SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 About Your Russian Girl

View next topic
View previous topic
 
This forum is locked: you cannot post, reply to, or edit topics.This topic is locked: you cannot edit posts or make replies.
Author Message
Pantsface
419Eater is my life


Joined: 14 Sep 2006
Posts: 465
Location: In Your Pants!


PostPosted: Tue Jan 23, 2007 6:17 am Reply with quoteBack to top

Interesting email i got in one of my romance baiting accounts..

Delivered-To: ******
Received: by 10.78.123.3 with SMTP id v3cs783317huc;
Mon, 22 Jan 2007 00:31:02 -0800 (PST)
Received: by 10.90.69.8 with SMTP id r8mr5859405aga.1169454662491;
Mon, 22 Jan 2007 00:31:02 -0800 (PST)
Return-Path: <[email protected]>
Received: from anti-scammers.org (am1-nat-136-12.planetsky.com [82.211.136.12])
by mx.google.com with SMTP id 26si6278190aga.2007.01.22.00.30.59;
Mon, 22 Jan 2007 00:31:02 -0800 (PST)
Received-SPF: neutral (google.com: 82.211.136.12 is neither permitted nor denied by domain of [email protected])
Message-Id: <[email protected]>
From: "AntiScam Group" <[email protected]>
To: *****
Subject: Detect your Love - About your Russian girl
Date: Sun, 21 Jan 2007 11:30:37 +0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0000_01C6527E.AE8904D0"
X-Priority: 5 (High)
X-MSMail-Priority: Highest
Importance: Highest
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180


new ANTISCAM site
all our bases - it is about 10 million - it is scam girls
It is easy for you to check your new girl from other country.
Thanks you for attention

Edited to remove hotlink. Don't go to this site unless your security applications are up to date! - Stargate
Code:
http://www.anti-scammers.org

_________________
"TRY TO COMB YOURSELF AND BEWARE OF PEOPLE YOU DO BUSINESS WITH..." - DR TUNDE LEMO

"As an idiot who have not see money?Stupify away from me ungodly person." - Nugo

"I dream how we will sit at you at home I will
sit on your knees, you will iron my face, my legs." - Marina


pony Cellphone Cellphone Cellphone Cellphone Cellphone

Click here to support 419Eater.com

View user's profileSend private message
Azure Sonnet
Master Baiter


Joined: 18 Dec 2006
Posts: 123
Location: UK


PostPosted: Tue Jan 23, 2007 6:39 am Reply with quoteBack to top

Well, that was frightening!

Visiting that site (which, incedentally, is just a collection of various anti-scam sites) meant that some sort of remote access program tried to access my machine! I'm not sure of the name, it definitely had remote access written somewhere in its name (on the popup bar at the top of the IE window - Active X maybe?). Luckily it was blocked, but it took my machine a good minute or two to stop what it was doing after I closed the window involved - I ended up unplugging the broadband cable!

An AV and spyware check has come up clean, so I am still not sure what it was, especially as I only saw the name for a fleeting second, but that site has something on it, at the least spy/adware, at worst a virus or similar. Forgive me for not double checking and revisiting the site...

My knowledge on viruses etc is a little rusty, so some of what I'm saying might not be accurate, but I still want to warn anyone who is thinking of clicking on the link to BE CAREFUL!

_________________
...you have kept me under expectation by giving a slap of love and i can't hold myself... you have fastinated my love... You are sweat. i want to parade my love with you - Karmin Buhahi, my first *sigh*
View user's profileSend private message
orientfan
Not quite a Newb


Joined: 25 Nov 2006
Posts: 74
Location: The pinnacle of cynical


PostPosted: Tue Jan 23, 2007 7:14 am Reply with quoteBack to top

A S,

Just been on there and it looks clean.

OF

_________________
You are a creature of the white devil - Barrister George
View user's profileSend private message
oopsme
Master Baiter


Joined: 02 Jan 2006
Posts: 114
Location: Wiscon-Sin


PostPosted: Tue Jan 23, 2007 4:50 pm Reply with quoteBack to top

My system acted strange when going to this site. I didnt get any warning but my system slowed to a crawl until I was able to leave.

_________________
I only do what the voices in my head tell me to!
"The only two things you can truly depend upon are gravity and greed." by the late Jack Palance
Support Gun Control! Hit your target with your 1st shot!
Are you looking up my dress again?
View user's profileSend private messageYahoo Messenger
Pantsface
419Eater is my life


Joined: 14 Sep 2006
Posts: 465
Location: In Your Pants!


PostPosted: Tue Jan 23, 2007 7:40 pm Reply with quoteBack to top

yeah, its strange. doesnt seem to be the usual "scam warning" people get sometimes.

