Who blocked you on MSN? An update to a rising threat.
In August I decided to write an article about the “phishing” threat of websites offering you the chance to see who blocked you on MSN (or other IM services).
It seems that the article had a good number of visits, but at the same time I saw that I kept receiving more and more spam of this kind. CLICK HERE FOR THE ORIGINAL ARTICLE.
Almost all of the emails were coming from people in my list. That is because these contacts had their computers infected with malware that was distributing these messages. Many of these sites have not found themselves in the “black lists” of anti virus software companies.
A new threat on the block is http://why-do-they-block.com/ (ATTENTION !!! DO NOT FOLLOW THIS LINK)
The domain name is registered to a Chinese name and address , and if you have been a victim of this site, here are the details they have registered (found through a public domain WHOIS service)
The Data in Paycenter’s WHOIS database is provided by Paycenter
for information purposes, and to assist persons in obtaining
information about or related to a domain name registration record.
Domain Name : why-do-they-block.com
PunnyCode : why-do-they-block.com
Registrant:
Organization : Lrq Meu
Name : Lrq Meu
Address : BaoChun Rd. 623, No. 04, 1F, Apt. 3350
City : Bejing
Province/State : Beijing
Country : CN
Postal Code : 100176
Administrative Contact:
Name : Lrq Meu
Organization : Lrq Meu
Address : BaoChun Rd. 623, No. 04, 1F, Apt. 3350
City : Bejing
Province/State : Beijing
Country : CN
Postal Code : 100176
Phone Number : 010-010-01245857-01245857
Fax : 86-010-01245857-01245857
Email : bnneevp@126.com
March 7th, 2011 at 9:52 pm
I hope people have found this article useful . If you need any help with similar issues feel free to contact me directly in Triond or my website.
Vassilis Manoussos, MSc,PGCert,BSc,AAS
Digital Forensics Consultant
http://www.StrathclydeForensics.co.uk