Re: [Serious] Certapay Scam

Forums » O Canada! » Canadian Chat » [Serious] Certapay Scam


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Canadian Weather ·About Canada ·Canadian FAQ ·Birthdays ·Guide to Canada ·Need an ISP?

[Hockey] Haseks Calls it quits after Setback »
« [Hockey] Leafs buyout Belfour's contract!

delenn13
De gustibus nil disputandum
Premium,MVM
join:2006-03-02
Ridgeway, ON
clubs:

Re: [Serious] Certapay Scam

I just got an email from Certapay...

ITS FAKE>>>LOL>>>

Thank-you for taking the time to notify CertaPay regarding the unsolicited email which you received.

Please do not respond to it. Just delete it.

We are aware of the issue and our technical department already took the necessary action to block the website. CertaPay has taken steps to shut-down the source of the distribution and are working closely with law enforcement on this issue.

We thank you for your patience and look forward to resolve this issue.

*Registered trademark of Interac Inc. Used under license.

Sincerely,
Therese

The CertaPay Support Team
Email: info@certapay.com
Phone: 1-888-238-6433
(Monday-Friday, 9a-5p ET).

Website: »www.certapay.com

CertaPay, a division of Acxsys Corporation
--
"Dismissed. That's a Starfleet expression for 'Get out.'" Captain Kathryn Janeway

permalink · 2006-03-31 20:24:06 · Print ·

Deadpool Go Sens Go Premium,VIP join:2001-03-29 Canada	Re: [Serious] Certapay Scam It's funny how they said they took the necessary action to block the website when they're not an ISP, nor do they manage the backbones of the Internet. LOL -- Sens 7 (40 GF) - Leafs 0 (14 GF) **** Final Round: April 15, 2006
	permalink · 2006-03-31 21:06:43 ·

Devanchya Smile Premium join:2003-12-09 Ajax, ON ·Bell Sympatico	Re: [Serious] Certapay Scam Actually Deadpool, they are taking the necessary steps. Over the last week I have been sub-contracted to remove 3 differnt Spoofing scams on web servers that had a user with weak passwords In this case, the "real" company just needs to prove to the .com commity. Takes 24-72 hours in most cases. -- »www.codecipher.com - Marking the way to tomorrow's solutions
	permalink · 2006-03-31 21:15:06 ·

Deadpool
Go Sens Go
Premium,VIP
join:2001-03-29
Canada

Re: [Serious] Certapay Scam

said by Devanchya

:

Actually Deadpool, they are taking the necessary steps.

Over the last week I have been sub-contracted to remove 3 differnt Spoofing scams on web servers that had a user with weak passwords

In this case, the "real" company just needs to prove to the .com commity. Takes 24-72 hours in most cases.

Sorry, I was taking what they said literally. They said 'block', and in my books that means block. If what you're saying is true, then they're not even having the site removed either, just the actual .com removed. Which doesn't really help since the HTML link can be spoofed to display whatever.com, but actually points to the IP.

What they should do is contact the hosting company and have them removed.
--
Sens 7 (40 GF) - Leafs 0 (14 GF) **** Final Round: April 15, 2006

permalink · 2006-04-01 11:10:14 · Print ·

Devanchya
Smile
Premium
join:2003-12-09
Ajax, ON

·Bell Sympatico

Re: [Serious] Certapay Scam

Problem with contacting the hosting company is 9 times out of 10, this is on a Kiddie-scripted hacked machine. Bascily some bozzo has a website with a user "web" and password "123456" and this script gets in.

Depending on the level of the server setup, the next step is usally the instalation of a PHP script with Shell Access, and then using local access exploits to gain root to the box and setup an IRC network connection to publish phishing scams.

Now the larger groups will go ahead and buy .com .net .org names with a spelling error and point it to this location. Domain cost $1.99 in some of the cheaper locations, and a single "successful capture" of personal data is worth about $3000 min. Add Online banking access, or a CC number and that raises the stakes.

Now, Most phishing scams use "HTML" emails to hide the actual address and will instead redirect to something like rbonline.fasf.com/online or something stupid like that. IF that machine is hosted in a certain locations, you can get them shutdown/notified in a few days. Other countries good luck they don't give a fig.

In my case, there was a yahoo lottery scam that was going around and 3 of the attacks were from a twiki exploit, 1 from a weak password, and another 2 from a and [very old] old sendmail exploit. Took about 4-5 hours each just to investigate them and in some cases removal wasn't an option at all and we had to block access to the server locations at the router.

Each one of these cost at least $500 to even begin to repair, and after loss of confidence, support issues, reinstall steps etc, most likely will costs close to $2-3000 on the server side.

This is just KILLER for anyone who is running a small-medium hosting company.

Don't even get me started on the pure ammount of BANDWIDTH some of these attacks can take due to spam/bot inclusion attacks etc can take over.

Makes me sick in a way.
--
»www.codecipher.com - Marking the way to tomorrow's solutions

permalink · 2006-04-01 11:35:16 · Print ·

jojadi76 Premium join:2002-10-18 Toronto, ON	Re: [Serious] Certapay Scam Report that email to certapay.
	permalink · 2006-03-31 20:18:08 ·

your comment..

Forums » O Canada! » Canadian Chat	[Hockey] Haseks Calls it quits after Setback » « [Hockey] Leafs buyout Belfour's contract!


Sunday, 21-Mar 08:55:59	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10.5 years online! © 1999-2010 dslreports.com.republican-creole page compression OFF