Author |
Message |
PierreCaillou
Hello I'm New here!
Joined: 10 Dec 2018
Posts: 4
|
Posted:
Tue Dec 11, 2018 12:38 am |
|
Hello,
A friend recently was in trouble.
He receive an email telling him his email account was soon to be closed and he had to click on link... and you know what follows. Full email access, thank you!
He arrived on <Removed link, because why advertise for them and/or mistakenly send someone there? - bware419ers>. Enter email adress and password. And the next day all his contact received an email from "him" telling them "to keep it secret" but that he was very sick, had money problem, and so on, and that they should buy prepaid card (or something like that) to send him money.
Good thing is several of his friend called him about it and he could stop the trouble before people start buying such cards.
As he said : "in a way I feel deeply ignorant and stupid, in another way it's nice to know that people I barely know were ready to help me".
As his "computer friend", I had to do the cleaning: changing password, putting basic security advices in his small head and so on.
Didn't like however the 5hour it took me to do the full cleaning so if somebody can somehow make this scammer learn this is not a good thing to do, I would be very happy.
I had a look at the phishing website and was going to report it to "FAKE SCAMMER BANKS & SITES" however I looked the beginner advice and so I posted it here.
What amazed me by the way is that his phishing website has a DigiCert Inc certificate.
What should I do?
I got the original email and IP adress of the guy (if he didn't used tor): it was recorded by MS outlook. |
_________________ "Have you got anything without spam in it?" Monty Python.
Sorry for bad english: not my native language... |
|
|
|
Palmergeddon
Master of Master Baiters
Joined: 23 Dec 2017
Posts: 608
Location: Disoriented in Douala
|
Posted:
Tue Dec 11, 2018 1:57 am |
|
Yeah, that's a phishing site and something we don't deal with here. If you want, you can report it to Weebly yourself or someone in fake sites can do it for you, but as it's not really linked to 419 we can't get it put in the AA419 database. Great job on reading the stickies though, not a lot of newbies do that
SSL certificates are pretty common on fake sites. But as this site is just a free subdomain on Weebly, the one SSL certificate actually covers all of Weebly's websites and not just this specific subdomain.
Can you please post copies of the emails you have? That way we can have a better look at the scam he was linking in.
Thank you! |
_________________ you people are not serious at all i don't think you are ready to received your said funds $450,000,000.00 because if you do you won't be wasting my time as you have just done now
x 160+ // // //
x lots |
|
|
|
PierreCaillou
Hello I'm New here!
Joined: 10 Dec 2018
Posts: 4
|
Posted:
Tue Dec 11, 2018 11:51 pm |
|
Palmergeddon wrote: |
SSL certificates are pretty common on fake sites. But as this site is just a free subdomain on Weebly, the one SSL certificate actually covers all of Weebly's websites and not just this specific subdomain. |
Oki, I will try to see on weebly website if they as an "report offensive scam" page. In my country, website are mandatory to offer such page and if they don't remove it, they will be considered as an accomplice.
Anyway I contacted the SSL certificate company and told them about the problem and they said they were going to have a look on it. And if I was right, they were going to remove the certificate. They said they recently acquire some SSL certificate company and have not checked all of them.
Seems they don't want fool smelling publicity (such as: "if a website is certified by us, you can trust us it will reap your password and your money" )
Palmergeddon wrote: |
Can you please post copies of the emails you have? That way we can have a better look at the scam he was linking in. |
Of course but they are in French language. I put the translation below.
My friend's email is not in it so I suppose they put him as "bcc".
On one of other email he received later, only the "from" "to" and "cc" fields were different. As an example: "from: [email protected]" "to: [email protected]" and "cc:[email protected]".
Here is one example:
Code: |
De : L’équipe des comptes Microsoft <[email protected]>
Envoyé : lundi 3 décembre 2018 16:34
À : [email protected]
Cc : [email protected]
Objet : Re: " FERMETURE" DE VOTRE COMPTE --/ ENREGISTREMENT_RE--XY798417H REQUIS //
Votre messagerie sera temporairement bloquée pour continuer à utiliser nos services veuillez cliquez sur <a href=3D"https://hotmach.weebly.com/">Connexion</a> et suivez les instructions afin d'éviter les usurpations d'identité.
Merci,
L’équipe des comptes Microsoft
|
Translation:
Code: |
From: The Microsoft Accounts Team <[email protected]>
Posted: Monday 3 December 2018 16:34
To: [email protected]
Cc: [email protected]
Subject: Re: "CLOSING" YOUR ACCOUNT - / REGISTRATION_RE - XY798417H REQUIRED //
Your mail will be temporarily blocked to continue using our services please click on <a href=3D"https://hotmach.weebly.com/">Login</a> and follow the instructions to avoid identity theft.
thank you,
The Microsoft Account Team
|
Otherwise the text sent to my friends email contacts (using the fished email account) is quite basics, something like "I am in a deep trouble and I need money please could you help me".
If somebody answered, they were asked to buy prepaid debit card and to send the debit card number by email to pay for "my debts".
Basically the technique is quite new and good since you don't get the pirate address.
I donno how you may hunt such person. I suggest to create a fake email account with some address in it and go to the phishing website and then, maybe... I donno? Put some fake card number? At least you may have the possibility to chat with him.
IP address of the pirate (according to the recording of activities of my friend email account) is :
102.137.46.15
Quote: |
Great job on reading the stickies though, not a lot of newbies do that Thumbs up |
I've been in forum in the past and was blacklisted from at least one of them which was kinda dammin' strick with the rules.
And I feel quite concerned by this scam. I wish them to have them haemorrhoids the size of watermelon |
_________________ "Have you got anything without spam in it?" Monty Python.
Sorry for bad english: not my native language... |
|
|
|
Palmergeddon
Master of Master Baiters
Joined: 23 Dec 2017
Posts: 608
Location: Disoriented in Douala
|
Posted:
Wed Dec 12, 2018 12:17 am |
|
Excellent! I'm not sure you'll get anywhere on the SSL, because the one SSL certificate covers all sites hosted on Weebly. However, you can file a complaint with Weebly here: https://www.weebly.com/abuse
It does look to be just a standard phishing format. When they have access to anyone's account, they then send their spam format onto the friends list. The reasoning is that by pretending to be someone's friend, they are more likely to receive money from the victim. |
_________________ you people are not serious at all i don't think you are ready to received your said funds $450,000,000.00 because if you do you won't be wasting my time as you have just done now
x 160+ // // //
x lots |
|
|
|
BigBeautifulBaiter
Baiting Guru
Joined: 18 Jun 2015
Posts: 6848
Location: California
|
Posted:
Wed Dec 12, 2018 1:02 am |
|
Quote: |
Thank you very much for making us aware of this problem site. I have taken it down and disabled the responsible account.
Thank you!
Brian
Policy Enforcement Specialist |
All taken care of. |
_________________ x2 x75 x8
"i never knew what that idiot charles saw in you old slot fool"
"THEY ASKING FOR ONIONS AND GRAMS WHICH IS MEANT FOR THE INITIAL DEPOSIT FEE"
"nothing good can ever come out from stupid dawn and his family" |
|
|
|
Palmergeddon
Master of Master Baiters
Joined: 23 Dec 2017
Posts: 608
Location: Disoriented in Douala
|
Posted:
Wed Dec 12, 2018 7:08 am |
|
Thanks BBB! |
_________________ you people are not serious at all i don't think you are ready to received your said funds $450,000,000.00 because if you do you won't be wasting my time as you have just done now
x 160+ // // //
x lots |
|
|
|
|
|
View next topic
View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|