I was texted a URL for a 'fake' website,masquerading as a USPS site, and protected by a LetsEncrypt certificate.
https://www.us-vbm.us/usps/addres
Does anybody care? Is there a reporting mechanism?
https://safebrowsing.google.com/safebrowsing/report_phish/
There are also 50+ topics on this forum discussing this topic:
https://community.letsencrypt.org/search?expanded=true&q=phishing
10 Likes
The whois can be found here https://whois.domaintools.com/us-bcz.us and here is some of the info
Domain Profile
Registrant REDACTED FOR PRIVACY (DT)
Registrant Country us
Registrar NameSilo, LLC
IANA ID: 1479
URL: www.namesilo.com
Whois Server: whois.namesilo.com
(p)
Registrar Status addPeriod, clientTransferProhibited
Dates Created on 2023-01-04
Expires on 2024-01-04
Updated on 2023-01-04
Name Servers NS1.DNSOWL.COM (has 1,784,531 domains)
NS2.DNSOWL.COM (has 1,784,531 domains)
NS3.DNSOWL.COM (has 1,784,531 domains)
Tech Contact REDACTED FOR PRIVACY (DT)
REDACTED FOR PRIVACY (DT),
REDACTED FOR PRIVACY (DT), CA, REDACTED FOR PRIVACY (DT), us
(p)
IP Address 15.235.125.251 - 14 other sites hosted on this server
IP Location Canada - Quebec - Montreal - Ovh Hosting Inc.
ASN Canada AS16276 OVH, FR (registered Feb 15, 2001)
Domain Status Never Registered Before
2 Likes
And NameSilo, LLC Abuse Reporting Procedures are here:
4 Likes
The certificate ensures I have established a secure connection to the actual https://us-vbm.us server.
I don't see any evidence that anyone other than the owner / operator (or parties authorized by the operator) of us-vbm.us has knowledge of the private key. So no LE policies have been violated.
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.