There's been somewhat of an influx of Cahoot phishing spam today, with 62 in the last 4 hours alone, coming into my inbox. All with the same subject, and all containing links to 6 specific domains.
If you've been following the hpHosts additions today, you'll have already noticed they were added early this afternoon, and of course, I've already reported them to Cahoot, the hosting companies and of course, the registrar.
Subject: You have a new alert from Cahoot
18.104.22.168 (GoDaddy redirector)
22.214.171.124 (Limestone Networks)
You'll be pleased to hear, my friend at GoDaddy is in the office today so they'll not be staying online for long (some have already been taken down, with others going down as I write this).
The only one not registered through GoDaddy, is cahoot-gcm.com, which was registered through Yola (Tucows). You'll also not be surprised to hear that Limestone Networks, who are hosting these, have remained completely silent, doing absolutely nothing to get this site taken offline.
Registrant details used have been one of the following:
Name servers used have remained the same throughout, for those not going through the GoDaddy redirector IP.
Headers for all of the e-mails, for those wondering;
On the plus side, this prompted me to write a small update to the Outlook Export program (update was only an option to export e-mail headers, without exporting everything else, which saves time parsing files when I only want certain data).