Xfinity plant
Xfinity globe
Community Forum

SPAM from hacked friends email accounts ending with @ocn.ne.jp

New Poster

SPAM from hacked friends email accounts ending with @ocn.ne.jp

Lately I have been getting many emails from what looks like friends addresses.  But their not!

Two things I have noticed, 1)  none of them have subject lines, but most important is that they

all have the extension  .ocn.ne.jp      How can I block these extensions or better yet

send them pack to the pain in the butt that keeps sending them to me?

Expert

Re: SPAM from hacked friends email accounts ending with @ocn.ne.jp

It sounds like your friend's address has been "spoofed".  Spammers can make emails look like they come from an address when in fact they do not.  It's a ruse to get you to open the email.  If that is the case there is not much you can do about it other than alert your friend that it is going on.  They may need to check to make sure their account has not been compromised.  Since the sending domain is consistent, you could also try to set up a filter to block it.  In the new email format on the Inbox page, click on the gear icon in the upper right corner of the page, then on Settings>>>>>Filter rules.  Follow the prompts.

New Poster

Re: SPAM from hacked friends email accounts ending with @ocn.ne.jp

This is an incredibly old problem, decades old in fact.  The same bots from the 90s are running endless scripts churning out trillions of SPAM all over thre world using the NTT Communications Corporation network. If you trace the IPs of the gateways and where the SPAM originates from, it is NTT mail servers which is ocn.ad.jp. They do not care at all about security.  Spammers and anyone else that wants to simply sets up shop and owns their network.  The SPAM is legit, riding through unprotected, non-filtered mail servers.  You can try alerting abuse_support@ocn.ad.jp with full headers but expect generic replies with no action whatsoever.  

 

The problem could be your friend's mail account or your own mail account.  At some point, something raided a contacts list/address book and scripts kick out SPAM accordingly.  Expect SPAM for lifetime from that network unfortunately.