IP 159.223.32.136 is known to be associated with spam/phishing attempts. got blackmail $666
2026/03/16 16:25
瀏覽0
迴響0
推薦0
引用0
on 3/3/2026 received 2 same fraud and black emails for us$600, $666 and 3/13 received again, as below: Received: from 159.223.32.136 (EHLO fortune-daily.com) by 10.220.167.226 with SMTP; Fri, 13 Mar 2026 04:49:47 +0000
from [my email address] to [my email address]
Date: Fri, 13 Mar 2026 04:49:46 +0000
You're a thought that is boundless.
Ok. I don't have much time, so let's get straight to the point.
I want to make you an offer that you can refuse, but only once.
Here's what I have:
Your complete personal information: full name, date of birth, home address.
Your social security number and driver's license details.
All your email account login credentials, including this account.
Other login details and your private messages.
A multitude of files found on your devices.
Access to your bank accounts.
The details of your credit cards: number, expiry date, and cvv.
I have compiled this entire package into a single folder. I can and intend to do two things with it. It is up to you to decide which one:
I will send this entire package to darknet markets, where other criminals will buy it.
It is unknown how they will use this information. They may purchase something illegal in your name, or they may not, but you will definitely not like it.
Or you can buy it from me for a small fee of 600 usd.
Changing the entire package of documents and data is very expensive, very time-consuming, and unsafe.
I already know that you have just read this text. Do not try to ignore this.
I only accept payment in bitcoins at the exchange rate at the time of transfer.
Transfer money here: 141sJr3369J5PGDMMd6jBja8XZ1oN45g37
After payment, I will delete the folder containing your data, and you can continue living as before or, if you don't trust me, take your time changing all your data. It's more profitable for me if you pay me. It's easier and better for everyone.
This is a unique offer. Take advantage of it. I will wait for 1 day.
on 3/3/2026 Google searched [how to block 159.223.32.136] so i did
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs.
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136.
Select Block the connection and apply the rule to all profiles (Domain, Private, Public).
until today cant but searched [Windows Firewall blocked 159.223.32.136, why still received fraud email sent from 159.223.32.136 (EHLO fortune-daily.com) ?] Receiving a fraud email from a blocked IP address like
159.223.32.136 even after blocking it in Windows Firewall is expected because Windows Firewall only controls traffic directly entering or leaving your computer, not the traffic passing through your Internet Service Provider (ISP) or email server, say security analysts.
Here is why this occurs and how to handle it:
Email Bypasses Local Firewall:
When someone sends you an email, it goes from their server to your
email provider (e.g., Gmail, Outlook, Yahoo) and then to your device.
Windows Firewall cannot block emails at your provider's server level.
IP Blocking Limitations:
Blocking an IP in Windows Firewall prevents that machine from making a
direct connection (like a web visit or remote desktop connection) to
your computer. However, it does not prevent them from sending you an
email that your email provider’s security checks failed to catch,
explains a cybersecurity expert.
Spoofing & Scam Tactics: The email likely used fortune-daily.com
to make the phishing attempt look legitimate. Fraudsters frequently use
similar IP addresses and fake sender names to trick users into clicking
malicious links or calling fake support numbers.
Recommended Actions:
Do Not Interact: Do not click links or reply to the email.
Mark as Spam/Phishing:
Use your email client's "Report Phishing" or "Mark as Spam" feature.
This updates your email provider’s filters to block future messages.
Run a Full System Scan: Use Windows Defender or a tool like Malwarebytes to ensure no malicious code was installed.
The IP 159.223.32.136 is known to be associated with spam/phishing attempts.
--obviously my email provider cant stop it any more, the received date on 3/12/2026.
searched [can i block me (my email address) sent to (my email address) ?] (last time i also searched and the answear was NO) Yes, you can block your own email address from appearing in your inbox, though you cannot stop a scammer from trying to send them. These messages are almost always spoofing, where spammers fake the "From" address to look like it came from you. Here are the best ways to handle this in your email client:
1. Create a Filter/Rule (Recommended)
This is the most effective way to prevent these emails from reaching your inbox.
Gmail:
Open Gmail in a browser.
In the search box, click the Show search options icon (three horizontal lines).
In the From field, enter your email address.
Click Create filter.
Check Delete it (or "Skip the Inbox (Archive it)" if you want to keep them).
Click Create filter.
Outlook: Create a rule that moves emails from your own address to the Junk Email folder, or deletes them entirely.
-- added fraud-me begins with my-email (without @xxx.yyy), wait to see whether it works. i also added news contains news but didnt stop receiveing newsletterxxxx@yyy.zzz so added newsletter begins with newsletter but still receive newsletterxxxx@yyy.zzz . am i mistake about the filter rules?
searched [can i block 159.223.32.136 ?](daily received newsletterxxx@yyy.zzz from 159.223.32.136 (EHLO mail386.institut-aob.com) )The IP 159.223.32.136 appears to be hosted on DigitalOcean, a popular cloud provider, and is frequently flagged in threat intelligence lists.
Open Command Prompt as Administrator.
Run the following command:
netsh advfirewall firewall add rule name="Block 159.223.32.136" dir=in action=block remoteip=159.223.32.136
To block outgoing traffic as well, run it again with dir=out.
[what is mail386.institut-aob.com ?] Based on typical phishing patterns, mail386.institut-aob.com appears to be a fraudulent subdomain used in phishing or scam email campaigns. It is likely designed to look like a legitimate entity—possibly imitating financial services (like AIB) or an educational/professional institution (like an "AOB" board) to steal
private information.
2. Mark as Spam/Junk
Gmail/Outlook:
Manually mark these emails as "Spam" or "Junk". This teaches your email
provider to filter similar future messages automatically.
3. Check for Actual Compromise
While usually, these are fake, it is wise to verify your account security.
Check Activities: Go to your Microsoft Account Activity page or Google Security Checkup to ensure no one else is actually using your account.
4. What Not To Do
Do not click any links inside these emails, as they are likely phishing attempts.
Do not reply to the emails.
Note:
In some scenarios, you may not be able to "block" your own address in
the traditional sense, but the filter/delete rule mentioned above serves
the same purpose.
from [my email address] to [my email address]
Date: Fri, 13 Mar 2026 04:49:46 +0000
You're a thought that is boundless.
Ok. I don't have much time, so let's get straight to the point.
I want to make you an offer that you can refuse, but only once.
Here's what I have:
Your complete personal information: full name, date of birth, home address.
Your social security number and driver's license details.
All your email account login credentials, including this account.
Other login details and your private messages.
A multitude of files found on your devices.
Access to your bank accounts.
The details of your credit cards: number, expiry date, and cvv.
I have compiled this entire package into a single folder. I can and intend to do two things with it. It is up to you to decide which one:
I will send this entire package to darknet markets, where other criminals will buy it.
It is unknown how they will use this information. They may purchase something illegal in your name, or they may not, but you will definitely not like it.
Or you can buy it from me for a small fee of 600 usd.
Changing the entire package of documents and data is very expensive, very time-consuming, and unsafe.
I already know that you have just read this text. Do not try to ignore this.
I only accept payment in bitcoins at the exchange rate at the time of transfer.
Transfer money here: 141sJr3369J5PGDMMd6jBja8XZ1oN45g37
After payment, I will delete the folder containing your data, and you can continue living as before or, if you don't trust me, take your time changing all your data. It's more profitable for me if you pay me. It's easier and better for everyone.
This is a unique offer. Take advantage of it. I will wait for 1 day.
on 3/3/2026 Google searched [how to block 159.223.32.136] so i did
Open Windows Defender Firewall with Advanced Security.
Click Inbound Rules > New Rule.
Choose Custom > All programs.
Under scope, in "Which remote IP addresses does this rule apply to", select These IP addresses and click Add.
Type in 159.223.32.136.
Select Block the connection and apply the rule to all profiles (Domain, Private, Public).
until today cant but searched [Windows Firewall blocked 159.223.32.136, why still received fraud email sent from 159.223.32.136 (EHLO fortune-daily.com) ?] Receiving a fraud email from a blocked IP address like
159.223.32.136 even after blocking it in Windows Firewall is expected because Windows Firewall only controls traffic directly entering or leaving your computer, not the traffic passing through your Internet Service Provider (ISP) or email server, say security analysts.
Here is why this occurs and how to handle it:
Email Bypasses Local Firewall:
When someone sends you an email, it goes from their server to your
email provider (e.g., Gmail, Outlook, Yahoo) and then to your device.
Windows Firewall cannot block emails at your provider's server level.
IP Blocking Limitations:
Blocking an IP in Windows Firewall prevents that machine from making a
direct connection (like a web visit or remote desktop connection) to
your computer. However, it does not prevent them from sending you an
email that your email provider’s security checks failed to catch,
explains a cybersecurity expert.
