Tag: scammer

Posted on

Scam Alert: Fake Virus Warning to Make Users Call 1-855-420-8247

A tip from reader:

Scam Alert 1-855-420-8247

A pop-up warning showed up on Safari claiming the viruses were found on the computer. It was almost impossible to quit Safari as the pop-up re-emerges when closed. One way to deal with this is to force quit (Command-Option-Escape) Safari, then disable the auto-resume feature in OS X. In OS X Lion, Mountain Lion and Mavericks, go to System Preferences > General > and uncheck the “Restore windows when quitting and re-opening apps” option.

In the upcoming OS X Yosemite, the option looks slightly different; well, more than slightly different.

Check the “Close windows when quitting an app” option.

Close-windows-when-quitting-an-app

This particular scam has been around for a while.

It seems the scammer was astroturfing the comments on this page.

Posted on

Spammer Alert: leecheryl182@gmail.com

We received another tip from readers about a particular spammer related to hefallsintothe.com. The admin contact of the domain name is leecheryl182@gmail.com. The domain name hefallsintothe.com is using ns1.insulationfromtheelements.com and ns2.insulationfromtheelements.com

The domain names are registered through namecheap.com.

whois hefallsintothe.com:

Administrative Contact:

Web Master (leecheryl182@gmail.com)
+1.7734130857
Fax:
616 Corporate Way
Suite 2
Valley College, NY 10989
US

Creation date: 19 Mar 2013 19:06:00
Expiration date: 19 Mar 2014 11:06:00

whois insulationfromtheelements.com:

Administrative Contact:
Brightness Partners
Network Admin (dns@brightnesspartners.com)
+1.8004094960
Fax: +1.5555555555
6321 W Dempster St
Suite 161
Morton Grove, IL 60053
US

Creation date: 19 Mar 2013 20:53:00
Expiration date: 19 Mar 2014 12:53:00

Whois brightnesspartners.com:

Administrative Contact:
Brightness Partners
Network Admin (dns@brightnesspartners.com)
+1.8004094960
Fax: +1.5555555555
6321 W Dempster St
Suite 161
Morton Grove, IL 60053
US

Creation date: 19 Mar 2013 20:36:00
Expiration date: 19 Mar 2014 12:36:00

Partial list of domain names related to dns@brightnesspartners.com:

  • aboveallcanacquire.com
  • allusefulhasthe.com
  • andhopetoobtain.com
  • artitselfbythe.com
  • brightnesspartners.com
  • colouringheshouldlodge.com
  • conductothersashaving.com
  • eminencebyothermeans.com
  • frivolouspursuitscapacityto.com
  • ifhewasallowed.com
  • ifoneactexcluded.com
  • ihaveseenalso.com
  • insulationfromtheelements.com
  • inthedrudgeryof.com
  • isalwaysathand.com
  • isbrilliantthanwith.com
  • ithasbeenso.com
  • itmaybetaken.com
  • managedoftenshortensthe.com
  • maneminentforhis.com
  • momentthepracticeof.com
  • ofagreatdegree.com
  • ofthealphabetif.com
  • onlybeopposedby.com
  • thatidealexcellencewhich.com

 

Partial list of domain names with leecheryl182@gmail.com as admin contacts:

  • anypurposewhohave.com
  • arrivedattheirutmost.com
  • artwhichhemust.com
  • bettercoursehavelong.com
  • bystudyingtheseauthentic.com
  • cannotdobetterthan.com
  • easeandreadinessto.com
  • farastheyshall.com
  • faultifourprogress.com
  • formedinitwhich.com
  • fromthosewhohave.com
  • gratitudeinouracademy.com
  • intheirpupilsprobably.com
  • inventontheirmethod.com
  • itnearthemodel.com
  • itrequiresnoeffort.com
  • leastcontributetoyour.com
  • makesnopretensionsto.com
  • mannerofhandlingemulation.com
  • politebeendoneby.com
  • resultofnaturalpowers.com
  • studenthassucceededin.com
  • studentssooftendisappoint.com
  • tocollectsubjectsfor.com
  • whichnaturehasbeen.com

spam-stamp

Posted on

Spammer Alert: the connection between x-celerated.com and 1stinlinehosting.com

A comment from a reader prompted us to revisit an older post on a spammer with domain name 1stinlinehosting.com. It is apparent that the same spammer also operates x-celerated.com. We should have realized that sooner.

