I’ve noticed a pattern in the last year or so with attack emails containing various zip files claiming any number of good reasons to open them and they all have been originating as attacks from domains starting with the letter “R”. I’ve included a list below of the suspect domains which I am currently blocking on my server. If any of these domains are valid, have your webmaster check for compromised email accounts. In the case of spoofing there’s not much that can be done, but it is a curious pattern. If you’ve seen a similar pattern, please contact me.
Posted in Email | No Comments »