit fraudulent acts such as international credit card and wire fraud.



This matter is urgent - we believe that consumers have been falsely directed to this page and may be deceived into divulging personal information to a criminal if the page is not immediately disabled. We ask that you immediately disable the site at http://152.160.238.133/~ip1/item.html as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide it to the proper law enforcement authorities.



We would also like to ask for you to assist us in educating consumers about phishing and how to protect themselves. To that end, we have set up an educational page at https://signin.ebay.com/ws/eBayISAPI.dll?AntiPhishingRedirector&purl=http://152.160.238.133/~ip1/item.html to help prevent consumers from being victimized by phishing sites. We would greatly appreciate it, and think it would be enormously beneficial, if you would set up a redirect from the taken down fraudulent address to the educational page we have created, as default error messages such as "404 Not Found" don’t educate the public about the dangers of phishing and fraud on the Internet.



We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist eBay and law enforcement in tracking this individual, we greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.



Thank you,





eBay Inc.

Trust&  Safety

If you have an account, log in and manage this ticket here: https://portal.nexcess.net/ticket/verify?code=93662-d1fe67494207c75db273c402f9b85473

===============

> prasul

Hi,

I have suspended the account ip5.com from the server. Please find the details below.

==============

On Tuesday 24 April 2012 09:56 AM, Nexcess wrote:

We've received the following complaint regarding content on your site. Please remove the content in question and let us know when it's been taken down so that we can notify them that it's removed. Thanks.

-----------------------------

On 4/21/2012 9:11 PM, Russell Langner wrote:

http://152.160.205.159/item.html





Dear Internet 123, Inc.,



We have just learned that your service is being used to display false or "spoofed" eBay.com pages, apparently in an effort to steal personal and financial information from consumers, including eBay users, in order to defraud them. Specifically, it appears that an Internet 123, Inc. user is sending unsolicited messages to consumers, misrepresenting itself as eBay, and making statements that encourage the recipient to go to a page hosted by you at



152.160.205.159 - http://152.160.205.159/item.html







to enter personal and account information. The deceptively gathered information is then sent to an email account and, based on our investigation of similar schemes, used to gain access to consumers’ personal accounts in order to commit fraudulent acts such as international credit card and wire fraud.



This matter is urgent - we believe that consumers have been falsely directed to this page and may be deceived into divulging personal information to a criminal if the page is not immediately disabled. We ask that you immediately disable the site at http://152.160.205.159/item.html as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide it to the proper law enforcement authorities.



We would also like to ask for you to assist us in educating consumers about phishing and how to protect themselves. To that end, we have set up an educational page at https://signin.ebay.com/ws/eBayISAPI.dll?AntiPhishingRedirector&purl=http://152.160.205.159/item.html to help prevent consumers from being victimized by phishing sites. We would greatly appreciate it, and think it would be enormously beneficial, if you would set up a redirect from the taken down fraudulent address to the educational page we have created, as default error messages such as "404 Not Found" don’t educate the public about the dangers of phishing and fraud on the Internet.



We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist eBay and law enforcement in tracking this individual, we greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes.



Thank you,





eBay Inc.

Trust&  Safety

If you have an account, log in and manage this ticket here: https://portal.nexcess.net/ticket/verify?code=93660-7b2fe209fd89ad0ba2f38627b6a43503

> Prasul

Good day,

There has been a critical security patch released by Microsoft for the remote desktop protocol (RDP). This patch fixes a remote desktop vulnerability in where an attacker can remotely execute code on your server without any authentication.

You can find more information regarding this vulnerability here: http://technet.microsoft.com/en-us/security/bulletin/ms12-020

We recommend that you run the Windows update utility on your server if Windows updates aren't set to auto install.
Once the patch has been installed you will need to restart the server.

If you have any questions or if you require any help doing this, please let us know.

Ahosting, INC