File under '...really, Amazon?!'
In another example of Amazon's AWS abuse detection failing spectacularly, likely the same culprits behind last week's Tesco Voucher Giveaway scam have targeted Facebook users again -- this time with a "Timeline Removal Plugin" scam.
The scam seems to function thusly: victim clicks the link from a previous victim's event, creates a Facebook event with the same TinyURL in the Event description (containing a link to a Google Translate-wrapped AmazonAWS link) and so the cycle repeats. This doesn't involve the sharing feature, probably a technique Facebook locked down after last week's abuse.
Here are some screenshots of what will appear in your feed when a friend falls victim... Continue reading ""Tesco" Facebook scam returns, as Timeline Removal Plugin"
Earlier this week a PayPal phishing email dropped into one of my work inboxes. I usually delete them instantly, but I checked out the compromised URL -- and surprise surprise, it was a UK domain. "OK," I thought, "I can do something about this."
Little did I know that the problem - a hacked subdomain hosting PHP redirector files to HTML on other compromised domains, and a fairly simple one to fix in five minutes - still wouldn't be fixed by the web site owner a week later... Continue reading "If you knew your site had been hacked, would you do anything about it?"
A couple of years ago, Jeff Ventura blogged about a fairly cunning domain name scam originating from China, whereby owners of domain names would be contacted by a 'registrar' indicating that another company was trying to register domain names with Asian TLDs that matched their existing domain name. This died down for a while, but it's back again (and it doesn't seem to have changed at all). I received one of these emails myself last week for a company I work for; read more for all the gory details (including copypasta of the email conversation I had with "Lebron Zhu"). Sinohosting also reported on this when it first began to occur.
[Update, July 20: They're still at it, this time with a new name and company: James Hong, "Senior Consultant of domain name registration and solution center in china" and "one company which self-styled "Packs Co.,ltd" were applying to register [company name] as Network Brand
and following domain names".
If it walks like a duck, talks like a duck... [update ends]
From Jeff's blog entry;
This is clever and it took a bit of time to figure out the pathology. But there is one, and it's interesting. Continue reading "Chinese domain name prospecting scam - it's back"