2019年01月06日

詐欺メール【Amazon】"Amazoneプライムのお支払いにご指定のクレジットカード有効期限が切れています!"が届く

 Amazon.co.jpを騙るメールが届きました。
 送信者のメールアドレスがAmazonではないのと本文の後ろに中国語で書かれていることから直ぐにわかりました。
 フィッシング対策協議会とAmazonには既に報告済みです。
 フィッシングサイトの"http://www.asmszon-op.com/"はまだ稼働しています。
 サーバーの所在地はSouth Africa Western Cape Cape Townであり、IPアドレスも"45.195.203.58"でAfrican Network Information Centerを示しています。
 whoisからドメインは1/5にGoDaddyのChinaで取得しており、直ぐに利用されたことがわかります。

 Return-pathや送信者からでは<renrou03@b27.coreserver.jp>とあることからGMO系のレンタルサーバーからのように見えますが、メールヘッダーからの経路では
"from no-data (HELO hnlsx) (renrou03@b27.coreserver.jp@60.29.3.61) by b27.coreserver.jp with SMTP"
とあることからcoreserver.jpは経由地であり、実際にはIPアドレス"60.29.3.61"のChinaからと思われます。

本文

お支払い方法の情報を更新してください。Update default card for your membership.
Amazon.com
マイストア | タイムセール | ギフト券


hogehoge様

Amazonプライムをご利用頂きありがとうございます。お客様のAmazonプライム会員資格は、2019/01/06に更新を迎えます。お調べしたところ、会費のお支払いに使用できる有効なクレジットカードがアカウントに登録されていません。クレジットカード情報の更新、新しいクレジットカードの追加については以下の手順をご確認ください。
アカウントサービスからAmazonプライム会員情報を管理するにアクセスします。
Amazonプライムに登録したAmazon.co.jpのアカウントを使用してサインインします。
左側に表示されている「現在の支払方法」の下にある「支払方法を変更する」のリンクをクリックします。
有効期限の更新または新しいクレジットカード情報を入力してください。
Amazonプライムを継続してご利用いただくために、会費のお支払いにご指定いただいたクレジットカードが使用できない場合は、アカウントに登録されている別 のクレジットカードに会費を請求させて頂きます。会費の請求が出来ない場合は、お客様のAmazonプライム会員資格は失効し、特典をご利用できなくなります。

Amazon.co.jpカスタマーサービス
sp.gif
支払方法の情報を更新する
sp.gif
Dear hogehoge,

Your Amazon Prime membership is set to renew on 2017/12/07. Unfortunately, we've noticed that we do not have a valid card registered for your payment of Prime membership fee. To update the default card and/or add new credit card information, please follow these steps:
Go to “Manage Prime Membership" from Your Account
Sign in your Prime account
Click the "Edit payment method" text link underneath "Preferred Payment Method"
Follow the on-screen instructions to update your card or choose a different one
We will charge other active cards associated with your Amazon account if we can't charge your default card. If we can't process the charge for your membership fee, your Amazon Prime membership will end, and you will lose access to Prime benefits.





尊敬的 hogehoge

感谢您使用亚马逊Prime。您的亚马逊Prime会员资格将于2017/12/07.更新。但是您指定支付会费的信用卡将在会员资格更新之前到期。请您按照以下程序指定新的信用卡。
进入“管理亚马逊Prime会员信息"我的帐户。
请使用亚马逊Prime注册时的Amazon.co.jp帐户登录。
请链接左侧显示的「现在的支付方式」下面的「修改支付方式」。
请输入更新的有效期或者新的信用卡信息。
为了保持您的亚马逊Prime会员资格有效,当您指定的会费支付信用卡无法使用时,我们将从您帐户中登记的其他信用卡收取。如果会费无法收取,您的亚马逊Prime会员资格将失效,您将无法享受特权优惠。

Amazon.co.jp客服中心

whois

ASMSZON-OP.COM - ドメイン名・IPアドレス検索 (ANSI Whois) - Asuka.IO
https://ja.asuka.io/whois/asmszon-op.com

