Here is the voice mail message:
https://www.indybay.org/uploads/2014/06/28/instructions_for_fabricating_foreclosure_documents.mp3
Voice Message
From +1 304 951 0269
6/12/14
—
From: soc [at] phishlabs.com
To: sfbay [at] indymedia.org, sfbay-web [at] lists.indymedia.org
Subject: [PL-182025] Confidential material on your site – hXXp://http://www.indybay.org/uploads/2014/03/22/wells-fargo-foreclosure-manual.pdf
Date: 6/12/14
Our company investigates computer crime incidents on behalf of banks and other companies.
We have discovered that your web site, http://www.indybay.org , is hosting material that is confidential in nature and bears the Wells Fargo name without authorization.
hXXp://http://www.indybay.org/uploads/2014/03/22/wells-fargo-foreclosure-manual.pdf
We kindly request that you remove this material as soon as possible.
If you believe we have contacted you in error, or if we can provide any assistance with this incident, please contact us and let us know.
Thank you for your assistance with this matter,
Eric George
PhishLabs Security Operations
soc [at] phishlabs.com
+1.202.386.6001
http://www.phishlabs.com/
—
From: soc [at] phishlabs.com
To: abuse [at] telx.com, ipadmin [at] telx.com, sfbay [at] indymedia.org, sfbay-web [at] lists.indymedia.org
Subject: [PL-182025] Unauthorized Material on your website: indybay.org / 192.235.78.70
Date: 6/25/14
Hello,
Our company investigates computer crime incidents on behalf of banks and other companies.
We have discovered that your web site, http://www.indybay.org , is hosting material (PDF file) that is confidential in nature and bears the Wells Fargo name without authorization.
Link to content:
http://www.indybay.org/uploads/2014/03/22/wells-fargo-foreclosure-manual.pdf
IP: 192.235.78.70
We kindly request that you remove this material as soon as possible.
If you believe we have contacted you in error, or if we can provide any assistance with this incident, please contact us and let us know.
Thank you for your assistance with this matter.
Regards,
Marnie King
PhishLabs Security Operations
soc [at] phishlabs.com
+1.202.386.6001
http://www.phishlabs.com/
—
From: soc [at] phishlabs.com
To: sfbay [at] indymedia.org, ipadmin [at] telx.com, namehost [at] worldnic.com, tie [at] telx.com, sfbay-web [at] lists.indymedia.org, abuse [at] telx.com
Subject: [PL-182025] Phishing hosted on http://www.indybay.org
Date: 6/27/14
Our company investigates computer crime incidents on behalf of banks and other companies.
A site containing unauthorized material was found to be operating on your network and displaying Wells Fargo material:
192.235.78.70 – j0.ramona.indybay.org
hXXp://http://www.indybay.org/uploads/2014/03/22/wells-fargo-foreclosure-manual.pdf
If possible, please provide the following information to assist our investigation:
– Web server and FTP server log files for the past several days
– Copies of all phishing files, hack tools, or other hacker files
Finally, we kindly request that you disable or remove the site as soon as possible.
If we have contacted you in error, or there is a better way for us to report this incident, please let us know.
Thank you for your assistance,
Israel Perez
PhishLabs Security Operations
soc [at] phishlabs.com
+1.202.386.6001
http://www.phishlabs.com/