We have received three emails from the US Department of Justice Victim
Notification System to our ARIN POC address advising us that we may be
the victim of a crime. Headers look legit.
We have been frustrated in trying to follow the rabbit hole to get any
useful information. we've jumped through hoops to get passwords that
don't work and attempted to navigate a voice-mail system that resembles
the "twisty maze of passages all different" from an old text adventure
This *seems* to be legit, and I would think that the end result is
likely to be a list of IP addresses associated with infected hosts.
Has anyone else received the email? Is it legit? If so has anyone
successfully navigated the maze, and if so how? Is it worth it?
(And why don't they just send the list of infected IPs to the ARIN
contact in the first place?)