Domain Name: ASMSZON-OP.COM
Registry Domain ID: 2349842965_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2019-01-05T15:09:37Z
Creation Date: 2019-01-05T15:09:36Z
Registry Expiry Date: 2020-01-05T15:09:36Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: 480-624-2505
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS63.DOMAINCONTROL.COM
Name Server: NS64.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-01-06T04:00:01Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

Domain Name: asmszon-op.com
Registry Domain ID: 2349842965_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2019-01-05T15:09:37Z
Creation Date: 2019-01-05T15:09:36Z
Registrar Registration Expiration Date: 2020-01-05T15:09:36Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registrant Organization:
Registrant State/Province: Anhui
Registrant Country: CN
Registrant Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=asmszon-op.com
Admin Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=asmszon-op.com
Tech Email: Select Contact Domain Holder link at https://www.godaddy.com/whois/results.aspx?domain=asmszon-op.com
Name Server: NS63.DOMAINCONTROL.COM
Name Server: NS64.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2019-01-06T04:00:00Z <<<

For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en

Notes:

IMPORTANT: Port43 will provide the ICANN-required minimum data set per
ICANN Temporary Specification, adopted 17 May 2018.
Visit https://whois.godaddy.com to look up contact data for domains
not covered by GDPR policy.

The data contained in GoDaddy.com, LLC's WhoIs database,
while believed by the company to be reliable, is provided "as is"
with no guarantee or warranties regarding its accuracy. This
information is provided for the sole purpose of assisting you
in obtaining information about domain name registration records.
Any use of this data for any other purpose is expressly forbidden without the prior written
permission of GoDaddy.com, LLC. By submitting an inquiry,
you agree to these terms of usage and limitations of warranty. In particular,
you agree not to use this data to allow, enable, or otherwise make possible,
dissemination or collection of this data, in part or in its entirety, for any
purpose, such as the transmission of unsolicited advertising and
and solicitations of any kind, including spam. You further agree
not to use this data to enable high volume, automated or robotic electronic
processes designed to collect or compile this data for any purpose,
including mining this data for your own personal or commercial purposes.

Please note: the registrant of the domain name is specified
in the "registrant" section. In most cases, GoDaddy.com, LLC
is not the registrant of domain names listed in this database.

60.29.3.61

60.29.3.61 - ドメイン名・IPアドレス検索 (ANSI Whois) - Asuka.IO
https://ja.asuka.io/whois/60.29.3.61

% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '60.29.2.0 - 60.29.5.255'

% Abuse contact for '60.29.2.0 - 60.29.5.255' is 'hqs-ipabuse@chinaunicom.cn'

inetnum: 60.29.2.0 - 60.29.5.255
netname: ChengKuan-CO-TJ
country: CN
descr: ChengKuan Network Company
admin-c: HZ19-AP
tech-c: HZ19-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNCGROUP-TJ
last-modified: 2008-09-04T07:13:34Z
source: APNIC

person: huang zheng
nic-hdl: HZ19-AP
e-mail: tj-ipaddr3@chinaunicom.cn
address: 76 NO, ShiZiLin Street ,HeBei district of Tianjin,China
phone: +86-22-24459190
fax-no: +86-22-24454499
country: CN
mnt-by: MAINT-CNCGROUP-TJ
last-modified: 2012-07-13T05:56:27Z
source: APNIC

% Information related to '60.28.0.0/15AS4837'

route: 60.28.0.0/15
descr: CNC Group CHINA169 Tianjin Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-09-04T07:54:44Z
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-46 (WHOIS-JP4)

この記事へのコメント
コメントを書く
お名前:

メールアドレス:

ホームページアドレス:

コメント: [必須入力]

認証コード: [必須入力]


※画像の中の文字を半角で入力してください。
※ブログオーナーが承認したコメントのみ表示されます。
この記事へのトラックバックURL
http://blog.sakura.ne.jp/tb/185335612
※ブログオーナーが承認したトラックバックのみ表示されます。
※言及リンクのないトラックバックは受信されません。

この記事へのトラックバック