Interesting SPAM from Chase Online / San Diego Law Enforcement / Transare Hosting

I received a SPAM email this morning that was made to appear like it came from Chase Online. I examined the raw source of the email. The click here link had a URL of:

http://www.chase.com.sdclef.com/colappmgr/colportal/prospect.php?_nfpb=change_form

Now sdclef.com is the San Diego Law Enforcement Foundation. It resolved to IP Address 70.87.14.82. www.chase.com.sdclef.com resolves to IP Address 62.73.5.20.

The whois output for sdclef.com is:

Domain Name Owner:
  JenCo US LLC
  1835A South Center City Blvd PO BOX 222
  Escondido, CA 92027
  US

Administrative Contact:
  Jensen, Stefan
  JenCo US LLC
  1835A South Center City Blvd PO BOX 222
  Escondido, CA 92027, US
  Phone: 760.489.7800
  Email: stefan@jenco.cc

Technical Contact:
  Jensen, Stefan
  JenCo US LLC
  1835A South Center City Blvd PO BOX 222
  Escondido, CA 92027, US
  Phone: 760.489.7800
  Email: stefan@jenco.cc

Billing Contact:
  Jensen, Stefan
  JenCo US LLC
  1835A South Center City Blvd PO BOX 222
  Escondido, CA 92027, US
  Phone: 760.489.7800
  Email: stefan@jenco.cc

Record Information:
  Domain Record Created: March 21, 2006
  Domain Record Updated: March 12, 2007
  Domain Record Expires: March 21, 2008

DNS Information:
  Name Server: ns1.transare.com
  Name Server: ns2.transare.com

On the about page of sdclef.com they have this:

The SDCLEF want to thank Adam Watson, Stefan Jensen and Mike Esani of Transare (www.transare.com) for donating their time and talent to the creation and maintenence of the site. We would also like to thank SDCLEF members Selene and Tom Baden for obtaining the donated services of Transare.

I sent an email to hosting@transare.com to let them know that someone is hijacking one of the domains that they are responsible for. I also called the contact number for sdclef ((619) 482-9544) and left a voice mail message.