_________________
"TRY TO COMB YOURSELF AND BEWARE OF PEOPLE YOU DO BUSINESS WITH..." - DR TUNDE LEMO

"As an idiot who have not see money?Stupify away from me ungodly person." - Nugo

"I dream how we will sit at you at home I will
sit on your knees, you will iron my face, my legs." - Marina


pony Cellphone Cellphone Cellphone Cellphone Cellphone

Click here to support 419Eater.com

View user's profileSend private message
harrya
Elite Baiter


Joined: 23 Jul 2006
Posts: 1489
Location: Not Happy


PostPosted: Wed Jan 24, 2007 2:49 am Reply with quoteBack to top

I had this one too but didn't have any probs. However I'm behind a router. Are any of you that saw problems connected directly to the net.
ie modem only.

Since this came in as spam anyway that should be enogh to raise a red flag.

_________________
Mortar
View user's profileSend private messageSend e-mail
Azure Sonnet
Master Baiter


Joined: 18 Dec 2006
Posts: 123
Location: UK


PostPosted: Wed Jan 24, 2007 3:46 am Reply with quoteBack to top

Yup, I'm behind a router.

Revisiting the site makes a warning popup (I use IE) mentioning that the site wants to run the Active X add on "Microsoft Data Access - Remote Data Services Dat...". There was a ton of activity on my pc and the net reeeeaally slowed down when the site was first accessed, and all of my windows froze for a good ten or fifteen seconds. I have carried out a virus and spy/adware check and nothing iffy seems to have got through.

_________________
...you have kept me under expectation by giving a slap of love and i can't hold myself... you have fastinated my love... You are sweat. i want to parade my love with you - Karmin Buhahi, my first *sigh*
View user's profileSend private message
harrya
Elite Baiter


Joined: 23 Jul 2006
Posts: 1489
Location: Not Happy


PostPosted: Wed Jan 24, 2007 4:39 am Reply with quoteBack to top

Think I'll just stay clear away from there Smile

_________________
Mortar
View user's profileSend private messageSend e-mail
Lpico
Master Baiter


Joined: 16 Nov 2006
Posts: 161
Location: coonztowne


PostPosted: Wed Jan 24, 2007 4:48 am Reply with quoteBack to top

No way I'm clickin' on that biz. Thanks for the warning, AS.

_________________
also for me to continue my education because i am just here surfing doing nothing. --solomon johnson
so i have decided to send you this palm flirt concerning my father. --stella
CellphoneCellphoneCellphone
View user's profileSend private messageSkype NameICQ Number
Stepan Fetchit
Elite Baiter


Joined: 09 Nov 2005
Posts: 1977
Location: Anywhere but squaresville, man


PostPosted: Wed Jan 24, 2007 4:09 pm Reply with quoteBack to top

dudes, there's planetsky in the headers, and the 'who is' for the domain points to Russia.
I'm guessing this is some sort of evil thing operated by the scammers, or scammer friendly types.

somebody smarter look at this please?

keep away though. can't be good

_________________
<center> <b>

<A href="http://www.dragonladies.org/bbs">Dragonladies.org</a>
View user's profileSend private messageYahoo MessengerSkype NameICQ Number
orientfan
Not quite a Newb


Joined: 25 Nov 2006
Posts: 74
Location: The pinnacle of cynical


PostPosted: Wed Jan 24, 2007 4:18 pm Reply with quoteBack to top

@Azure Sonnet,

The HTML was created in MS Word so the activity that you see is related to your PC having to load tons of Office DLLs in the background to display it.

The HTML looks fine, can see nothing dodgy being done in there.

_________________
You are a creature of the white devil - Barrister George
View user's profileSend private message
Stepan Fetchit
Elite Baiter


Joined: 09 Nov 2005
Posts: 1977
Location: Anywhere but squaresville, man


PostPosted: Wed Jan 24, 2007 6:00 pm Reply with quoteBack to top

I see enough suspicious stuff to suggest a mod remove the link to the site which at the least, has nothing of value on it.

_________________
<center> <b>

<A href="http://www.dragonladies.org/bbs">Dragonladies.org</a>
View user's profileSend private messageYahoo MessengerSkype NameICQ Number
Stargate
Baiting Guru


Joined: 08 Feb 2005
Posts: 2301


PostPosted: Wed Jan 24, 2007 8:49 pm Reply with quoteBack to top

The only value is that this is visible to other members, and hopefully, they won't click on the link somewhere else.

