how-to block ads
|
chachazz
Premium
join:2003-12-14
| Nirsoft Msnpass Scammed
MsnPass.Info Scam Report
"One of my software users reported me about a scam Web site in french that sells my MessenPass utility in another faked name.
This Web site displays a faked screenshot of MessenPass utility. In this screenshot, the name of the utility is MsnPass. Info and my Web site address in the status bar was removed.
This Web site offers the users to "purchase" this utility for 2.00 EUR, which looks like a good and attractive price for a password-recovery utility , but without specifying that it's a freeware tool that was taken from NirSoft."
More info & further blog post:
»www.nirsoft.net/blog/
--
Gladiator Security Forum: www.gladiator-antivirus.com/
| |
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| charming
"..
These new servers are hosted in same hosting company - »www.ovh.com, although I already reported them about the scam. I seems that they don't really care that their services are used for fraud activities.
.."
Cudni
--
"what we know we know the same, what we don't know, we don't know it differently."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2009 | |
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
1 edit | reply to chachazz
Msnpass.info is redirecting to subdomains of itself at either
4.msnpass.info
3.msnpass.info
All are hosted on an apparent dedicated IP 94.23.44.135 which contains 8 domains:
Server Type: Apache/2.0.59 (Unix) mod_ssl/2.0.59 OpenSSL/0.9.8g
IP Address: 94.23.44.135
IP Location - France - Ovh Sas
94.23.44.135 [reverse DNS - ks369423.kimsufi.com]
1. Blocage-msn.com = SCAM FRAUD SCAM
2. Blockmsn.info = SCAM FRAUD SCAM
3. Msn-block.info = SCAM FRAUD SCAM
4. Msn-blocked.com = SCAM FRAUD SCAM
5. Msn-bloquer.com = SCAM FRAUD SCAM
6. Msnapps.net = SCAM FRAUD SCAM
7. Msnpass.info = SCAM FRAUD SCAM
8. Rosae-studios.info = SCAM FRAUD SCAM
All were registered via GoDaddy's cloaked Domains by Proxy within a week of each other in June 2009:
Domain ID:D28861225-LRMS
Domain Name:MSNPASS.INFO
Created On:22-Jun-2009 11:01:30 UTC
Last Updated On:22-Jun-2009 11:01:33 UTC
Expiration Date:22-Jun-2010 11:01:30 UTC
Sponsoring Registrar:GoDaddy.com Inc. (R171-LRMS)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:CR4738235
Registrant Name:Registration Private
Registrant Organization:Domains by Proxy, Inc.
Registrant Street1:DomainsByProxy.com
Registrant Street2:15111 N. Hayden Rd., Ste 160, PMB 353
Registrant Street3:
Registrant City:Scottsdale
Registrant State/Province:Arizona
Registrant Postal Code:85260
Registrant Country:US
Registrant Phone:+1.4806242599
Since GoDaddy is the registrar and is currently providing DNS and MX service »network-tools.com/nslook/Default···4&go.y=7 GoDaddy should revoke the domain/s and service for TOS violations.
The hosting provider kimsufi.com »kimsufi.com is owned by OVH
mnt-by: OVH-MNT
source: RIPE # Filtered
person: Octave Klaba
address: OVH SAS
address: 140, quai du sartel
address: 59100 Roubaix
address: France
phone: +33 3 20 20 09 57
fax-no: +33 3 20 20 09 58
nic-hdl: OK217-RIPE
abuse-mailbox: abuse[@]ovh.net
Rosae-studios.info may provide some clues as it is a website promoting an online game for sale: »Rosae-studios.info
Translation: »translate.google.com/translate?j···_state0=
The contact link at Rosae-studios.info points to contact@ekarork.fr »jeu.ekarork.com/
I am not sure what the connection is, between Rosae-studios.info and jeu.ekarork.com
ekarork.com is also a GoDaddy cloaked domain from May: »whois.domaintools.com/ekarork.com and is hosted on a dedicated OHV.NET IP also. ekarork.fr is an anonymous domain via OHV.NET »whois.domaintools.com/ekarork.net
msnpass.info scams victims into paying for the software by using the services of ALLOPASS.COM
Complaints ahould be filed with this French company to prevent this thief from profiting from his scam:
ALLOPASS.COM
»fr.allopass.com/
»us.allopass.com/
Contact Information
Email contact@allopass.com
Business Relations [ US ] 1-800-555-1212
[ Europe ] +33 173 038 900
Media Relations [ US ] 1-800-555-1212
[ Europe ] +33 173 038 900
Phone Support [ US ] 1-800-555-1212
[ Europe ] +33 173 038 934
Europe Headquarters 15-17 rue Vivienne
75002 Paris, France
US Headquarters 101 5th Avenue
New York, NY 10003 USA
The following link is generated from the fraud site MSNPASS.INFO for a credit card link, and may contain the identifying account id or code:
>https://payment.allopass.com/acte/creditcard/purchase.apu?ids=143706&idd=394836&lang=fr','ccard'
allopass.com specializes in collecting funds for merchant purchases by billing the persons telephone provider:
An attempt to complete the purchase as a UK resident generates:
by phone:
ALLOPASS
UK
0906 906 9999
SMS 89444
And from the US:
1-900-868-4545
Customer Service 1-888-985-2233
contact@allofpass.com
SMS 44536
info 866-358-7327
ALLOPASS should be willing to terminate the scammers accounts since his operation is a clear violation of the service agreement.
MGD | |
-
|
