415-320-1147

Wells-Fargo-Cards.com Phishing SMS text I received a SMS text on my mobile this evening from something with the number 950-1 that read: "protect@wells-fargo-cards.com / Protection / Customer Protection: www.wells-fargo-cards.com" I ran a whois search on this and found that the site was just registered today. I sent an email to the registrar abuse email link listed in the whois info, and to the official Wells Fargo fraud department. I also called the number of the individual listed in the whois as the admin and tech contact for the site (with my caller ID blocked of course). He did not answer, but his voice mail indicated a name other than the one listed in the site info. I gave him a small piece of my mind, then told him to do his own look-up of the site if he had no idea what I was talking about. I figured there is a fair chance that the registrant info is all fake. Finally, I did a quick scan with NMAP of the IP address and found out that the site doesn't have a firewall, and pretty much all of the ports are open. If anyone wants to have some fun with them, be my guest. I am putting this out for informational purposes, in case someone else has received the SMS msg and is looking for information on it. Please don't visit the site, as I have no idea what is waiting for you there. Here is the whois info (NMAP info tacked on at the end): **WHOIS for wells-fargo-cards.com** Email abuse@melbourneit.com.au is associated with ~1,676,862 domains lima@mail.ru Reverse Whois Registrar MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE Registrar Status ok Dates Created on 2016-05-28 - Expires on 2017-05-28 - Updated on 2016-05-28 Name Server(s) NS1.WELLS-FARGO-CARDS.COM NS2.WELLS-FARGO-CARDS.COM IP Address 185.106.22.71 - 9 other sites hosted on this server IP Location Turkey - Amasya - Amasya - Tugba Karacaga Trading As Akon Teknoloji ASN Turkey AS43260 DGN DGN TEKNOL

Wells-Fargo-Cards.com Phishing SMS text I received a SMS text on my mobile this evening from something with the number 950-1 that read: "protect@wells-fargo-cards.com / Protection / Customer Protection: www.wells-fargo-cards.com" I ran a whois search on this and found that the site was just registered today. I sent an email to the registrar abuse email link listed in the whois info, and to the official Wells Fargo fraud department. I also called the number of the individual listed in the whois as the admin and tech contact for the site (with my caller ID blocked of course). He did not answer, but his voice mail indicated a name other than the one listed in the site info. I gave him a small piece of my mind, then told him to do his own look-up of the site if he had no idea what I was talking about. I figured there is a fair chance that the registrant info is all fake. Finally, I did a quick scan with NMAP of the IP address and found out that the site doesn't have a firewall, and pretty much all of the ports are open. If anyone wants to have some fun with them, be my guest. I am putting this out for informational purposes, in case someone else has received the SMS msg and is looking for information on it. Please don't visit the site, as I have no idea what is waiting for you there. Here is the whois info (NMAP info tacked on at the end): **WHOIS for wells-fargo-cards.com** Email abuse@melbourneit.com.au is associated with ~1,676,862 domains lima@mail.ru Reverse Whois Registrar MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE Registrar Status ok Dates Created on 2016-05-28 - Expires on 2017-05-28 - Updated on 2016-05-28 Name Server(s) NS1.WELLS-FARGO-CARDS.COM NS2.WELLS-FARGO-CARDS.COM IP Address 185.106.22.71 - 9 other sites hosted on this server IP Location Turkey - Amasya - Amasya - Tugba Karacaga Trading As Akon Teknoloji ASN Turkey AS43260 DGN DGN TEKNOL