Spam, scams, phishing etc Archives

"Tesco" Facebook scam returns, as Timeline Removal Plugin

File under '...really, Amazon?!'

In another example of Amazon's AWS abuse detection failing spectacularly, likely the same culprits behind last week's Tesco Voucher Giveaway scam have targeted Facebook users again -- this time with a "Timeline Removal Plugin" scam.

The scam seems to function thusly: victim clicks the link from a previous victim's event, creates a Facebook event with the same TinyURL in the Event description (containing a link to a Google Translate-wrapped AmazonAWS link) and so the cycle repeats. This doesn't involve the sharing feature, probably a technique Facebook locked down after last week's abuse.

Here are some screenshots of what will appear in your feed when a friend falls victim... Continue reading ""Tesco" Facebook scam returns, as Timeline Removal Plugin"

If you knew your site had been hacked, would you do anything about it?

Earlier this week a PayPal phishing email dropped into one of my work inboxes. I usually delete them instantly, but I checked out the compromised URL -- and surprise surprise, it was a UK domain. "OK," I thought, "I can do something about this."

Little did I know that the problem - a hacked subdomain hosting PHP redirector files to HTML on other compromised domains, and a fairly simple one to fix in five minutes - still wouldn't be fixed by the web site owner a week later... Continue reading "If you knew your site had been hacked, would you do anything about it?"

Chinese domain name prospecting scam - it's back

A couple of years ago, Jeff Ventura blogged about a fairly cunning domain name scam originating from China, whereby owners of domain names would be contacted by a 'registrar' indicating that another company was trying to register domain names with Asian TLDs that matched their existing domain name. This died down for a while, but it's back again (and it doesn't seem to have changed at all). I received one of these emails myself last week for a company I work for; read more for all the gory details (including copypasta of the email conversation I had with "Lebron Zhu"). Sinohosting also reported on this when it first began to occur.

[Update, July 20: They're still at it, this time with a new name and company: James Hong, "Senior Consultant of domain name registration and solution center in china" and "one company which self-styled "Packs Co.,ltd" were applying to register [company name] as Network Brand
and following domain names".

If it walks like a duck, talks like a duck... [update ends]

From Jeff's blog entry;

This is clever and it took a bit of time to figure out the pathology. But there is one, and it's interesting. Continue reading "Chinese domain name prospecting scam - it's back"