Results 1 to 24 of 24
  1. #1

    Angry Inmotionhosting.com apparently not worried about phishing sites...

    I don't particularly care to bash other webhosts, but this is ridiculous.

    Yesterday morning I received an obviously fake ebay email and decided to be a good netizen and report the site to the host - just in case they didn't know.

    The site in question is here: http://www.northlightsleep.com/saya/ - the image.php is the fake ebay website.

    It has been over 24 hours since I reported it to them, with the assurance that it would be forwarded to a sys admin. Since it was still up (I certainly hope it is gone by the time I post this), I decided to call back.

    I was told that they were glad that I called back, because they wanted to know how I found the site.

    Is it more important HOW I found the site, or more important that they know about it and remove it?

    Of course, I was told that it was being escalated to a sys admin again.

    Goody...maybe only a few more unsuspecting folks will fall for the trap and lose their personal information before the sys admin actually does something.

    Sorry for the rant, but this is inexcusable.

  2. #2
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Look like you might be jumping the gun here.

    The site you linked to redirects to a phishing site, the image.php is not actually the phishing site and it doesn't look like inmotion are the hosts for the actual illegal content. (If linking to it was illegal, you would have just opened WHT to the same problem)

    With this being the spamvertised site it should be acted on anyway, but it's not as bad as your post makes it sound for this host. Them disabling the spamvertised site would not prevent people reaching the actual phishing site and the host might need to confirm that the site was infact spamvertised as without that they make not have breached any of the host's AUP. Don't expect hosts to just believe what you say and take action without checking up on the facts or allowing the user to take action themselves first.
    Last edited by Wullie; 12-03-2006 at 06:09 PM.

  3. #3
    Quote Originally Posted by YetiHost-Wullie
    Look like you might be jumping the gun here.

    The site you linked to redirects to a phishing site, the image.php is not actually the phishing site and it doesn't look like inmotion are the hosts for the actual illegal content. (If linking to it was illegal, you would have just opened WHT to the same problem)

    With this being the spamvertised site it should be acted on anyway, but it's not as bad as your post makes it sound for this host. Them disabling the spamvertised site would not prevent people reaching the actual phishing site and the host might need to confirm that the site was infact spamvertised as without that they make not have breached any of the host's AUP. Don't expect hosts to just believe what you say and take action without checking up on the facts or allowing the user to take action themselves first.

    Perhaps you are missing the point. If they would simply delete that file, then no one would be able to get to that site from that file. Problem solved on their end. Instead, nothing has been done after 24+ hours.

    I'm sorry, but if someone reports something like this, it needs to be acted upon.

  4. #4
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Quote Originally Posted by Darph Bobo
    Perhaps you are missing the point. If they would simply delete that file, then no one would be able to get to that site from that file. Problem solved on their end. Instead, nothing has been done after 24+ hours.

    I'm sorry, but if someone reports something like this, it needs to be acted upon.
    Tell me then, if you are trying to get less people to reach the file, why did you post it here?

    You need to look at the big picture here, if they are not breaking the AUP of their host, the host has nothing to act on. By linking to the site they may not be doing anything wrong or nothing that the host requires immediate action on. The host could very well have provided them with xx hours to deal with this and that time may not have passed yet.

    You reported this as being a phishing site they were hosting, you posted here saying the same, but in reality you were wrong and they are not hosting it at all, it's just being linked to with a redirect. Just because you think it is wrong, does not automatically make it illegal and requiring immediate attention.

  5. #5
    Join Date
    Nov 2006
    Location
    USA
    Posts
    1,265

    Cool

    I agree with both of you, yes the site should be shut down, but yet if they are not doing anything that violates the AUP or Terms Of Service set forth by the host, then they can't just simply shut them down.

    That would be very bad business ethics, not mentioning could open the host up a lawsuit or somthing along that lines.

