Estimado cliente:
Nos ponemos en contacto con usted para comunicarle que estamos recibiendo
quejas de usuarios, informándonos sobre accesos no autorizados a sus
sistemas informáticos desde su conexión a Internet con número 910***228.
La causa puede ser la presencia de algún virus o troyano, o una mala
configuración de sus equipos. Es muy importante que conozca que esta
posible infección también puede dañar sus propios sistemas informáticos.
Por este motivo, le sugerimos que proceda a revisar la seguridad de los
mismos.
En la página web de OSI (Oficina de Seguridad del Internauta) 'www.osi.es',
podrá encontrar herramientas de uso gratuito para el análisis de sus
sistemas, a las que podrá acceder a través de la siguiente dirección:
http://www.osi.es/herramientas-gratuitas.
Para cualquier consulta sobre el motivo de este mensaje, nos tiene a
su disposición en nuestra dirección de correo electrónico:
‘nemesys@telefonica.es’, indicando como
asunto (e-mail#N16-0724898-910***228-HACK)-Accesos a sistemas
informáticos de terceros en Internet
En espera de que esta situación se resuelva lo antes posible. A peticion mia me mandan un LOG. ------ Prueba
-----------------------------------------------------------------------
To whom it may concern,
Pursuant to Sony Interactive Entertainment LLC ("SIE") corporate policy,
the below IP addresses were blacklisted From using our services because SIE
detected activity that is abusive to our network services. In our
determination, the abusive activity was not related to velocity or volume
(many users behind the same IP address, i.e. NAT), but matched the specific
patterns of known abuse of our publicly available services. This abuse may
be the result of a computer on your network that has been compromised and
is participating in a botnet abuse of our services.
The following table of IP addresses, dates and times should help you
correlate the origin of the abusive activity. The time stamps are
approximate From our logs. The actual timing of the events depend on the
signature matched. It is very likely to have occurred both before, during
and following the times listed.
Approximate Time Range (UTC), IP Address, Reason
2016-11-15 21:39 ~ 2016-11-15 22:09 (UTC), 79.151.29.2, Account Takeover
Attempts
It is most likely the attack traffic is directed at one of the following
endpoints:
account.sonyentertainmentnetwork.com
auth.np.ac.playstation.net
auth.api.sonyentertainmentnetwork.com
auth.api.np.ac.playstation.net
These endpoints on our network are resolved by Geo DNS, so the IP addresses
they resolve to will depend on the originating IP address.
The destination port will be TCP 443.
Please take the necessary measures to correct the malicious activity From
the above-listed IP addresses as soon as possible to avoid any further
disruptions. If we were to remove any of these IP addresses From the
blacklist and subsequent abusive activity is detected, the IP address will
be promptly blacklisted again.
We thank you for your prompt attention to this matter. If you require
assistance or additional information please contact
snei-noc-abuse@am.sony.com and include the IP address in question.
Thank you
-------------------------------------------------------------------------------------- QUE HAGO...LE PASO EL ANTIVIRUS A LA PLAY 3 Y A LA PLAY 4 DE MI HIJO?
... Mostrar más