dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
145846
share rss forum feed


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Anon

Re: Facebook-Email Telling Picture on Album 32 dot Com? Scam???

same server..IP

Server Location: India

DNS Records Analysis

ihtts.com has address 31.192.109.216
www.ihtts.com has address 31.192.109.216
Websites Hosted On Same IP Address Analysis

The server IP address of Ihtts.com is 31.192.109.216, we have found 6 websites hosted on this server.
You also from here to view more infomations, or view websites hosted at the same network as Ihtts.com from here.

Rank Domain IP Address
#1,681,344 photo1998.com IP address: 31.192.109.216
#4,424,650 album92.com IP address: 31.192.109.216
#2,535,578 albums96.com IP address: 31.192.109.216
#11,508,184 albums99.com IP address: 31.192.109.216
n/a stphtm.com IP address: 31.192.109.216
n/a album32.com IP address: 31.192.109.216
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable

1 edit

1 recommendation

If the redirector(s) & phish page are both on the same server I can see why you chose that server.
That says a lot about the miscreant behind it.
Getting back to OP, yes, your facebook login credentials were the only thing at risk.
No driveby downloads etc.., to be concerned over.

Edit to add: *If* you had submitted your facebook logn to the phish page & as Name Game See Profile pointed out, you use the same password to login into other web based services you should worry about those services also being compromised.


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
Yes and all these have been like that..granted not in all case are they the same place..but if you look at this one..and the last three like it..has to be the same group or person...I think your group goes after them when the file is complete..and then hands it over to authorities..like at Computer Cops years back etc and maybe that group even shut down the server sooner..Lot's of hard work done and still goes on I am sure.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Snowy
"your facebook login credentials were the only thing at risk."

Yes but the login is an email address..and for most people a good one they use all the time...and I would say 90% use the same password for that email addy and their facebook..


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by Name Game:

"your facebook login credentials were the only thing at risk."

Yes but the login is an email address..and for most people a good one they use all the time...and I would say 90% use the same password for that email addy and their facebook..

My edit to add was posted prior to this.


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
OK..I wonder if it is yahoo email people who are getting this wave of email...so far seems all are yahoo customers..but not sure yet.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

reply to Name Game
said by Name Game:

"your facebook login credentials were the only thing at risk."

Yes but the login is an email address..and for most people a good one they use all the time...and I would say 90% use the same password for that email addy and their facebook..

If I did have a Facebook account this would not be the case for me.
Anyhow, users have got to start practicing safe hex and don't be stupid and use the same password for email and Facebook. Never use your email passwords for anything else! And be sure you write them all down and put the list in a safe place or use a Password Manager if you trust them....I've had bad luck with them so I don't use them.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


carpetshark3
Premium
join:2004-02-12
Idledale, CO
Reviews:
·CenturyLink
reply to Name Game
said by Name Game:

OK..I wonder if it is yahoo email people who are getting this wave of email...so far seems all are yahoo customers..but not sure yet.

Haven't seen it on the junk Yahoo account I signed up for FB with.
All I get from FB is that so and so added a friend. If I ever posted on FB, it was to a company who decided to run customer service that way. I just read friends' posts and email them. (the friends)


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
reply to Name Game
Not seen on one that I have.


burner50
Proud Union THUG
Premium
join:2002-06-05
Fort Worth, TX
kudos:1
reply to amark
The melon between your ears is the best protection available


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3

1 recommendation

reply to Name Game
said by Name Game:

"your facebook login credentials were the only thing at risk."

Yes but the login is an email address..and for most people a good one they use all the time...and I would say 90% use the same password for that email addy and their facebook..

I'm in the 10% catagory. My FB pw is unique and is only used there.
--
The Alien in the White House

19,694 DEADLY TERROR ATTACKS SINCE 9/11


Sae Kyo Park

@112.198.194.x
reply to amark
the same thing happened to me.. just received a message like those. i haven't tried it.. I just seacrch it and found this forum.. thank you.. It just proves that its a spam..

fairlady

join:2012-10-21
Yorktown, VA

1 recommendation

reply to amark
Friends don't ever really send those to one another, unless your friend is not your friend. Just do what I do... delete it, and don't ever go there. Kill it and ask questions later. You are always safer that way. =)


mcrosby

@ptd.net
reply to Name Game
I have AOL and I get them.. this is like the 4th or 5th one I got...


Kam

@comcast.net
reply to Name Game
My email is not Yahoo but I still received the scam message. I went there before I saw the warning. Anything I can do about it?


igotscammed

@choiceone.net
reply to Name Game
yep, I just got one on my Facebook email for Album 89 dot com. I think it is a scam


Kathy Jean

@att.net
reply to Sae Kyo Park
Good afternoon. I, too, received this message on Facebook and was immediately suspicious. I Googled and found this forum thread. Thank you very much, you guys, for making this information available.

Cordially,
Kathy


Scammed

@sbcglobal.net
reply to igotscammed
Yep! Just got one myself for Album 89 dot com. I got it through FB and I have a Yahoo account. Do I need to change my password again or what?


Worried

@bell.ca
I just got a message from a friend on facebook telling me to go to album 89 dot com and look up my name. Is anyone reciving similar messages. Or is mine a completely different circumstance ?


cortezam20

@comcast.net
I got tha same thing.


bigc

@myvzw.com
reply to Worried
said by Worried :

I just got a message from a friend on facebook telling me to go to album 89 dot com and look up my name. Is anyone reciving similar messages. Or is mine a completely different circumstance ?

I just got the same message from someone i haven't talked to in ages. When i typed it in it sent me to my fb login. . .but i was already logged in so it shouldve taken me straight to my page. Im assuming its a scam to hack fb accounts or its a virus of some sort


dmichele29

@sbcglobal.net
reply to Worried
yes I just received the same thing, does this mean I've been hacked


Ashley

@cox.net
reply to Worried
I just got an I'm on Facebook from two ppl on my friends list.
It said go to album 89 dot com search for my name.
What's the deal with this anyone know ?


Wildbill

@charter.com
reply to bigc
I just received the same Facebook Notification email from one of my FB friends asking: "hey, go to album89 dot com and search for your name then click on the first photo.. I bet you didn't remember that, eh?"

NOTICE THE URL:
ht tp://www.facebook.com.login.php-profile-signin-ilkr4div.album89.com/index.php

This is NOT a facebook url ... FACEBOOK.COM IS JUST PART OF THE SUB-DOMAIN. Notice the end of the URL and you will see the actual domain here that you are logging into with your private info is ALBUM89.COM - Also if you view source on the page you will notice that the images/graphics are being hosted from a 3rd party site: »3.bp.blogspot.com/-AOgsqP3Qut8/T···0/i3.png

I did not fall for it but is likely most people will I wonder what the purpose of this hacking attempt is?


EcoSec

@clearwire-dns.net
reply to Ashley
Well I do hate to be conspiratorial, but I just got the "Album 89" message just after posting anti-Monsanto information on the "No On Prop 37" Facebook page, which is funded in part by none other than Monsanto and friends. It may be coincidental but I certainly want to shut down these agri-bullies with their big ideas about "replacing nature."
Expand your moderator at work


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 edit
reply to EcoSec

Re: Facebook-Email Telling Picture on Album 32 dot Com? Scam???

Click for full size
Hosted on the same server in India as album32
»www.statscrop.com/www/album89.com

also by the same guy...
»www.statscrop.com/websites/hoste···um89.com

--
Gladiator Security Forum
»www.gladiator-antivirus.com/


therube

join:2004-11-11
Randallstown, MD
Reviews:
·Comcast
·Verizon Online DSL
reply to Anon
(I've only read some, so don't know where/if the two of you have finished, ...)

So semantics - as it applies to the lay person, aside, is it real or is it memorex?

hxxp://cnbc-news-world.com/weeknews/lastnews.php

Hint, it is not real, so beware if you visit.

Whois Server Version 2.0
 
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
 
   Domain Name: CNBC-NEWS-WORLD.COM
   Registrar: BIZCN.COM, INC.
   Whois Server: whois.bizcn.com
   Referral URL: http://www.bizcn.com
   Name Server: NS1.NOTAFREENS.COM
   Name Server: NS2.NOTAFREENS.COM ...
 


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7


same thing

@comcast.net
reply to Worried
i had the same thing don't put in your info. if by chance you did change your password on your facebook and your email. if you don't see the HTTPS:// before the website url then it is not secure like the page it redirects you too at album 89 dot com.