|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
seafsee
General
Premium Member
Joined: Apr 02, 2004
Posts: 4920
|
 Posted: Sat Mar 22, 2008 1:41 pm Post subject: Possible MSN messenger hack/phish in progress? |
|
|
To Whom it may concern,
Feel free to move this to a more appropriate forum; I wasn't sure where.
I received this link in an IM message from someone I hadn't heard from in a number of years. Please note that "joeblow" is an alias - it originally had the IM ID of the person supposedly sending me the message.
| Code: | | http://joeblow.pix.skaq.info |
Upon opening the site, it is looking for an MSN ID along with a password.
The Netcraft site report says the following.
| Quote: | Organisation
TST Management, Inc / edificio Magna Corp., 5th Floor, Office 511, Panama City, 0000, Panama
Nameserver
eNom, Inc., P.O. Box 7449, 2002 156th
Organisation
Avenue NE, Ste. 300, Bellevue, 98007, United States
Country HK |
I have reported this to Netcraft, but sometimes they don't deem something malicious and I am positive this site is harvesting IDs and passwords.
Thanks,
seafsee
_________________
|
|
| Back to top |
|
 |
mrrockford
News Admin
AVPE Host
Joined: Apr 24, 2004
Posts: 3010
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2889
|
|
| Back to top |
|
|
seafsee
General
Premium Member
Joined: Apr 02, 2004
Posts: 4920
|
| Posted: Sat Mar 22, 2008 6:26 pm Post subject: |
|
|
Here is the page source from the opened link:
| Code: | <html>
<head>
<title></title>
</head>
<frameset cols="0,*" frameborder=0>
<frame src="pop.php" name="">
<frame src="indexx.php" name="mainwindow">
</frameset>
</html> |
Surprisingly, what is not showing is the TOS! which shows (lightly) on the same "sign-in" page.
| Quote: | Terms of Use / Privacy Policy:
By filling out this form, you authorize TST Management, Inc to spread the word about this 100% real and upcomming Messenger Community Site. You will receive your share of the credit in helping us spread the word. This is a harmless
Community site which is offering users a platform to meet each other for free.
We do not share your private information with any third parties.
By using our service/website you hereby fully authorize TST Management, Inc to send messages of a commercial nature via Instant Messages and E-Mails on behalf of third parties via the information you provide us. This is not a "phishing" site that attempts to "trick" you into revealing personal
information. Everything we do with your information is disclosed here. If you are under eighteen ( 18 ), you MUST obtain permission from a parent or guardian before using our website/service.
This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).
ANY LIABILITY, INCLUDING WITHOUT LIMITATION ANY LIABILITY FOR DAMAGES CAUSED OR ALLEGEDLY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, SHALL BE STRICTLY LIMITED TO THE AMOUNT PAID BY OR ON BEHALF OF THE SUBSCRIBER TO THIS SERVICE.
We may temporarily access your MSN account to do a combination of the following:
- Send Instant Messages to your friends promoting this site.
- Introduce new entertaining sites to your friends via Instant Messages.
This is a free service. You will not be asked to pay at any time.
You will not be subscribed to anything asking for payment.
This service is made possible by many hours of human effort.
Messenger Profiles, Inc reserves the right to change the terms of use / privacy policy at any time without notice. To view the latest version of this privacy policy, simply bookmark this page for future reference.
You understand that this agreement shall prevail if there is any conflict between this agreement and the terms of use you accepted when you signed up with MSN. You also understand that by temporarily accessing your msn account, Messenger Profiles, Inc is NOT agreeing to MSN's terms of use and therefore not bound by them.
This agreement shall be construed and governed by the law of the republic of Panama. You expressly consent to the exclusive venue and personal jurisdiction of the courts located in the Republic of panama for any actions arising from or relating to this agreement.
If any provision of this agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability shall not effect any other provisions of this agreement, and this agreement shall be construed as if such invalid, illegal or unenforceable provision had not been contained herein. |
A search for TST Management, Inc turned up another trick by the same "company" for mass posting on MySpace, posted here:
http://forums.facepunchstudios.com/showthread.php?t=509005
Unfortunately, it is still active. Netcraft says it is looking into it.
I posted it here in case someone wanted to take it down in case it is not as harmless as it says it is. I distrust any site asking for ID and password to another site.
I opted not to contact MSN at the link provided above.
Thanks again
|
|
| Back to top |
|
|
ahoier
SIRT Handler
Joined: Jan 14, 2006
Posts: 1113
Location: USA
|
| Posted: Sun Mar 23, 2008 2:02 pm Post subject: |
|
|
Sounds similar to the "myspace trackers" that run around myspace bulletins and comments.....they ask you to "Login" to view a movie/video or somesuch...lol.
Only thing is, they don't have any "registration" form, so the "dumb" myspacer (not all are dumb, but you get my drift...lol) will simply enter their myspace e-mail address and myspace password, and wham-o, the site now has their details.
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
