Saturday, October 15, 2005
Saturday, September 10, 2005
Anti Spam Software
Sunday, July 24, 2005
July '05 Comment Spammers (week 4)
Anyone else want to post their spam?
- Author : slot machines (IP: 63.165.61.249 , 63.165.61.249)
URL : http://www.casino-results.com/slot-machines.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=63.165.61.249 - Author : casino game (IP: 203.166.96.239 , cache5.syd.ops.aspac.uu.net)
URL : http://www.specific-casino.com/casino-game.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=203.166.96.239 - Author : pacific poker deposit bonus (IP: 61.95.202.92 , dsl-KK-static-092.202.95.61.touchtelindia.net)
URL : http://www.2002sogwipo.com/pacific-poker.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=61.95.202.92 - Author : online craps (IP: 62.81.214.42 , sa628121442.mundivia.es)
URL : http://www.forever-casino.com/online-craps.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=62.81.214.42 - Author : craps table (IP: 81.240.255.226 , 81.240.255.226)
URL : http://www.casino-amusement.com/craps-table.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=81.240.255.226 - Author : strategy for texas holdem poker (IP: 203.74.175.36 , 203.74.175.36)
URL : http://www.atlantis-asia.com/texas-holdem.html
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=203.74.175.36 - forum spam pointing to http://mdptma.directmeds.biz/?wrckdlxwntvylictelzpouanwmi
- forum spam pointing to http://vnzsqk.igstatdlydm.info/?vK141g__FA6Lfj_ppipxnbmut
- forum spam pointing to http://uggjx.igstatdlydm.info/?GfIZIbaGQfNTquaffteac
- eBay phishing pointing to http://218.9.7.188/.../e3b/ whois suggests a Chinese domain.
Friday, July 08, 2005
July '05 Comment Spammers (week 2)
So, if you have someone posting on your site purely to get links into their own site, and the comments are spammy list their details here!
Thursday, July 07, 2005
Netsol, Netsolmail and NetsolHost
http:// 0046b05.netsolhost.com//bankofthewest/login/index.htm
not much to see for these guys but they're hosted by NETSOLMAIL.COM on 216.168.230.195. Now the IP apparantly has no websites but netsolmail is controlled by NETSOL.COM
The email itself was sent from VYTJRTACEPOHUGQANBRP@hotmail.com - I'm guessing they won't be checking that account in a hurry.
Tuesday, July 05, 2005
Popular Enterprises
Somebody out there thinks I'll actually believe there is such a thing as Sky Bank, yeah right, as in pie in the sky. Woops, no, I see there is such a bank. Dodgy name ;)
Back to the post... I got sent a phishing email from them today, asking me to update my security info...
- Their link: http://211.72.152.30 /.servlet/SignOnCustTypeRetailNLSEN.htm
- The readable link: https://connect.skyfi.com/servlet/SignOn?CustType=Retail&NLS=EN
quite different, but scarily similar.
The cheeky buggers even use a logo from the anti crime site: http://www.publiceyes.org/
I couldn't see anything definitive on that IP for now but it looks like the owner might be planning a Xoops site sometime soon ;)
Spend enough time looking around the system and you'll find the owner's email: simon_pan@p-and-j.com.tw and thew whois info for p-and-j.com.tw
which that takes us back to the USA
Administrator DNS
POPULAR ENTERPRISES, L.L.C. Domain Administration Department
5201 Kingston Pike Suite 6301
Knoxville, TN 37919 US
+1.4075409360
A Google search on the phone number comes up with popularenterprises.com and this forum post: Directi.com Replies to: [media] Pfizer to sue online sellers of fake Viagra.
Popular Enterprises have a basic front page and the links all go to Netster
I found out this about them on The Register...
Popular Enterprises has a history of purchasing expired domain names and directing them to its Netster search site
You'll also find another spam groups list of related domains for popularenterprises. So they are obviously well known.
NB: I've used a live link above so that anyone doing a back link check on them will find us, and our disapproval...
Friday, July 01, 2005
July '05 Alleged Spammers
The great thing is Google, MSN and co will index this blog like any other and when someone is trying to research who a user is this site will come up and they'll see that we weren't happy!
July Referral Spammers
In the meantime, bust them here!