• the Daily hi thread just say hi :)
  • All contentious threads including politics, religion, crime, immigration, laws, elections etc are banned & will be removed. There is still a Gun Related Politics section for relevant topics.

Does this look/sound dodgy

Nobodys Hero

Nobodys Hero

Super member
Joined
Jul 7, 2022
Messages
2,911
Reaction score
5,760
Location
Staffs
I had a twitter/X account many years ago, but can't remember my log in details or anything associated with it. Today I receive a genuine looking email supposedly from X saying my account has been accessed from Moscow & to review my account. The email address that sent this email to me was x@thecalvivault.com
I am no expert on these things, but that looks like a dodgy email address to me & not one from X.
Any thoughts?
 
Nobodys Hero said:
I had a twitter/X account many years ago, but can't remember my log in details or anything associated with it. Today I receive a genuine looking email supposedly from X saying my account has been accessed from Moscow & to review my account. The email address that sent this email to me was x@thecalvivault.com
I am no expert on these things, but that looks like a dodgy email address to me & not one from X.
Any thoughts?
Click to expand...

My rule is simple.

Any issue with my account with whoever, I will always go directly to that organisation via a route which is kosher.

Anything else is a gamble which I prefer to avoid.
Unsolicited Emails could be anyone - some quite sophisticated and convincing looking scams are out there.

Play safe, I suggest.
 
Byronic said:
My rule is simple.

Any issue with my account with whoever, I will always go directly to that organisation via a route which is kosher.

Anything else is a gamble which I prefer to avoid.
Unsolicited Emails could be anyone - some quite sophisticated and convincing looking scams are out there.

Play safe, I suggest.
Click to expand...

Wise Words (y)
 
Nobodys Hero said:
I had a twitter/X account many years ago, but can't remember my log in details or anything associated with it. Today I receive a genuine looking email supposedly from X saying my account has been accessed from Moscow & to review my account. The email address that sent this email to me was x@thecalvivault.com
I am no expert on these things, but that looks like a dodgy email address to me & not one from X.
Any thoughts?
Click to expand...
Right click and select junk
 
A lot of these emails, phone calls cand text messages are "shotgun" messages. That means they are computer generated, then sent to millions of addresses, often randomly made up, in the hope of hitting a target and registering a live account.
Think about it, you could dial almost any number you can dream up, and it's likely somebody will answer.
 
I wish I'd kept my checklist I created for work, saved hours.
These are some basic questions I do remember, every "Bad" is like a line on hangman

1. Were you expecting the email [No, is bad]
2. Is it specifically addressed to you [No, is bad]
3. Does it have some attachment [Yes, is bad]
4. Is it from an unknown address [Yes, is bad]
5. Does it want you to "click a link" [Yes, is bad]
6. Does it claim to be urgent [Yes, is bad]
7. Does it require you to log on somewhere [Yes, is bad]
8. Are there linked images (that do not obviously come from the legitimate site) [Yes, is bad]
9. Are there spelling or grammatical errors [Yes, is bad]
10. Is the "From" incorrect or masked [Yes, is bad]

In this example if the email is from the wrong domain that is (1 Bad), "To:" hidden, (2) not expected, (3), requires you to log on somewhere, (4), probably from a link they give (5), already that goes in the bin.

It is likely the email used for twitter, or handle has been picked up from some target list, probably from some hack.
Visit haveibeenpwned . com and see where it was scalped from, then consider if you have reused passwords elsewhere, fix that, as others may be trying to get access to other online resources to grab your accounts or identity.
Once you are on the list, it is better to assume the next few contacts will be similar attempts.
A good time to turn on multi factor and update passwords.
 

thecalvivault.com WHOIS Domain Name Lookup - Who.is

WHOIS lookup for thecalvivault.com. Find domain name registration, ownership, and technical information.
who.is who.is

thecalvivault.com WHOIS Domain Name Lookup - Who.is

WHOIS lookup for thecalvivault.com. Find domain name registration, ownership, and technical information.
who.is who.is

Whois Record for Thecalvivault.com
buffer.pgif

Domain Profile
Hostinger Operations, UAB HOSTINGER operations, UAB
IANA ID: 1636
URL: https://www.hostinger.com,http://www.hostinger.com
Whois Server: whois.hostinger.com
email.pgif

(p)
phone.pgif
clientTransferProhibited
250 days old
Created on 2025-01-29
Expires on 2026-01-29
Updated on 2025-03-31
NS1.DNS-PARKING.COM (has 8,396,180 domains)
NS2.DNS-PARKING.COM (has 8,396,180 domains)
172.66.0.70 - 104,879 other sites hosted on this server
United States
- California - San Francisco - Cloudflare Inc.
United States
AS13335 CLOUDFLARENET, US (registered Jul 14, 2010)
Registered And No Website
2 changes on 2 unique IP addresses over 0 years
1 change on 2 unique name servers over 0 year
[td]Registrar[/td] [td]Registrar Status[/td] [td]Dates[/td] [td]Name Servers[/td] [td]IP Address[/td] [td]IP Location[/td] [td]ASN[/td] [td]Domain Status[/td] [td]IP History[/td] [td]Hosting History[/td]
Whois Record ( last updated on 2025-10-06 )
Domain Name: THECALVIVAULT.COM
Registry Domain ID: 2954742660_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.hostinger.com
Registrar URL: https://www.hostinger.com
Updated Date: 2025-03-31T02:17:43Z
Creation Date: 2025-01-29T15:05:41Z
Registrar Registration Expiration Date: 2026-01-29T15:05:41Z
Registrar: Hostinger Operations, UAB
Registrar IANA ID: 1636
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: Domain Admin
Registrant Organization: Privacy Protect, LLC (PrivacyProtect.org)
Registrant Street: 10 Corporate Drive
Registrant City: Burlington
Registrant State/Province: MA
Registrant Postal Code: 01803
Registrant Country: US
Registrant Phone: +1.8022274003
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:
Registry Admin ID: Not Available From Registry
Admin Name: Domain Admin
Admin Organization: Privacy Protect, LLC (PrivacyProtect.org)
Admin Street: 10 Corporate Drive
Admin City: Burlington
Admin State/Province: MA
Admin Postal Code: 01803
Admin Country: US
Admin Phone: +1.8022274003
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email:
Registry Tech ID: Not Available From Registry
Tech Name: Domain Admin
Tech Organization: Privacy Protect, LLC (PrivacyProtect.org)
Tech Street: 10 Corporate Drive
Tech City: Burlington
Tech State/Province: MA
Tech Postal Code: 01803
Tech Country: US
Tech Phone: +1.8022274003
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email:
Name Server: ns1.dns-parking.com
Name Server: ns2.dns-parking.com
DNSSEC: Unsigned
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: +37064503378
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
 
Also copy paste the wording into a search engine, (removing anything personal to you) normally someone else will have got the exact same email, and asked for feedback.
This is especially important with bitcoin addresses, will show other exploits and likely scams.
 
You must log in or register to reply here.
Back
Top