FYI...

- http://news.netcraft.com/archives/2008/01/22/mrbrain_stealing_phish_from_fraudsters.html
Jan 22, 2008 - "A recurrent group of Moroccan fraudsters calling themselves Mr-Brain has launched a website dedicated to offering easy-to-use phishing site code, email templates and other hacking tools. The website offers phishing kits for many of the most common targets, such as Bank of America, eBay, PayPal and HSBC. The tools and code provided by Mr-Brain are designed to make it extremely easy for other fraudsters to deploy realistic phishing sites. Only a very basic knowledge of programming is required to configure the PHP scripts to send victims' details to the fraudsters' chosen electronic mail address. Deploying one of these fully working kits can be done in as little as one minute – another factor that adds to their appeal. Mr-Brain's intentions are to encourage as many people as possible to use their phishing kits, for all is not what it seems at first glance. Careful inspection of the configuration script reveals deceptive code that hides the true set of electronic mail addresses that are contacted by the kit – every fraudster who uses these kits will -unwittingly- send a copy of each victim's details back to the Mr-Brain group... Mr-Brain claims that all of the scam pages offered on its site are undetected by Mozilla, Opera and Internet Explorer..."

(Screenshots available at the URL above.)

Do not give too much importance to "Mr-Brain" as such. I'm not sure the phrase 'red herring' is applicable, but this is a topic I have been following and documenting for quite a while now, and it is far more complex...

It would be best in general to simply observe the Moroccan scene in general. PM me if you have specific questions on the topic.

http://thebadboys.org
http://scams2008.com

The registrar of the domain that was being used to forward to these pages has already suspended the domain names.