Computers & Electronics

Bell Internet Abuse Complaint Against Me!

  • Last Updated:
  • Aug 25th, 2016 4:39 pm
[OP]
Newbie
Aug 20, 2016
1 posts

Bell Internet Abuse Complaint Against Me!

I received the following email from bell (personal info censored out):
---------- Original Message ----------
From: "abuse@bell.ca" <abuse@bell.ca>
To: **************
Date: August 15, 2016 at 10:28 AM
Subject: Ongoing: Network Abuse Complaint - Scan & Secure Systems (*********)

Reference Bell Internet ID: *************

Greetings ****,

Despite our previous notice, the Bell Internet Abuse Dept. continues to
receive complaints (example below) indicating that a device or computer
systems operating behind your Bell internet account is affected by an
insecurity (virus/malware infection) and open to exploitation.

To prevent your systems from being used without your knowledge, we
recommend that you perform virus and malware scans on all your
computers, and ensure Microsoft Windows is secured with up to date
security patches. If you are unable to diagnose and resolve the problem
we suggest you consult a computer savvy friend or certified technician.

On the date specified in the report (2016-08-12), the Bell IP address
********* was assigned to your internet account. If additional
complaints of this nature are received we may have no choice but to
suspend the internet service until the problem is resolved. Due to this
activity, Bell IP space has been blocked causing impact on other
customers.

If you do not have anti-virus software installed, Bell Internet provides
McAfee Security software free with your internet service. To activate
and install McAfee Security from Bell on your computers, visit the
following link:

http://support.bell.ca/Internet/Securit ... y-computer

You can also perform a free online virus scan by visiting:

http://housecall.trendmicro.com/

We thank you for your cooperation in this matter and trust that you will
comply with our policies in using our service.

Regards,

*****
Internet Abuse Analyst
Bell Internet
abuse@bellnet.ca / abuse@bell.ca


[ Complaint ]

Original Message Follows:
------------------------

Dear Bell Canada,

Pursuant to Sony Network Entertainment International LLC ("SNEI")
corporate policy, the below IP addresses were blacklisted because SNEI
detected activity that is abusive to our network services. This abuse
may be the result of a computer on your network that has been
compromised and is participating in a botnet or virus infected.

The following table of IP addresses, dates and times should help you
correlate the origin of the abusive activity. The destination port will
be ***.

Please take the necessary measures to correct the malicious activity
from the below-listed IP addresses as soon as possible to avoid any
further disruptions.

Approximate Time Range (UTC), IP Address, Reason

2016-08-12 11:50 ~ 2016-08-12 12:20 (UTC), *********, Account
Takeover Attempts
Anyone know what this notice is about? I did a search and it doesn't seem like other people are getting this message.

I currently am running Avast antivirus and have scanned my PC with malwarebytes and nothing is showing up.

Anyone know how to fix this? Is it advisable to reply to this kind of email to try and work with bell on finding a solution?

Thanks,
12 replies
Deal Addict
Jun 8, 2005
2793 posts
329 upvotes
Toronto
Some device on your network is misbehaving. Possibly compromised by malware. Could be your router itself.
Sr. Member
Jul 1, 2009
711 posts
133 upvotes
I would call them. That way they have a record that you tried to fix the problem in the future. I've had this happen before many years ago. Called Rogers, spoke to a rep, did everything they said to do (which was nothing because everything was set up properly), and never heard from them again.
Deal Fanatic
User avatar
Mar 17, 2006
6211 posts
4680 upvotes
North York
Panhyper wrote:
Aug 21st, 2016 9:42 pm
I received the following email from bell (personal info censored out):
---------- Original Message ----------
From: "abuse@bell.ca" <abuse@bell.ca>
To: **************
Date: August 15, 2016 at 10:28 AM
Subject: Ongoing: Network Abuse Complaint - Scan & Secure Systems (*********)

Reference Bell Internet ID: *************

Greetings ****,

Despite our previous notice, the Bell Internet Abuse Dept. continues to
receive complaints (example below) indicating that a device or computer
systems operating behind your Bell internet account is affected by an
insecurity (virus/malware infection) and open to exploitation.

To prevent your systems from being used without your knowledge, we
recommend that you perform virus and malware scans on all your
computers, and ensure Microsoft Windows is secured with up to date
security patches. If you are unable to diagnose and resolve the problem
we suggest you consult a computer savvy friend or certified technician.

On the date specified in the report (2016-08-12), the Bell IP address
********* was assigned to your internet account. If additional
complaints of this nature are received we may have no choice but to
suspend the internet service until the problem is resolved. Due to this
activity, Bell IP space has been blocked causing impact on other
customers.

If you do not have anti-virus software installed, Bell Internet provides
McAfee Security software free with your internet service. To activate
and install McAfee Security from Bell on your computers, visit the
following link:

http://support.bell.ca/Internet/Securit ... y-computer

You can also perform a free online virus scan by visiting:

http://housecall.trendmicro.com/

We thank you for your cooperation in this matter and trust that you will
comply with our policies in using our service.