_________________
Jolly Roger Mortar x20
View user's profileSend private messageSend e-mail
Dareth Ioggmao
Master Baiter


Joined: 18 Dec 2006
Posts: 171
Location: Somewhere In Time


PostPosted: Wed Jan 24, 2007 9:56 pm Reply with quoteBack to top

If you're going to access it, us a non-Microsoft OS and use a "throwaway" computer with a clean install. I've got an old Sun 10 Ultra running Solaris 10 that I use for things like this. If it even attacks the comp, I can reinstall the OS without any worries, as there is nothing on there anyway. I've also got a dedicated PC set up for my baiting. It doesn't link to any of my other PCs and it has no personal info on it whatsoever. (Well, except my baiter info. Smile ).

_________________
" I anticipate your unalloyed co-operation" - Gabriel Zigamur
"If i do not hear from you by then..I would have to do what i have to do..cos nobody runs away with my money.." - James Weir
View user's profileSend private message
wayne
Account closed at users request


Joined: 05 Dec 2005
Posts: 3630


PostPosted: Thu Jan 25, 2007 1:48 pm Reply with quoteBack to top

In addition to what Stepan's said, hee's some more info on it

Domain ID:D137792790-LROR
Domain Name:ANTI-SCAMMERS.ORG
Created On:20-Jan-2007 19:55:18 UTC
Last Updated On:20-Jan-2007 19:55:23 UTC
Expiration Date:20-Jan-2008 19:55:18 UTC

1 year registrations are an extra cause for concern if you think a site's dodgy.

_________________
Mortar x56
View user's profileSend private message
Redneck_Bob
Not quite a Newb


Joined: 07 Jan 2007
Posts: 36
Location: Moron City


PostPosted: Sun Jan 28, 2007 5:54 am Reply with quoteBack to top

@ Dareth...What an awesome Idea about the dedicated PC for baiting...I've got an older one that is in disuse...what a great use for it! Thanks!

_________________
The said fund is on a dormat account waiting for transfer .........Peter James

Roosevelt said walk soft and carry a big stick...Baiters say carry a big stick, and use it OFTEN on your lads!
View user's profileSend private message
Grundig
Not quite a Newb


Joined: 14 Feb 2005
Posts: 63
Location: Ministry USA


PostPosted: Sun Jan 28, 2007 11:53 pm Reply with quoteBack to top

seem,to be an attempt at a "BOT" scheme,,,,,Goggle the "Honeypot Project".It,ll explain it in more detail....

_________________
It is becose of you,I have lost my car and house
I have Invested 28,000 Dollors you have sent none
Barrister ekwuoba chambers
View user's profileSend private message
somejerk
Master Baiter


Joined: 12 Dec 2006
Posts: 104
Location: Between my computer and chair


PostPosted: Mon Jan 29, 2007 5:38 pm Reply with quoteBack to top

I looked it up on a school mac with no problems. Smile It's a poorly formatted list of links to legit Russian dating scam blacklists, anti-scam tips, and at least one baiter site.
View user's profileSend private message
Rusgirl
Not quite a Newb


Joined: 01 Nov 2006
Posts: 26
Location: Pindosia


PostPosted: Tue Jan 30, 2007 9:38 am Reply with quoteBack to top

Stepan is right.

82.211.136.12 is the IP of Mari El scammers. Whenever you see this IP, it means Mari El = scam. This site was created by scammers. I get quite a few of these "promotions", I am on their corporate mailing list. I have to dig through my mailboxes, as I have many. But I got smth like that, too.

Their other "creation" used to be http://detectiveclub.ru , but it was blocked by the webhost Wink
View user's profileSend private message
Dareth Ioggmao
Master Baiter


Joined: 18 Dec 2006
Posts: 171
Location: Somewhere In Time


PostPosted: Tue Jan 30, 2007 7:13 pm Reply with quoteBack to top

@Redneck_Bob

YW. I originally did it so that I could keep the gmail account separate, along with all the pics that I didn't want anyone else to see. It's also good since I can reformat and not lose any of my valuable data, should something go awry. You can either get a cheap KVM switch, or Google "VNC" for a free alternative to display the screen from one pc on another one. I have to do some rewiring in my basement, but I plan to move the pc to another room and access it that way. Then you are only limited by the number of ports on your router or hub/switch. (24-port ones are pretty cheap second hand.)

_________________
" I anticipate your unalloyed co-operation" - Gabriel Zigamur
"If i do not hear from you by then..I would have to do what i have to do..cos nobody runs away with my money.." - James Weir
View user's profileSend private message
Display posts from previous:      
This forum is locked: you cannot post, reply to, or edit topics.This topic is locked: you cannot edit posts or make replies.


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



** Find out information about your IP address **


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT