MSN Messenger phishing

 CastleCops -> Phishing, Fraud and Dastardly Deeds
Author: jm2007Location: Spain PostPosted: Wed Aug 15, 2007 5:46 am    Post subject: MSN Messenger phishing
This site goads visitors into revealing their MSN Messenger password so that they can:

"check if any of your MSN Messenger contacts has blocked or deleted you. It works in a very simple way: all you have to do is enter your MSN info, that is your email address and your password, in the form above and voila! You'll see a list with all the contacts that have blocked or deleted you."

Of course, you should reveal this information to a web site that devoid of any contact information and has registered their web site through Domains by Proxy, right? The only thing lacking here is a free headband that has the word "sucker" on it in bold letters. Other sites run by the same scammers that are clones if this site:

64.22.85.6 scanmessenger.com

And also this sites, at the same hosting (Global Net Access) and the same registrar (GoDaddy)

64.22.85.6 messenger-list.net
64.22.85.6 messengercheck.biz
64.22.85.6 messengerstatus.biz
64.22.85.6 check-messenger.biz
64.22.85.6 checkmessenger.biz
64.22.85.6 messenger-list.biz
64.22.85.6 messengerscan.com
64.22.85.6 messengerscan.info
64.22.85.6 messengerscan.net
64.22.85.6 messengerstatus.net
64.22.85.6 scanmessenger.info
64.22.85.6 scanmessenger.net

At this time, all those sites are considered PHISHING by Netcraft, McAfee and being banned from Google Adsense, among others.

Thanks
Author: brewtLocation: USA PostPosted: Wed Aug 15, 2007 7:43 am    Post subject:
What does PIRT say?
Author: downie PostPosted: Wed Aug 15, 2007 8:43 am    Post subject:
This particular member of PIRT says
Quote:
Not-a-phish-because-no-brand-impersonation-but-you-definitely-take-your-identity-in-your-own-hands-and-give-out-your-friends'-details-to-a-third-party-which-breaches-THEIR-privacy-and-that would-really-annoy-me!

Cool
Author: brewtLocation: USA PostPosted: Wed Aug 15, 2007 9:34 am    Post subject:
Thanks for the response.

This kind of site has been voted "not a phish" at phishtank.com frequently.
I've been voting "I don't know".

Looking into it a bit more now...
Quote:
Phishing is:

"...falsely claiming to be an established legitimate enterprise in an
attempt to scam the user into surrendering private information"

www.michigan.gov/cybersecurity/0,1607,7-217-34415---,00.html


I don't think it's a phish to say "give me your password so I can unlock special features of MSN" or somesuch.
It's definitely shady though, and most likely a scam.
It also probably violates MSN's AUP (sharing password with 3rd party).

some more discussion/debate on this over at phishtank users mailing list:
Is checkmessenger.net a phish?
let the debates begin...again!
Author: jm2007Location: Spain PostPosted: Wed Sep 05, 2007 4:38 am    Post subject:
After successfull reports doing by some experienced reviewers and security experts, the site ScanMessenger.com was banned from Google Adsense and considered PHISHING by McAfee and Netcraft

And now, here you have the "new version" after scanmessenger being "almost" dead...

The new phishing site is http://www.checkmessenger3.com

I'm reporting this site to Netcraft, McAfee and Google Adsense... Could you help me with your own abuse report?

More reports = More efficiency to stop this.

Thanks!
CastleCops -> Phishing, Fraud and Dastardly Deeds

All times are GMT

Page 1 of 1


Powered by phpBB © 2001 phpBB Group