Re: [Serious] Certapay Scam

Devanchya Smile Premium join:2003-12-09 Ajax, ON ·Bell Sympatico	reply to Deadpool Re: [Serious] Certapay Scam Problem with contacting the hosting company is 9 times out of 10, this is on a Kiddie-scripted hacked machine. Bascily some bozzo has a website with a user "web" and password "123456" and this script gets in. Depending on the level of the server setup, the next step is usally the instalation of a PHP script with Shell Access, and then using local access exploits to gain root to the box and setup an IRC network connection to publish phishing scams. Now the larger groups will go ahead and buy .com .net .org names with a spelling error and point it to this location. Domain cost $1.99 in some of the cheaper locations, and a single "successful capture" of personal data is worth about $3000 min. Add Online banking access, or a CC number and that raises the stakes. Now, Most phishing scams use "HTML" emails to hide the actual address and will instead redirect to something like rbonline.fasf.com/online or something stupid like that. IF that machine is hosted in a certain locations, you can get them shutdown/notified in a few days. Other countries good luck they don't give a fig. In my case, there was a yahoo lottery scam that was going around and 3 of the attacks were from a twiki exploit, 1 from a weak password, and another 2 from a and [very old] old sendmail exploit. Took about 4-5 hours each just to investigate them and in some cases removal wasn't an option at all and we had to block access to the server locations at the router. Each one of these cost at least $500 to even begin to repair, and after loss of confidence, support issues, reinstall steps etc, most likely will costs close to $2-3000 on the server side. This is just KILLER for anyone who is running a small-medium hosting company. Don't even get me started on the pure ammount of BANDWIDTH some of these attacks can take due to spam/bot inclusion attacks etc can take over. Makes me sick in a way. -- »www.codecipher.com - Marking the way to tomorrow's solutions
	to forum · permalink · · 2006-04-01 11:35:16 ·
Deadpool Go Sens Go Premium,VIP join:2001-03-29 Canada ·Bell Sympatico	reply to Devanchya said by Devanchya : Actually Deadpool, they are taking the necessary steps. Over the last week I have been sub-contracted to remove 3 differnt Spoofing scams on web servers that had a user with weak passwords In this case, the "real" company just needs to prove to the .com commity. Takes 24-72 hours in most cases. Sorry, I was taking what they said literally. They said 'block', and in my books that means block. If what you're saying is true, then they're not even having the site removed either, just the actual .com removed. Which doesn't really help since the HTML link can be spoofed to display whatever.com, but actually points to the IP. What they should do is contact the hosting company and have them removed. -- Sens 7 (40 GF) - Leafs 0 (14 GF) **** Final Round: April 15, 2006
	to forum · permalink · · 2006-04-01 11:10:14 ·
Devanchya Smile Premium join:2003-12-09 Ajax, ON ·Bell Sympatico	reply to Deadpool Actually Deadpool, they are taking the necessary steps. Over the last week I have been sub-contracted to remove 3 differnt Spoofing scams on web servers that had a user with weak passwords In this case, the "real" company just needs to prove to the .com commity. Takes 24-72 hours in most cases. -- »www.codecipher.com - Marking the way to tomorrow's solutions
	to forum · permalink · · 2006-03-31 21:15:06 ·
Deadpool Go Sens Go Premium,VIP join:2001-03-29 Canada	reply to delenn13 It's funny how they said they took the necessary action to block the website when they're not an ISP, nor do they manage the backbones of the Internet. LOL -- Sens 7 (40 GF) - Leafs 0 (14 GF) **** Final Round: April 15, 2006
	to forum · permalink · · 2006-03-31 21:06:43 ·
delenn13 De gustibus nil disputandum Premium,MVM join:2006-03-02 Ridgeway, ON clubs:	reply to jojadi76 I just got an email from Certapay... ITS FAKE>>>LOL>>> Thank-you for taking the time to notify CertaPay regarding the unsolicited email which you received. Please do not respond to it. Just delete it. We are aware of the issue and our technical department already took the necessary action to block the website. CertaPay has taken steps to shut-down the source of the distribution and are working closely with law enforcement on this issue. We thank you for your patience and look forward to resolve this issue. *Registered trademark of Interac Inc. Used under license. Sincerely, Therese The CertaPay Support Team Email: info@certapay.com Phone: 1-888-238-6433 (Monday-Friday, 9a-5p ET). Website: »www.certapay.com CertaPay, a division of Acxsys Corporation -- "Dismissed. That's a Starfleet expression for 'Get out.'" Captain Kathryn Janeway
	to forum · permalink · · 2006-03-31 20:24:06 ·
jojadi76 Premium join:2002-10-18 Toronto, ON	reply to delenn13 Report that email to certapay.
	to forum · permalink · · 2006-03-31 20:18:08 ·


Monday, 30-Nov 03:50:28	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF