Web Hosting Talk

Web Hosting Talk (http://www.webhostingtalk.com/index.php)
-   Running a Web Hosting Business (http://www.webhostingtalk.com/forumdisplay.php?f=6)
-   -   Check out this new customer (http://www.webhostingtalk.com/showthread.php?t=273729)


djstonefish 05-19-2004 11:05 AM

What he said..... ^

It is quite possible that it's a school web site, or some form of young enterprise type thing but you have to remember that, as the customer said: A lot of people have access to the account - so even if you believe your customer, they might pass on the details to somone else who goes and puts the phishing script up again.

I don't know about the US but the academic year's coming to an end here in the UK so no one's likely to be starting a web site up now are they?

buyourweb 05-19-2004 11:46 AM

We replied to his email asking what school and where it was located. Also let him know that all 3 companies where contacted with all his information and here is his reply.
Keeping up the entertainment factor for everyone.

Quote:

Sriwittayapaknam is the name of the school and it is
situated in Thailand, i will not use anymore the
domain, i will register new domain, it is really
shocking about the script i was hosting on my site! i
have deleted it from the site..i hope its not a
problem... !
Good social engineering skills!

djstonefish 05-19-2004 12:23 PM

hmm... that school already has a website at http://www.sriwittayapaknam.ac.th/

Where was the customer located (according to the details they provided)? and where does the IP trace back to?

EDIT: There's a web camera here (http://www.thaistudents.com/webcamera.html). Your customer could be any of those kids sat at their desks...

IHSL 05-19-2004 01:19 PM

Quote:

Originally posted by joekushner
sounds fishy...
Actually, I beleive the term would be; "Phishy", as it looks to me that the site is all primed to be a phishing site.

The illegal request for ebay card information would give me that impression.

And yes, Phishing is highly illegal, and the authorities do act on it, so long as proper proof is rendered.

an FYI:
Just because the card passes, doesn't mean the order is genuine.

Proceed at your own risk. If you need to ask on a public forum, whether or not you should accept the order, then you already have your answer, in my opinion.

Simon

2Grumpy 05-19-2004 03:39 PM

Ugh Thailand there's a big red flag already (sorry to anyone from Thailand/Indonesia/Russia/etc but any order I get from those countries is screened HEAVILY).

I dunno this really smells I'd still probably set it up but I'd keep an extremely close eye on their activities. I just hate to call someone a liar to their face until I've caught them red handed.

noimad1 05-19-2004 03:42 PM

This one seems extremely familiar to me. I recently had a customers sign up for a reseller account with us, then immediately started sending out spam messages...this one was for paypal though.

it said pretty much the same thing as that site said....that they needed you to update their information....then they gave a link with an IP address: http://ip/updatescript.

The signature was exactly the same:

The Paypal Billing Deptartment .

I canceled the account right away, and within an hour they signed up again with a different credit card.

I canceled that one right away and they never came back.

I called both credit card contacts and there was no answer. I traced the IP address, which was different in both instances, and it appeared to be from a proxy...

The funny thing is I had setup a filter to filter out all of his messages, so none of them were actually sent out....

There are some shady people out there....

dontknownutn 05-19-2004 04:31 PM

Is it even really worth it? All the time reading all these comments, checking this and checking that...all for a few bucks a month. If you question the legitimacy, leave it alone. Simple!

taketo 05-19-2004 04:47 PM

I wouldn't do anything. A mass mailing script does not mean that someone will use it to spam. I did make 2 programs (one in VB and one script based) to send mass mailings. I've sent approx 150.000 emails to my newsletters which is legal because these people have subcribed and did confirm their subscription. Mass mailing is not illegal. Only unrequested mass mailing is. If this guy is a spammer you will soon get complaints and then its time to remove the guy. Not before that...

Dan Grossman 05-19-2004 04:54 PM

Taketo, you obviously didn't look at the page. It wasn't just a mass mailer, it had filled in the email body which was requesting people verify their ebay accounts by providing a credit card at what looked to be an ebay address but was actually some random IP.

taketo 05-19-2004 05:01 PM

Quote:

Originally posted by Dan Grossman
Taketo, you obviously didn't look at the page. It wasn't just a mass mailer, it had filled in the email body which was requesting people verify their ebay accounts by providing a credit card at what looked to be an ebay address but was actually some random IP.
Oh...well then I wouldn't host him either ;)

When I had my URL redirection service someone was using my subdomain redirection to steal credit card information. Some people did email ME and ask me where they had to submit their credit card info to... That was pretty wired and of course I kicked the guy out and even reported him to the authorities.

taketo 05-19-2004 05:07 PM

I think I would let him pay and set up his account, then 5 minutes later I would find the content and shut the account down without refunding the customer. If he complains I would tell him that there is a 5000 Dollar contractual penalty for illegal content (which is true according to my terms) and that he should pay the money shortly. I am sure he wouldn't ever contact me again ;)

delirium 05-19-2004 06:47 PM

Quote:

Originally posted by taketo
I think I would let him pay and set up his account, then 5 minutes later I would find the content and shut the account down without refunding the customer. If he complains I would tell him that there is a 5000 Dollar contractual penalty for illegal content (which is true according to my terms) and that he should pay the money shortly. I am sure he wouldn't ever contact me again ;)
I dont think he would be stupid enough to leave a digital trail by using his own credit card to make payment. Then again he could be that pathetic :D

taketo 05-19-2004 10:17 PM

Well I think most of these guys are that stupid...

noimad1 05-19-2004 10:38 PM

Quote:

Originally posted by taketo
Well I think most of these guys are that stupid...
on the contrary...I think a lot of these guys are bright enough to cover their own trails....granted, there might be some dome ones out there, but a lot of them have thought it through pretty good.

rrdega 05-20-2004 07:14 AM

Quote:

Originally posted by noimad1
on the contrary...I think a lot of these guys are bright enough to cover their own trails....granted, there might be some dome ones out there, but a lot of them have thought it through pretty good.
I would tend to agree with this statement. By the looks of the techniques employed, whoever put that together is pretty sharp, and knows exactly what they're doing!

I think I would subscribe to the, "Not worth the time and headaches" line of thinking. But please do keep us posted! I'd be interested in whether eBay & Citibank respond to you...


All times are GMT -4. The time now is 09:54 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
© WebHostingTalk, 1998 - 2014. All Rights Reserved.