Regards,

*****
Internet Abuse Analyst
Bell Internet
abuse@bellnet.ca / abuse@bell.ca


[ Complaint ]

Original Message Follows:
------------------------

Dear Bell Canada,

Pursuant to Sony Network Entertainment International LLC ("SNEI")
corporate policy, the below IP addresses were blacklisted because SNEI
detected activity that is abusive to our network services. This abuse
may be the result of a computer on your network that has been
compromised and is participating in a botnet or virus infected.

The following table of IP addresses, dates and times should help you
correlate the origin of the abusive activity. The destination port will
be ***.

Please take the necessary measures to correct the malicious activity
from the below-listed IP addresses as soon as possible to avoid any
further disruptions.

Approximate Time Range (UTC), IP Address, Reason

2016-08-12 11:50 ~ 2016-08-12 12:20 (UTC), *********, Account
Takeover Attempts
Anyone know what this notice is about? I did a search and it doesn't seem like other people are getting this message.

I currently am running Avast antivirus and have scanned my PC with malwarebytes and nothing is showing up.

Anyone know how to fix this? Is it advisable to reply to this kind of email to try and work with bell on finding a solution?

Thanks,
Just because you have anti-virus and malwarebytes, doesn't mean you have been completely safe from virus/malwares.
What I can tell you is that your computer/network is hacked. And hacker has been using your network to do some illegals.

Your next step should be calling Bell, tell them the situation, ask them to change your IP, reset the router/modem. Same with your personal router, if you have any. This is the case if the hacker has been able to hack your router.
Assuming the worst, your computer has also been hacked. After all your modem/router has been reset, try reformatting your computers, do fresh installations again. And change passwords to the logins of all your bank, paypal, emails, etc.
AND KEEP WATCH of WEIRD ACTIVITIES on your bank account for the next few months.
Deal Addict
Aug 13, 2007
4276 posts
571 upvotes
Tell Bell to send their tech out and figure it out if it's bothering them so much. He won't be able to do anything, but at least it shows you made an effort and have nothing to hide.
Deal Addict
User avatar
Mar 28, 2006
2470 posts
888 upvotes
Toronto
If you're on Windows, run ZenMap and completely scan your LAN for all devices in your NAT'd range if you're behind a router.

You should be able to isolate any rogue IPs from there.
Member
Sep 9, 2015
279 posts
76 upvotes
Scarborough, ON
How do we know that OP isn't actually doing some suspicious internet stuff intentionally and is coming here for advice?
Deal Addict
Nov 15, 2013
3502 posts
1233 upvotes
Toronto
I got one of those complaints from Rogers once. My sister managed to get a really nasty virtus on our computer. I had to do a virus scan that ran before boot to get rid of it. Seemed to work as I never heard back from Rogers after I assured them that I ran two virus scans(including the pre-boot one) so that they'd switch it back on.
Deal Fanatic
User avatar
Oct 8, 2006
5145 posts
362 upvotes
Yeah sounds like a virus/hacked/botnet or something like that. And perhaps it's sending DDOS attacks or something. It can be difficult to figure out which computer is causing it. If your willing to just be safe and format them all, that's the easiest step. Just back-up only your personal files and re-install everything else. And make sure your getting files from good sources.
Kherani wrote:
Aug 24th, 2016 12:24 pm
Tell Bell to send their tech out and figure it out if it's bothering them so much. He won't be able to do anything, but at least it shows you made an effort and have nothing to hide.
I don't think a tech will do anything as it is your computer and not their system problem. They may just tell you to format and reinstall.
Deal Fanatic
User avatar
Mar 17, 2006
6211 posts
4680 upvotes
North York
rainyeyes wrote:
Aug 24th, 2016 4:44 pm
How do we know that OP isn't actually doing some suspicious internet stuff intentionally and is coming here for advice?
good question. but other hack forums are probably more appropriate and helpful.
Sounds like OP doesn't know much about hacking or being hacked.
But I might be a fool being played by OP. Whose nose
Deal Addict
Sep 19, 2009
1261 posts
302 upvotes
Toronto
Considering that the complaint comes from "Sony Network Entertainment International LLC" most-likely it is a copyright infringement claim which they cannot prove / enforce in Canada and that is why they call it "activity that is abusive to our network services". Ask Bell for the technical details of that "activity that is abusive".
Deal Addict
Feb 16, 2006
3801 posts
980 upvotes
Vancouver
How ironic. Remember way back when..... Sony installed rootkits off their music CD's.
Deal Guru
User avatar
Jul 27, 2006
10738 posts
648 upvotes
Scarborough
andrew4321 wrote:
Aug 25th, 2016 12:38 pm
Considering that the complaint comes from "Sony Network Entertainment International LLC" most-likely it is a copyright infringement claim which they cannot prove / enforce in Canada and that is why they call it "activity that is abusive to our network services". Ask Bell for the technical details of that "activity that is abusive".
Or Sony Networks have been struck by DDOS attacks and a computer on this users network is being used to conduct those attacks.

Top