Just received the following iTunes phish;
The phish is located on a compromised site at OVH (already reported);
The actual origin of the phish, was Novanetworks and frustratingly, the only address they list in the AS records - doesn't appear to exist;
Perhaps I'm just hard to understand, who knows. I phoned Novanetworks tech support, to find first, he thought I said my broadband wasn't working (I didn't), then asked it if was a sales call (nope, wrong again). Upon explaining again, I was asked for the email address it was sent to, gave that and advised it was a spam trap (for some reason this surprised him - I was asked why I'd want to receive spam, so explained and who I work for (seems he's not heard of Malwarebytes, which is curious)).
Explained yet again, and was asked for my name and number (could've sworn I'd provided my name at the beginning of the call) to which I was advised the details will be passed to "Dave" to be handled. This should be interesting!
The headers for those wondering;
Dave over at Novanetworks.ie has advised he's now fixed the hostmaster address.