You are currently browsing the archives for the Is it as it seems? category.
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Mar | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 | ||
- Internet Development (2)
- Is it as it seems? (3)
- Life (2)
- March 25, 2008: Is it a scam?
- September 6, 2007: Expiring Domains
- August 29, 2007: Lassie 1993 - 2007
- August 28, 2007: Sharing Lassie
- August 20, 2007: A close look at Spammers…. The Pharmacy America Trusts
- August 13, 2007: It's all so confusing...using words to grab a market!
- August 13, 2007: A close look at Spammers....The United States National Medical Association
Blogroll
Archive for the Is it as it seems? Category
A close look at Spammers…. The Pharmacy America Trusts
August 20, 2007 by kim.milton.
I just checked my Spam folder and found a new take on a previous Spam.
The link on this page navigates to http://dolmisdes.cn/p/?&pid=1359 again! Going back through my spam folder, there are 12 email messages over five days with the same subject.
So, I searched the web for My Canadian Pharmacy Ltd (listed as the actual company on the website) and the first result (through Google) is My Canadian Pharmacy - Spamwiki. Wow, this is a very bad Spammer and Thief!
The underlying link is:
http://sethnw.cn/?EILJSMWFxVW3VcW19AWl9CW1tBXkEdV1pc
Whois: sethnw.cn
ISP: Hutchison Global Communications
Organization: HK Cable TV Ltd
Location: JP, Japan
Look at what country the domain is currently being hosted in:
Whois: dolmisdes.cn
ISP: CABLEVISION S.A.
Organization: CABLEVISION S.A.
Location: AR, Argentina
The pictures are being hosted in other country’s:
IP Address: 222.240.146.82
ISP : CHINANET Hunan province network
Organization : CHINANET-HN Changsha node network
Location : CN, China
and
IP Address : 85.92.131.183 [ 85-92-131-183.twiki.magsoft.nl ]
ISP : Hostlab BV
Organization : Webteam ISP
Location : NL, Netherlands
and
IP Address : 193.95.254.71 [ 193.95.254.71 ]
ISP : SiOL Internet d.o.o
Organization : Alcad d.o.o.
Location : SI, Slovenia
and
IP Address : 152.160.50.35 [ 152.160.50.35 ]
ISP : ICNet/Innovative Concepts
Organization : Gelman Sciences
and
IP Address: 213.215.118.41 [ gw118-41.imafex.sk ]
ISP: GTS INEC a.s.
Organization: Liptov Network
Location: SK, Slovaki
This Pharmacy site is not from Canada. The people who created this Spam are linked to credit card fraud, identity theft, and the creation and distribution of child pornography. Most likely the above Service Providers don’t have a clue that there is a problem. What’s nice is that we can share information and make educated decisions as consumers.
Posted in Is it as it seems? | No Comments »
It’s all so confusing…using words to grab a market!
August 13, 2007 by kim.milton.
On 8/10/07 I received the following email:
The link goes to a site with the following logo:
But the site address is at:
http://cb.adprofile.net/lrs/68/index.html?OID=6523&nopop=1&xid=0&CID=110368&SID=310996
Obviously this is an adverting campaign so I navigated to christianfamilyloans.com and found this (a search portal from information.com):
With a popup window for this (you’ll see this company again):
OK, so There is no ChristianFamilyLoans.com, there is a search portal and an Ad for Low Rate Source. So lets go back to the original email and start over. The email link opens this page:
The addresses listed on the Contact Us page are for christianfamilymorgage.com (this page loads a Server not found error)
The address listed on the About Us page is for lowratesource.com (this page loads the LowRateSource site)
I can go on but I think I have found the company. I’m not saying there is anything wrong with this company, I don’t have enough information to know for sure.
My Opinion:
If I were looking for a Christian business I would look elsewhere.
Something to think about:
This email and resulting link, have made reference or navigated to the following sites:
- shoppersavin.info (sending site)
- cb.adprofile.net (linked site)
- christianfamilyloans.com (linked site logo)
- christianfamilymorgage.com (email reference)
- lowratesource.com (email reference)
Posted in Is it as it seems? | No Comments »
A close look at Spammers….The United States National Medical Association
August 13, 2007 by kim.milton.
I received the following email and seven others like it (except for the from email address) over the last six days:
The email account that received the spam is one from my website. I never register for anything with this email. The from address could be masked by the sender so I kept it private.
They claim to be: US NMA (US National Medical Association) at http://www.us-nma.com/.
- By typing the site address in a web browser, an error page loaded: Error 404 Not Found, The document you requested is not found.
- The link properties are: http://sethnw.cn/?EILJSMWFxVW3VcW19AWl9CW1tBXkEdV1pc
- When the link is active, the site that loads is: http://dolmisdes.cn/p/?&pid=1359 ( A Canadian Pharmacy)
While looking over the website I located the Contact page. The site has a form for reporting spam so I did. I’ll let you know if I hear back from the company.
Update:
The email shown about came in as I was writing this Blog entry so I went back and grabbed a screen capture for the most current spam. Funny thing happened when I clicked on the link, Sever not found for sethnw.cn. I think the Canadian Pharmacy shut down the Spammer. This is a good example of a company that uses an Affiliate program for advertising and an Affiliate that abuses the system.
Not everything online is as it seems!
Kim
Posted in Is it as it seems? | 1 Comment »