About emails impersonating Path Network
J. Hellenthal
jhellenthal at dataix.net
Tue Feb 7 16:56:42 UTC 2023
Your only option is to monitor the generic tld's atp and register them yourself. Clone attacks are real, impersonation has been around since centuries and yes, its an attack vector but only impacting your customers. There is a vector you can pursue, its action by lawsuit. Would you rather pay the registration of the domain or would you rather pay the retainer costs of lawyers ...
This is what the free web permits. Your only choice at this point is the retainer fee and intergovernmental practices.
PeeringDB may be able to implement different practices but I have a pretty good feeling they are at their wits end to void practices that impact its "yellow pages" service.
> On Feb 7, 2023, at 10:37, Rafael Possamai <rafael at thinkpad.io> wrote:
>
> I've found this article before and implemented it for domains that we own, but do not use for e-mail purposes. https://www.gov.uk/guidance/protect-domains-that-dont-send-email
>
> Might be worth checking it out.
>
> Cheers,
> Rafael
>
> ----- Original message -----
> From: Konrad Zemek <konrad at zemek.io>
> To: nanog at nanog.org
> Subject: About emails impersonating Path Network
> Date: Monday, February 06, 2023 12:25
>
> Hi Nanog,
>
> It looks like someone with an axe to grind against our company has decided to email every AS contact they could find on PeeringDB, impersonating us and sometimes spoofing our domains.
>
> We're aware of the emails and are sorry for the inconvenience. We've since added SPF records to the domains we own but don't use (the perps have since name-squatted some new ones). We're also actively working with law enforcement on the matter.
>
> Thanks
> Konrad Zemek
> CTO Path Network
> AS396998
--
J. Hellenthal
The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.
More information about the NANOG
mailing list