Subject: [44net] Suspected Spam or Phishing Request through the AMPR portal From: Elias Basse kd5jfe@gmail.com Date: 12/31/2015 02:17 PM

To: AMPRNet Working Group Email 44net@hamradio.ucsd.edu

All,

Received a strange request today for an allocation.

You have received a request for an IP allocation from: Name: Rickey Francis Email:Admin@abc-hosters.com mailto:Admin@abc-hosters.com Callsign: RSF8192

The request details are as follows: Type: user Network: 44.108.230.0 / 32 Connection: TUNNEL

Please note that this has an invalid callsign, email address that is a bit hard to believe, and this points to a hosting company somewhere.

Anyone have any ideas???

I Rejected it solely on the basis that it does not have a valid amateur radio callsign attached and I suspect that they are trying to use the address space for personal use (i.e. they are a hosting company) I only see one valid Rickey Francis in the QRZ database and that is in Washington state.

Has anyone else received any strange request via the portal?

Thanks!

Best Regards,

Elias Basse KD5JFE Lousiana Amprnet Coordinator

Was there no spammy message in the free text area of the request? (this is forwarded as a separate attachment by the portal)

Normally spammers use methods like this (filling in forms on websites) to spread some form of spam, at the minimum some URL of a website they want you to go to. But maybe in this case it was not spam or phishing but an attempt to get something registered. Some users are very confused about how to use the AMPR net.

Unfortunately when you do a reject on a portal request that fact is always mailed back to the e-mail contact, I have asked for a way to silently remove requests so invalid requests like this can be deleted without resulting in a mail to an innocent person or invoke another reply by the requester. I think it has not yet been implemented.

Rob