The domain name submitted by reader is mlifeprogression.com and whois information shows the mailing address:

1608 S. Ashland Ave
Chicago, Illinois 6O608

The very same address of a mailbox service used by a possibly fictional Tom Slater of x-celerated.com.

mlifeprogression

If you want to fight the spammers back, consider the followings:

We thank our readers for their contributions.

Posted on

Spammer Alert: margretriverhosting.com

This is the continuation to milkcheesedns.com spammer.

properlymysteriouslyupbeat.com

Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.com

Domain name: properlymysteriouslyupbeat.com

Registrant Contact:
margretriverhosting
Domain Management ()

Fax:
PO Box 66738
Saint Louis, MO 63166-6738
US

Administrative Contact:
margretriverhosting
Domain Management (domains@margretriverhosting.com)
+1.3147146057
Fax: +1.3147146057
PO Box 66738
Saint Louis, MO 63166-6738
US

Technical Contact:
margretriverhosting
Domain Management (domains@margretriverhosting.com)
+1.3147146057
Fax: +1.3147146057
PO Box 66738
Saint Louis, MO 63166-6738
US

Status: Locked

Name Servers:
ns1.safetyorangeblazeorangemule.com
ns2.safetyorangeblazeorangemule.com

Creation date: 30 May 2012 07:20:00
Expiration date: 29 May 2013 23:20:00

margretriverhosting.com

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Registration Service Provided By: PLANET ONLINE
Contact: +1.8887654932
Website: http://www.planetonline.net

Domain Name: MARGRETRIVERHOSTING.COM

Registrant:
Margret River Hosting
Margret River Hosting        (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366

Creation Date: 20-Aug-2010
Expiration Date: 20-Aug-2012

Domain servers in listed order:
ns1.planetonline.net
ns2.planetonline.net
ns3.planetonline.net
ns4.planetonline.net

Administrative Contact:
Margret River Hosting
Margret River Hosting        (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366

Technical Contact:
Margret River Hosting
Margret River Hosting        (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366

Billing Contact:
Margret River Hosting
Margret River Hosting        (webmaster@margretriverhosting.com)
PO Box 105603
#88657
Atlanta
Georgia,30348
US
Tel. +404.6719366

From contact page, which most likely useless:

(314) 714-6057
PO Box 66738 Saint Louis, MO 63166-6738

The information provided in the contact page can be used to chart the spammer’s pattern.

Note the Name server: safetyorangeblazeorangemule.com

Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.com

Domain name: safetyorangeblazeorangemule.com

Registrant Contact:

Technical Support ()

Fax:
PO Box 29502
Las Vegas, NV 89126
US

Administrative Contact:

Technical Support (domains@newbrandhosting.net)
+1.7026660363
Fax: +1.5555555555
PO Box 29502
Las Vegas, NV 89126
US

Technical Contact:

Technical Support (domains@newbrandhosting.net)
+1.7026660363
Fax: +1.5555555555
PO Box 29502
Las Vegas, NV 89126
US

Status: Locked

Name Servers:
dns1.registrar-servers.com
dns2.registrar-servers.com
dns3.registrar-servers.com
dns4.registrar-servers.com
dns5.registrar-servers.com

The problem is that domain name registrars such as eNom and NameCheap would not take pro-active stance in fighting against these type of spammer. It is pretty obvious that the same individuals are responsible for these domain names. They keep registering new domain names and the domain name registrars did not do a thing to stop them from doing so.

Posted on

Spam Alert: unsubyourself.net

A number of spam emails are originating from one source: unsubyourself.net.

The spammer who registered the following domain names through moniker.com:

  • exectsided.net
  • fabrias.net
  • fahroats.net
  • januited.net
  • moripic.net
  • licanneced.net

is now using a .ro TLD to register:

  • addejersed.ro
  • substatic.ro
  • berenotioning.ro
  • walsate.ro

The .ro TLD registrar are no help in this matter.

All these domains are/were pointing to one single domain that is unsubyourself.net (http://unsubyourself.net/c/unsubscribe.php)

Whois info on unsubyourself.net:

Domain Name: UNSUBYOURSELF.NET
Registrar: MONIKER

Registrant [3472147]:
Moniker Privacy Services UNSUBYOURSELF.NET@domainservice.com
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US

Administrative Contact [3472147]:
Moniker Privacy Services UNSUBYOURSELF.NET@domainservice.com
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax:   +1.9549699155

Billing Contact [3472147]:
Moniker Privacy Services UNSUBYOURSELF.NET@domainservice.com
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax:   +1.9549699155

Technical Contact [3472147]:
Moniker Privacy Services UNSUBYOURSELF.NET@domainservice.com
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax:   +1.9549699155

Domain servers in listed order:

NS1.DOMAINSERVICE.COM         208.73.210.41
NS2.DOMAINSERVICE.COM         208.73.211.42
NS3.DOMAINSERVICE.COM
NS4.DOMAINSERVICE.COM

Record created on:        2010-12-27 16:07:27.0
Database last updated on: 2010-12-27 16:07:32.943
Domain Expires on:        2011-12-27 16:07:27.0

It is registered through moniker.com.

