NetKnow now in Netcraft's Top 22250

Posted by Dave Yadallee on
All data is from Netcraft Toolbar . Looks as if there are major changes to the Netcraft algorithm!



NetKnow







Netknow now ranks 22230 at Netcraft .



A significant decrease! We must do security audits regularly and check on illegitimate traffic hitting the web server!





We are now redirecting all traffic to Secured general server which now ranks 265740 from 267505 and pfs compliant .



Some of our others domains and services ranks as follows:





NetKnow Secure Server

ranks 65990 from 64526 on Netcraft and pfs compliant .

NetKnow's secondary server

ranks at 2945 from 2569 last week on Netcraft and Secured secondary server using the wildcard certificate is at 6376 from 6370 .

NetKnow's Anonynous FTP server

is at 526006 from 523263 and non-anonymous rank 499081 from 496231 .

www.nl2k.ab.ca

ranks >2000000 from >2000000 on Netcraft.

internetedmonton.ca

ranks at >2000000 from >2000000.

edmontoninternetserviceprovider.ca

is at >2000000 from >2000000 .

edmontonab.ca

ranks > 2000000 from >2000000



How do we compare with other providers in

Edmonton, Alberta, Canada?



Netknow again





We at Netknow are down 1030 and down 18558 the start of the year 2018 from 3672 . We aim to get above 450 by the end of December 2018.



Telus and reviews





Next we have Telus.com

ranked by Netcraft at 13241 from 13207.

Sometimes their Web Hosting is done by
title="Internet Names for Business">Internet Names for Business

is ranked by Netcraft at >2000000 from >2000000 .



Is Telus's ADSL network suspectible to Code Red Attacks and Attackers

Reviews of Telus are available :





Shaw Cable





Next, members.shaw.ca

ranks 560347 from 507636 and

Shaw Cable

is next at Netcraft rank 46832 from 46207 . Briefly unavailable during high peak demand.

Their Network Hosting Arm,

Big Pipe is at

Netcraft rank 769687 from 765796 .

One of customer of Shaw Avalon Global

rank > 2000000 from > 2000000 .



Reviews of Shaw are available :





Rogers





Rogers Business Solutions

which rank 57536 from 55221



University of Alberta







The University of Alberta ranks 58925 from 59846 hosted by Amazon TEchonologies.



Government of Alberta





The Government of Alberta Website

ranks 85881 from 83643 by Netcraft



NAIT / Northern Alberta Institute of Technology





NAIT ranks 119613 from 119514 hosted by Microsoft .



Juno and NetZero





We have Juno Internet ranked on top

at 143928 from 134608 who are the owners of

US Based Netzero at Netcraft Rank 173263 from 173674



City of Edmonton







The City of Edmonton ranks 174190 from 175942 by Netcraft.



Xplornet





xplornet

ranks 270565 from 262156 and are listed with

Stentor and are joining up with Shaw.

According to an article in the Sherwood Park Independent they are also getting an Alberta Government subsidy.



Primus





Primus

ranks 277830 from 283661 and now points to BLACKIRON_DataCentres ranked >2000000 from >2000000.



Grant MacEwen University





MacEwan

ranks 335292 from 351166.



Distributel / 3Web / CIA





Cybersurf

is ranked 620146 from 641264 and seems to be hosted in Brazil.



Tera Byte Edmonton and reviews





Next is Tera-Byte

at Netcraft Rank 1031494 from 954036 with

Tera-Byte.ca

ranking >2000000 from >2000000 and their wireless arm Tera-Byte Wireless

sold to Xplornet.

One of Tera-Byte's acquisitions

Edmonton Community Networks

ranks at >2000000 from >2000000 and

Go Edmonton ranks >2000000 from >2000000.

Alberta political blogger Daveberta ranks >2000000 from >2000000; interesting!!!

Reviews of Tera-byte is available at

here

and another here

and check Google for more reviews; just search tera byte.



Yellowpencil





Yellowpencil Ranks 1563152 from 1372316.



Alentus / Wolfpaw





Alentus

rank by Netcraft 1586896 from 1579142 and I note they are hosted in the USA .

wolfpaw.net

which ranks at >2000000 from >2000000



Clearwave Broadband





Clearwave Broadband ranks

at 1786273 from 1776403



Uniserve / Interbaun





Next, Uniserve

ranks on Netcraft >2000000 from >2000000

One of their acquisitions

interbaun

ranks with Netcraft ?????? from ?????? due to merging of sites.

One customer just came over from this organization in Nov 2006.



Internet Centre / CCINet





Internet Centre

rank >2000000 from >2000000. Their partner Rack Nine ranks > 2000000.



WSI Corporation





Next is WSI - We Simply The Internet of Toronto

at Netcraft Position >2000000 from >2000000 and are being hosted on Amazon.



Nucleus Internet Services





After that we have

Nucleus Information Services which can be found at Netcraft Rank >2000000 from >2000000



Emergence by Design





Emergence by Design

now ranks >2000000 from >2000000.







4Web





4web ranks >2000000 from >2000000 .



Platinum Communications





Platinum Communications Corp.

bought out by Xplornet .



Radiant Communications





Radiant Communications

are ranked by Netcraft >2000000 from >2000000





Wild Rose Internet





Wild Rose Internet

ranks >2000000 from >2000000 and I wonder if this is another wireless branch of Tera-Byte and bought out by Xplornet





TIC Internet





TIC Internet

ranks >2000000 from >2000000 ( I do remember you).







Nisa Custom Internet Solutions





Nisa Custom Internet Solutions

ranks >2000000 from >2000000 by Netcraft



MediaShaker





Media Shakers of Edmonton

ranks >2000000 from >2000000





Koi Media





Koi Media

rank >2000000 from >2000000



WebFire





Webfire.ca

ranks >2000000 from >2000000 and seems to be connected with Shaw.



Core Network Solutions Inc.





Core Network Solutions Inc.

ranks at >2000000 from >2000000 .



The Network Centre





The Network Centre

ranks >2000000 from >2000000 and are linked with Telus high Speed.





Open Concept Internet, Inc.





Open Concept Internet, Inc.

rank > 2000000 from > 2000000



Wiband Wireless





Wiband Wireless

rank on Netcraft at > 2000000 from > 2000000 and

their customer Found Locally

ranks at > 2000000 from > 2000000



InterSpots





Interspots of Edmonton

rank > 2000000 from > 2000000 hosted by Stentor ;







Internet Crossroads





Internet Crossroads Ltd of North Edmonton

rank nothing from nothing by Netcraft and seems to merged with Tera-Byte/ecn.ab.ca .



If I remember anymore, I will add to this entry, before Netcraft changes

our ranking. Please watch this space and please feel free to peruse

our services.

Phishing as a false main host

Posted by Dave Yadallee on
From - Mon Dec 24 06:04:19 2018

X-Account-Key: account2

X-UIDL: 0006895e501fb806

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: aboo@doctor.nl2k.ab.ca

Delivery-date: Mon, 24 Dec 2018 06:04:25 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbPuD-0007Lx-P3

for aboo@doctor.nl2k.ab.ca; Mon, 24 Dec 2018 06:04:25 -0700

Resent-From: The Doctor

Resent-Date: Mon, 24 Dec 2018 06:04:25 -0700

Resent-Message-ID: <20181224130425.GB5777@doctor.nl2k.ab.ca>

Resent-To: See root

Received: from nya.nyamera.com ([162.144.69.227]:58997)

by doctor.nl2k.ab.ca with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)

(Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbNte-00055x-6x

for root@nk.ca; Mon, 24 Dec 2018 03:56:01 -0700

Received: from [94.100.31.27] (port=53137 helo=len.co.id)

by nya.nyamera.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)

(Exim 4.89_1)

(envelope-from )

id 1gbNt7-00088H-Rt

for root@nk.ca; Mon, 24 Dec 2018 13:55:10 +0300

From: nk.ca

To: root@nk.ca

Subject: ATTENTION root@nk.ca

Date: 24 Dec 2018 02:55:09 -0800

Message-ID: <20181224025509.34A2F21E8524B780@len.co.id>

MIME-Version: 1.0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

X-OutGoing-Spam-Status: No, score=0.5

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - nya.nyamera.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - len.co.id

X-Get-Message-Sender-Via: nya.nyamera.com: authenticated_id: info@chakasafaris.com

X-Authenticated-Sender: nya.nyamera.com: info@chakasafaris.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi root You have some undelivered incoming mails on root@nk.ca

Follow below portal to prompt delivery to avoid being blocked from receiving

mails.



Content analysis details: (5.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[162.144.69.227 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in

dnsbl.ahbl.org

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was

blocked. See

http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

for more information.

[URIs: nk.ca]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or

identical to background

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 SUBJ_ATTENTION ATTENTION in Subject

Subject: {SPAM?} ATTENTION root@nk.ca









Hi root


 


You have some undelivered incoming mails on root@nk.ca


 


Follow below portal to prompt delivery to avoid being blocked from rec=

eiving mails.


 




 


 


 


Best Regard,


nk.ca Mail Servicee




More blackmail phish

Posted by Dave Yadallee on
From - Mon Dec 24 06:02:19 2018

X-Account-Key: account2

X-UIDL: 0006895b501fb806

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: aboo@doctor.nl2k.ab.ca

Delivery-date: Mon, 24 Dec 2018 06:01:49 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbPrh-0005uF-NQ

for aboo@doctor.nl2k.ab.ca; Mon, 24 Dec 2018 06:01:49 -0700

Resent-From: The Doctor

Resent-Date: Mon, 24 Dec 2018 06:01:49 -0700

Resent-Message-ID: <20181224130149.GA5777@doctor.nl2k.ab.ca>

Resent-To: See root

Received: from [37.106.122.235] (port=41255)

by doctor.nl2k.ab.ca with esmtp (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbKHS-000InS-7F

for root@nk.ca; Mon, 24 Dec 2018 00:04:17 -0700

Message-ID: <169842008122104909997516@uos.de>

From: "Security Team"

To: "lyndax69"

Subject: Frauders known your old password (lyndax69). Password must be changed.

Date: 24 Dec 2018 11:40:45 +0200

MIME-Version: 1.0

Content-type: text/plain;

charset="ibm852"

Content-transfer-encoding: 8bit

X-Mailer: Kxovloio fusgwr

X-Spam_score: 5.7

X-Spam_score_int: 57

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello! I have bad news for you. 19/09/2018 - on this day I

hacked your OS and got full access to your account root@nk.ca On this day

your account root@nk.ca has password: lyndax69 So, you can change the password,

yes.. But my malware intercepts it every time.



Content analysis details: (5.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was

blocked. See

http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

for more information.

[URIs: nk.ca]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[37.106.122.235 listed in bb.barracudacentral.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in

will-spam-for-food.eu.org

[37.106.122.235 listed in will-spam-for-food.eu.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[37.106.122.235 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.3 LONGWORD BODY: Uses overlong words

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} Frauders known your old password (lyndax69). Password must be changed.



Hello!



I have bad news for you.

19/09/2018 - on this day I hacked your OS and got full access to your account root@nk.ca

On this day your account root@nk.ca has password: lyndax69



So, you can change the password, yes.. But my malware intercepts it every time.



How I made it:

In the software of the router, through which you went online, was a vulnerability.

I just hacked this router and placed my malicious code on it.

When you went online, my trojan was installed on the OS of your device.



After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).



A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.

But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!

I'm talk you about sites for adults.



I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!



And I got an idea....

I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).

After that, I made a screenshot of your joys (using the camera of your device) and glued them together.

Turned out amazing! You are so spectacular!



I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.

I think $789 is a very, very small amount for my silence.

Besides, I have been spying on you for so long, having spent a lot of time!



Pay ONLY in Bitcoins!

My BTC wallet: 1J5SXcupgaq2tUas5S7wVtf7evJp6YC3LJ



You do not know how to use bitcoins?

Enter a query in any search engine: "how to replenish btc wallet".

It's extremely easy



For this payment I give you two days (48 hours).

As soon as this letter is opened, the timer will work.



After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.

If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".



I hope you understand your situation.

- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)

- Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)

- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.



P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!

This is the word of honor hacker



I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.



Do not hold evil! I just do my job.

Good luck.





More blackmail phish

Posted by Dave Yadallee on
From - Sun Dec 23 20:48:01 2018

X-Account-Key: account2

X-UIDL: 00068949501fb806

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: aboo@doctor.nl2k.ab.ca

Delivery-date: Sun, 23 Dec 2018 20:47:37 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbHDN-000JWK-BE

for aboo@doctor.nl2k.ab.ca; Sun, 23 Dec 2018 20:47:37 -0700

Resent-From: The Doctor

Resent-Date: Sun, 23 Dec 2018 20:47:37 -0700

Resent-Message-ID: <20181224034737.GB72238@doctor.nl2k.ab.ca>

Resent-To: See root

Received: from [111.3.111.213] (port=29837)

by doctor.nl2k.ab.ca with esmtp (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbEwJ-0006wQ-GE

for doctor@nk.ca; Sun, 23 Dec 2018 18:22:04 -0700

Message-ID: <5C20A51F.3010803@bellsoouth.net>

Date: Mon, 24 Dec 2018 16:21:35 +0700

From: "Security Team"

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.12) Gecko/20100826 Thunderbird/3.0.7

MIME-Version: 1.0

To: "lyndax69"

Subject: Frauders known your old password (lyndax69). Password must be changed.

Content-Type: text/plain; charset=IBM852; format=flowed

Content-Transfer-Encoding: 8bit

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello! I have bad news for you. 19/09/2018 - on this day I

hacked your OS and got full access to your account doctor@nk.ca On this day

your account doctor@nk.ca has password: lyndax69 So, you can change the password,

yes.. But my malware intercepts it every time.



Content analysis details: (5.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was

blocked. See

http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

for more information.

[URIs: nk.ca]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Blocked - see ]

1.0 RCVD_IN_WSFF RBL: Received via a relay in

will-spam-for-food.eu.org

[111.3.111.213 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

0.3 LONGWORD BODY: Uses overlong words

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.0 RCVD_IN_SORBS No description available.

