Re: A Windows Activation phishing attempt. in Spam, Scam and Phishbusters

Re: A Windows Activation phishing attempt. in Spam, Scam and Phishbusters http://www.dslreports.com/forum/r12558038 en Fri, 04 Dec 2009 14:47:56 EDT Fri, 04 Dec 2009 14:47:56 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12745651 anon : "Uh, yup! I think I'll go ahead and register on this guy's secret site with my credit card instead of fussin' with the uncertainty o' going 'genuine'... Why, I'm sure I'll have nothing to worry about with Bill and Co after that there special email valler-day-shun that Mr. Jimmy Carter down there at cjc.net, uh, I mean uh windowsxpvalidation, er, uh, yup, boy howdy I just don't really git them computer things thats for sure... Honey, where's the credit card?"

No, I'm not surprised that their limit is exceeded. No question about it, if this was sent all over the world, and appears with decently proper logo'ing, there are MILLIONS of people who will fall for it, all over the world. Once translated, the hokey English that's a dead giveaway to (some of us) English-speaking folk (non-GOP, at least) just becomes yet another hokey-sounding translation from English and doesn't raise the same alarm bells that we get when we read it.

Probably some "non-computer people" think they've found a way to avoid the embarrassment or even vulnerability they feel when attempting to properly activate at the real windows site... especially when they know damn well half their country is on a 'one-software-cd, one-state' program.

Have you guys read anything about this: the Windows site actually appears to try to activate your PC's camera and/or microphone when you go to it for info on their validation program??!? That kinda freaks me out ... that is, if it's not some malfunction of Flash or the site code itself.

At least, MacroFlash app thinks that something is trying to take over one or the other ... very strange, no?

:huh:]]> http://www.dslreports.com/forum/remark,12745651 Wed, 23 Feb 2005 04:12:46 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12664089 antiphishing :

said by not surprised:

It's still up...I just got the scam-mail today...and went through the hunt to see WTF was up..

jsc

Send me a copy of the phishing scam. Send it to the email below and I will take care of it.
--
Don't shoot the messenger,shoot the spammer
»www.antihotmail.com
Dslreports.com Profile: »profile.antihotmail.com
spammers_are_scumbags@antihotmail.com ]]> http://www.dslreports.com/forum/remark,12664089 Sun, 13 Feb 2005 22:38:34 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12662009 anon : It's still up...I just got the scam-mail today...and went through the hunt to see WTF was up..

jsc]]> http://www.dslreports.com/forum/remark,12662009 Sun, 13 Feb 2005 18:34:25 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12566147 antiphishing :
said by StevePearce :

»www.crumblis.com/

This appears to be hosted by globat.com, I've also contacted them and asked for the site to be taken down.

canonical name crumblis.com.
aliases www.crumblis.com
addresses 203.22.204.77
Domain Name: CRUMBLIS.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: »www.enom.com
Name Server: NS1.DNSJUNCTION.COM
Name Server: NS2.DNSJUNCTION.COM

postmaster@globat.com (for globat.com)
support@globat.com (for globat.com)
--
»www.antihotmail.com
Dslreports.com Profile: »profile.antihotmail.com
spammers_are_scumbags@antihotmail.com]]> http://www.dslreports.com/forum/remark,12566147 Wed, 02 Feb 2005 22:56:50 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12562666 StevePearce : The site is now down, however it claims because it has exceeded it monthly bandwith limit (which is unlikely on the 2nd of the month!)]]> http://www.dslreports.com/forum/remark,12562666 Wed, 02 Feb 2005 17:04:30 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12560519 Yarddog : crumblis.com still active at this time and i noticed that it has a link to an "exe" file also, it was at the "where to find my registation number" link. i left the page blank and clicked "continue", i was thanked for my information and also got a link to my free adawre program with its own key. maybe this site's "exe" is for phishing information from your PC? i hope it gets shut down soon.
--
»www.norcoauto.com The Dog's House]]> http://www.dslreports.com/forum/remark,12560519 Wed, 02 Feb 2005 13:11:02 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12558111 StevePearce : I reported the redirect attempt to cjb.net, hopefully they will take it down soon. I also did a dit of digging and found the site redirects to:

»www.crumblis.com/

This appears to be hosted by globat.com, I've also contacted them and asked for the site to be taken down.]]> http://www.dslreports.com/forum/remark,12558111 Wed, 02 Feb 2005 06:42:58 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12558038 StevePearce : Got another one from them, they've changed the link:

-----------------------------------------------------------

Below is the result of your feedback form. It was submitted by
(ICK700_XP_Accounts@microsoft.com) on Wednesday, February 2, 2005 at 05:35:05
---------------------------------------------------------------------------

: Hello Microsoft user,

We here at Microsoft would like you to still receive your normal computer updates, That Will protect your computer from Viruses and spyware. We have noticed A lot of people are illegally Using our services Without paying for their Windows Operating System. Therefor we've made a web site so you can update or validate your windows serial and credit card information. If you do not comply with our policy, windows will ask you to reactivate your serial number, and it will become invalid. So you will lose any information on your computer. If you do not validate your serial number, your copy of windows will be labeled as piracy.

Your Credit Card will not be charged. We use your credit card information to validate your windows system. If any one else has your serial number we will contact you by phone.
It is critical that you update your serial number and validate it, so no one else will attempt to use it. We've also added Programs to help fight piracy and adware. After your verification is complete, You can download these programs free of charge.

Please validate your account by Signing in our web site below.

»verifyxp.cjb.net

Thank you

James Carter
Windows XP Activation Team

XP Confirmed number; N7XKVS

"We here at Microsoft would like you to validate your Microsoft windows activation key in order to prevent against fraudulent use of the windows software.
Microsoft cares about your security and is working hard to keep windows secure. In support of our continuing efforts we encourage you to spend a minute and validate your Microsoft windows (TM) licensee key "

L2ZDAV

---------------------------------------------------------------------------]]> http://www.dslreports.com/forum/remark,12558038 Wed, 02 Feb 2005 05:46:43 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12549538 TheWickerMan : This has to be about the most pathetic scam attempt I've seen in quite some time.]]> http://www.dslreports.com/forum/remark,12549538 Tue, 01 Feb 2005 10:31:17 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12539299 anon : Excellent job, thanks.]]> http://www.dslreports.com/forum/remark,12539299 Mon, 31 Jan 2005 09:51:11 EDT Re: A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12538732 removed : »windowsxpactivate.cjb.net has been taken down. :)
--
»mvm.removed.us]]> http://www.dslreports.com/forum/remark,12538732 Mon, 31 Jan 2005 08:11:42 EDT A Windows Activation phishing attempt. http://www.dslreports.com/forum/remark,12538720 anon : This was a new one on me, however it didn't fool me for an instant.

Original Message follows:

Below is the result of your feedback form. It was submitted by (EOTEQ2_XP_Accounts@microsoft.com) on Saturday, January 29, 2005 at 04:04:22
---------------------------------------------------------------------------

: Hello Microsoft user,

We here at Microsoft would like you to still receive your normal computer updates, That Will protect your computer from Viruses and spyware. We have noticed A lot of people are illegally Using our services Without paying for their Windows Operating System. Therefor we've made a web site so you can update or validate your windows serial and credit card information. If you do not comply with our policy, windows will ask you to reactivate your serial number, and it will become invalid. So you will lose any information on your computer. If you do not validate your serial number, your copy of windows will be labeled as piracy.

Your Credit Card will not be charged. We use your credit card information to validate your windows system. If any one else has your serial number we will contact you by phone.
It is critical that you update your serial number and validate it, so no one else will attempt to use it. We've also added Programs to help fight piracy and adware. After your verification is complete, You can download these programs free of charge.

Please validate your account by Signing in our web site below.

»windowsxpactivate.cjb.net

Thank you

James Carter
Windows XP Activation Team

XP Confirmed number; MYGU8Z

"We here at Microsoft would like you to validate your Microsoft windows activation key in order to prevent against fraudulent use of the windows software.
Microsoft cares about your security and is working hard to keep windows secure. In support of our continuing efforts we encourage you to spend a minute and validate your Microsoft windows (TM) licensee key "

F05GH2

---------------------------------------------------------------------------]]> http://www.dslreports.com/forum/remark,12538720 Mon, 31 Jan 2005 08:08:48 EDT