Spoofing & Scam Tactics: The email likely used fortune-daily.com
to make the phishing attempt look legitimate. Fraudsters frequently use
similar IP addresses and fake sender names to trick users into clicking
malicious links or calling fake support numbers.
Recommended Actions:
Do Not Interact: Do not click links or reply to the email.
Mark as Spam/Phishing:
Use your email client's "Report Phishing" or "Mark as Spam" feature.
This updates your email provider’s filters to block future messages.
Run a Full System Scan: Use Windows Defender or a tool like Malwarebytes to ensure no malicious code was installed.
The IP 159.223.32.136 is known to be associated with spam/phishing attempts.
--obviously my email provider cant stop it any more, the received date on 3/12/2026.
searched [can i block me (my email address) sent to (my email address) ?] (last time i also searched and the answear was NO) Yes, you can block your own email address from appearing in your inbox, though you cannot stop a scammer from trying to send them. These messages are almost always spoofing, where spammers fake the "From" address to look like it came from you. Here are the best ways to handle this in your email client:
1. Create a Filter/Rule (Recommended)
This is the most effective way to prevent these emails from reaching your inbox.
Gmail:
Open Gmail in a browser.
In the search box, click the Show search options icon (three horizontal lines).
In the From field, enter your email address.
Click Create filter.
Check Delete it (or "Skip the Inbox (Archive it)" if you want to keep them).
Click Create filter.
Outlook: Create a rule that moves emails from your own address to the Junk Email folder, or deletes them entirely.
-- added fraud-me begins with my-email (without @xxx.yyy), wait to see whether it works. i also added news contains news but didnt stop receiveing newsletterxxxx@yyy.zzz so added newsletter begins with newsletter but still receive newsletterxxxx@yyy.zzz . am i mistake about the filter rules?
searched [can i block 159.223.32.136 ?](daily received newsletterxxx@yyy.zzz from 159.223.32.136 (EHLO mail386.institut-aob.com) )The IP 159.223.32.136 appears to be hosted on DigitalOcean, a popular cloud provider, and is frequently flagged in threat intelligence lists.
Open Command Prompt as Administrator.
Run the following command:
netsh advfirewall firewall add rule name="Block 159.223.32.136" dir=in action=block remoteip=159.223.32.136
To block outgoing traffic as well, run it again with dir=out.
[what is mail386.institut-aob.com ?] Based on typical phishing patterns, mail386.institut-aob.com appears to be a fraudulent subdomain used in phishing or scam email campaigns. It is likely designed to look like a legitimate entity—possibly imitating financial services (like AIB) or an educational/professional institution (like an "AOB" board) to steal
private information.
2. Mark as Spam/Junk
Gmail/Outlook:
Manually mark these emails as "Spam" or "Junk". This teaches your email
provider to filter similar future messages automatically.
3. Check for Actual Compromise
While usually, these are fake, it is wise to verify your account security.
Check Activities: Go to your Microsoft Account Activity page or Google Security Checkup to ensure no one else is actually using your account.
4. What Not To Do
Do not click any links inside these emails, as they are likely phishing attempts.
Do not reply to the emails.
Note:
In some scenarios, you may not be able to "block" your own address in
the traditional sense, but the filter/delete rule mentioned above serves
the same purpose.
你可能會有興趣的文章:
- 万芾“花鸟世界”中的二十四节气:惊蛰; 桂林无菜单小店凭三道菜走红,尼克松曾光顾--香辣干锅牛蛙 牛排 黄焖鸡 更新3/12/2026
- 中金发布中国月工资收入等级表,深圳人看完沉默了--feed back
- 新墨西哥州检方重启对美国本土“萝莉岛”调查--爱泼斯坦购置的未成年性犯罪牧场在首府圣菲附近 性侵未成年少女 and 两名外国女孩的尸体
- 所有人都坐在椅子边缘,不是盯数据--也不是盯美联储,而是盯下一个被AI“打掉”的行业是谁 所有人都怕自己是最后一个逃的
- 2/2/2026 found our 1st renter in 2013-2014 ordered package sent to our address, we left 11am then water company declared 2/2 1pm abnormal using 1220Gallons/hr till 2/4 turned off water valve
- 中国新发现颠覆对东亚旧石器时代文化和技术传统认知--距今约16万年至7.2万年的旧石器时代河南省南阳市淅川县的西沟遗址;我用<周易>算出了夏朝的都城位置,结果是不是你想的?
限會員,要發表迴響,請先登入