Subject: {SPAM?} Frauders known your old password (lyndax69). Password must be changed.



Hello!



I have bad news for you.

19/09/2018 - on this day I hacked your OS and got full access to your account doctor@nk.ca

On this day your account doctor@nk.ca has password: lyndax69



So, you can change the password, yes.. But my malware intercepts it every time.



How I made it:

In the software of the router, through which you went online, was a vulnerability.

I just hacked this router and placed my malicious code on it.

When you went online, my trojan was installed on the OS of your device.



After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).



A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.

But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!

I'm talk you about sites for adults.



I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!



And I got an idea....

I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).

After that, I made a screenshot of your joys (using the camera of your device) and glued them together.

Turned out amazing! You are so spectacular!



I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.

I think $713 is a very, very small amount for my silence.

Besides, I have been spying on you for so long, having spent a lot of time!



Pay ONLY in Bitcoins!

My BTC wallet: 1J5SXcupgaq2tUas5S7wVtf7evJp6YC3LJ



You do not know how to use bitcoins?

Enter a query in any search engine: "how to replenish btc wallet".

It's extremely easy



For this payment I give you two days (48 hours).

As soon as this letter is opened, the timer will work.



After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.

If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".



I hope you understand your situation.

- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)

- Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)

- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.



P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!

This is the word of honor hacker



I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.



Do not hold evil! I just do my job.

Good luck.





More blackmail phish

Posted by Dave Yadallee on
From - Sun Dec 23 18:32:59 2018

X-Account-Key: account2

X-UIDL: 00068944501fb806

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-path:

Envelope-to: aboo@doctor.nl2k.ab.ca

Delivery-date: Sun, 23 Dec 2018 18:32:52 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbF6y-000A2p-Ce

for aboo@doctor.nl2k.ab.ca; Sun, 23 Dec 2018 18:32:52 -0700

Resent-From: The Doctor

Resent-Date: Sun, 23 Dec 2018 18:32:52 -0700

Resent-Message-ID: <20181224013252.GA37389@doctor.nl2k.ab.ca>

Resent-To: See root

Received: from [111.3.111.213] (port=29837)

by doctor.nl2k.ab.ca with esmtp (Exim 4.91 (FreeBSD))

(envelope-from )

id 1gbEwJ-0006wQ-GE

for doctor@nk.ca; Sun, 23 Dec 2018 18:22:04 -0700

Message-ID: <5C20A51F.3010803@bellsoouth.net>

Date: Mon, 24 Dec 2018 16:21:35 +0700

From: "Security Team"

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.12) Gecko/20100826 Thunderbird/3.0.7

MIME-Version: 1.0

To: "lyndax69"

Subject: Frauders known your old password (lyndax69). Password must be changed.

Content-Type: text/plain; charset=IBM852; format=flowed

Content-Transfer-Encoding: 8bit

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello! I have bad news for you. 19/09/2018 - on this day I

hacked your OS and got full access to your account doctor@nk.ca On this day

your account doctor@nk.ca has password: lyndax69 So, you can change the password,

yes.. But my malware intercepts it every time.



Content analysis details: (5.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was

blocked. See

http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

for more information.

[URIs: nk.ca]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Blocked - see ]

1.0 RCVD_IN_WSFF RBL: Received via a relay in

will-spam-for-food.eu.org

[111.3.111.213 listed in will-spam-for-food.eu.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

0.3 LONGWORD BODY: Uses overlong words

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

1.0 RCVD_IN_SORBS No description available.

Subject: {SPAM?} Frauders known your old password (lyndax69). Password must be changed.



Hello!



I have bad news for you.

19/09/2018 - on this day I hacked your OS and got full access to your account doctor@nk.ca

On this day your account doctor@nk.ca has password: lyndax69



So, you can change the password, yes.. But my malware intercepts it every time.



How I made it:

In the software of the router, through which you went online, was a vulnerability.

I just hacked this router and placed my malicious code on it.

When you went online, my trojan was installed on the OS of your device.



After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).



A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.

But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!

I'm talk you about sites for adults.



I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!



And I got an idea....

I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).

After that, I made a screenshot of your joys (using the camera of your device) and glued them together.

Turned out amazing! You are so spectacular!



I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.

I think $713 is a very, very small amount for my silence.

Besides, I have been spying on you for so long, having spent a lot of time!



Pay ONLY in Bitcoins!

My BTC wallet: 1J5SXcupgaq2tUas5S7wVtf7evJp6YC3LJ



You do not know how to use bitcoins?

Enter a query in any search engine: "how to replenish btc wallet".

It's extremely easy



For this payment I give you two days (48 hours).

As soon as this letter is opened, the timer will work.



After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.

If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".



I hope you understand your situation.

- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)

- Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)

- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.



P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!

This is the word of honor hacker



I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.



Do not hold evil! I just do my job.

Good luck.