Please send email to abuse@moniker.com and legal@moniker.com to file complaints.

Posted on

A partial list of Domain Names used by spammers and scammers.

Attach is partial list of domain names used by spammers and scammers. Add them to the blacklist in the hosts file. It is only a partial list,

2c1804-7thgkluallbz4qk0q1h.hop.clickbank.net
alipbaata.co.cc
alpordessirempit.xpac.info
aouwch.com
asmidary.com
autofeed.bestproceed.com
badlymetal.net
beaming-smiles4all.net
bestbusinesssearch.net
bestbuygiftcard.cz.cc
bestfishingtool.com
bestproceed.com
bluesquareframe.com
bonsaicareonline.com
brenaleecosmetics.net
bulletinsite.info
candidll.com
cangencorp.com
catexamine.net
cierrainteriors.com
clicktvseries.com
codemaster-helpnetwork.net
counter.bestproceed.com
counter.visitorstatistic.com
crosshairoutdoorgear.net
desidiomusicalliance.net
designscapital.com
destinationexotictrips.net
digital-hdcamcorder.com
dominopiece.com
dreamnetassociates.com
drinkingstrawstirs.com
drive-traffic-to-your-website.co.cc
e-hiburan.co.cc
earliam.com
emailgeneral.com
ent-hiburan.co.cc
everstrong-storage.net
facebook.bestproceed.com
fat-loss-4–idiots.com
featherbuy.net
firestarproductdevelopment.com
free20usd.tk
freegiftscentre.info
freezone2u.com
freidrichconstuction.net
get-back-with-the-ex.com
gets20usd.tk
graphicplusdesignteam.net
greatoffersforhomeowners.net
hopefulspiritsgroup.net
hosted-predictivedialer.com
indiana-toll-road-traffic.co.cc
internationalmesothelioma.net
interorga.biz
investmentfinancing.bloggerreviews.org
jeanrempitmmampos.xpac.info
john-onlineblog.tk
justifyingsense.com
laensenanzapereira.edu.co
lawsuitmesothelioma.passas.us
lilacmeadowdayspa.net
lyrics.myra-world.com
m.arkibrealistik.net
mambang-x.com
mesotheliomasettlementnow.com
mkt059.com
montreauxandsons.com
multiresults.com
myshutterclicks.com
netinfozones.com
netwizardinstructionalguides.net
newsodrome.com
newworldmarketgroup.net
nycpartysceneonline.com
officialdealcenteronline.net
online-dating-websites.info
or.cangencorp.com
pericardialmesotheliomasite.com
photoangels-online.net
psychologybachelors.info
quikloan.info
reptilianstudios.net
rockypoint-enterprises.net
safewayvaultcompany.com
sakindary.com
sanchez-correaimporters.net
seetruewall.com
serveubetterhosting.com
sinido.com
sizzlingblog.com
slideshowexhibition-nys.net
soapinstall.net
statistics.bestproceed.com
studentloan-consolidation-info.info
studentloaninterest.org
swagbucks.com
synergytrainingfacility.com
theblogisdead.com
tl2.candidemail.com
totalcloths.net
updatecustomerdata.com
usalatestnews.com
ushardwaredev.net
viruzreload.co.cc
vivendicapitalinc.net
web.oxyme.com
www.acterize.com
www.bestgamingcomputer.info
www.bigextracash.com
www.bigextracash.com
www.blogobo.com
www.buy-a-computer.co.cc
www.carisoprodolabuse.info
www.club-asteria.com
www.cruisejobline.com
www.cruisejobsblog.com
www.galaxycelebrity.com
www.gamerszone.info
www.greentreemortgage.org
www.i-am-stupid-am-i.co.cc
www.ipadawe.com
www.ipadz2011.com
www.mobilephonereviewssite.com
www.moredietplan.com
www.ohamerica.us
www.psychologybachelors.info
www.refinancing-home.student-loan-consilidation.com
www.zapposhoes.org
yct.com.my
yourcarguide.org
yunkissmee.xpac.info
zero-credit.info