    Its good that you reported the site to them, but sometimes we as hosts just have our hands tied, not to much we can do about it, if the customer isnt breaking the rules.

    So i would suggest that we just sit back and wait for the host to deal with the issue, if there is one. Also why not report to the host that is actually hosting the web site

    Lane

  6. #6
    Just for the record, I never asked them to shut the site down. All they had to do was delete 1 file to keep people who don't know as much about phishing sites as you or I might from getting ripped off.

    Also, DeadEnd, I have been running a web hosting company for about 5 years now, so I do know how busy it gets. I also know how seriously I personally take things like this, which is why a 24+ hr resolution (if it is even resolved yet) horrifies me.

  7. #7
    Darph Bobo - I am sorry, but you are escilating things much further than they really are, and are being very stubburn about your side of the argument.

    The simple facts of this whole story can be summed up easilly.

    Inmotionhosting is hosting a user, who has a PHP file, which forwards to a phising site. This straight off is not a general AUP/TOS offence for most companies - most companies dont allow phishing sites to be HOSTED, but most of the time dont cover 'linking to phising sites'. Now, if they simply suspend that account - they have done this against the agreement made between that client and the hosting company, which means --- Lawsuit.

    Now, hosting companies can, as Wullie stated, offer a 'cool-down period'. This is a set amount of time(Host Decides) which they offer that particular client to delete the file, Usually 24, 48 or 72 hours. Doing so, then gives the web-host a defence(offering him a chance to remove the file, before manually deleting / suspending account).

    As to the web-host asking HOW you got this info, its quite simple to explain why...to stop it from happening. Web-Hosts(normally)have trained professional tech's who will be able to trace and pinpoint the malicious behaviour, and give the information to the correct people and authorities. Dont be so stubburn over the matter - feel yourself lucky that your not with a host that doesnt care at all.

    Regards,
    Liam Studham

  8. #8
    Join Date
    Nov 2006
    Location
    USA
    Posts
    1,265
    Quote Originally Posted by Fantasy-Hosting
    Darph Bobo - I am sorry, but you are escilating things much further than they really are, and are being very stubburn about your side of the argument.

    The simple facts of this whole story can be summed up easilly.

    Inmotionhosting is hosting a user, who has a PHP file, which forwards to a phising site. This straight off is not a general AUP/TOS offence for most companies - most companies dont allow phishing sites to be HOSTED, but most of the time dont cover 'linking to phising sites'. Now, if they simply suspend that account - they have done this against the agreement made between that client and the hosting company, which means --- Lawsuit.

    Now, hosting companies can, as Wullie stated, offer a 'cool-down period'. This is a set amount of time(Host Decides) which they offer that particular client to delete the file, Usually 24, 48 or 72 hours. Doing so, then gives the web-host a defence(offering him a chance to remove the file, before manually deleting / suspending account).

    As to the web-host asking HOW you got this info, its quite simple to explain why...to stop it from happening. Web-Hosts(normally)have trained professional tech's who will be able to trace and pinpoint the malicious behaviour, and give the information to the correct people and authorities. Dont be so stubburn over the matter - feel yourself lucky that your not with a host that doesnt care at all.

    Regards,
    Liam Studham
    I fully agree with your post. Very well organized and spoken.

  9. #9
    Let's see - I AM a web host, so I rather doubt I am with one that doesn't care.

    Do you people really not see how them hosting *just a file that links to a phishing site* is an issue?

    The email I received - the one that started all this - did not point directly to a phishing site. It pointed to this .php file which went to a phishing site. That in and of itself is an issue. If that email was sent to thousands of emails (just like mine) and it had that link in it, removing that link might save some people the grief of having their personal information stolen.

    Maybe I am being too hard nosed about it, but I don't think that giving these scumbags a chance to do more harm because it might incovenience this customer if their hacked file is deleted is an acceptable option.

    Quite honestly, this looks like someone's personal space on a company website that probably didn't have a secure password on it. They probably don't even know the file is there.

  10. #10
    Quote Originally Posted by YetiHost-Wullie
    Tell me then, if you are trying to get less people to reach the file, why did you post it here?

    You need to look at the big picture here, if they are not breaking the AUP of their host, the host has nothing to act on. By linking to the site they may not be doing anything wrong or nothing that the host requires immediate action on. The host could very well have provided them with xx hours to deal with this and that time may not have passed yet.

    You reported this as being a phishing site they were hosting, you posted here saying the same, but in reality you were wrong and they are not hosting it at all, it's just being linked to with a redirect. Just because you think it is wrong, does not automatically make it illegal and requiring immediate attention.
    BTW - responding to this from earlier - I did not post a direct link to the file, and I posted a warning as to what it really is. That is completely different than someone sending an email with a faked link in it.

    Also, had I not supplied the link, everyone would have been screaming for proof, so I would have had to post it anyway.

  11. #11
    Join Date
    Feb 2004
    Location
    Scotland
    Posts
    2,830
    Quote Originally Posted by Darph Bobo
    Do you people really not see how them hosting *just a file that links to a phishing site* is an issue?
    No I can't. If they want to link to a phishing site and it's allowed in their host's TOS and the law, then it's up to them and I am in no place to complain about that.

    However, if this site was being spamvertised and used to redirect users then I do see a problem, but I don't see why you are so determined that the host should just act on this without even wanting to know how you came across it.

    You have said you are a host yourself yet you are setting a poor example here by saying that you would just delete the file, even if you didn't have any legal right to do so. Your personal views should not be the deciding factor on issues like this, it should always come down to what you are allowed to and required to do by law.

  12. #12
    Join Date
    Aug 2006
    Location
    Australia
    Posts
    240
    if you're going to complain, find the host of the site it links to and tell them. Unless it's stated in the terms aup whatever that linking to a phishing site is a violation then by no means report it. But if it isn't warn them but, don't blame them for not reacting or doing anything about it, its a link.
    Your reading skill has increased by one point!
    computers are cool now OK!

  13. #13
    Well, I am absolutely stunned. Here we have 'hosts' that apparently think anything goes, as long as their TOS or AUP doesn't specifically forbid it.

    Well, let's look at it this way. Inmotionhosting.com has an office in California, and according to this article, phishing is illegal in California: http://www.computerworld.com/securit...105143,00.html

    So, according to that, a crime is being committed. Even though they aren't hosting the actual phishing site, by not removing the link, they are at least an accomplice to a crime. Do you think the police will care if it isn't mentioned in their AUP?

  14. #14
    Join Date
    Jul 2002
    Location
    Tasmania, Australia
    Posts
    34,798
    If it is ebay phishing, report it to ebay, they will take care of the rest Be sure to include the full headers.
    If you donít like the road youíre walking on, start paving a new one.

  15. #15
    Join Date
    Nov 2006
    Location
    USA
    Posts
    1,265

    Red face

    Quote Originally Posted by Darph Bobo
    Well, I am absolutely stunned. Here we have 'hosts' that apparently think anything goes, as long as their TOS or AUP doesn't specifically forbid it.

    Well, let's look at it this way. Inmotionhosting.com has an office in California, and according to this article, phishing is illegal in California: http://www.computerworld.com/securit...105143,00.html

    So, according to that, a crime is being committed. Even though they aren't hosting the actual phishing site, by not removing the link, they are at least an accomplice to a crime. Do you think the police will care if it isn't mentioned in their AUP?
    No offense, but Im sure if Inmotionhosting.com is commiting a crime they are long into getting things taken care of. But do keep in mind that as you put it, the owner of the site it commiting the crome not the server host. When you rent out somthing, it becomes the property of the client, even though the box may belong to them.

    So if what you are saying is true, then if the client is a resident of california, then he may be breaking the law.

    Lane

  16. #16
    Quote Originally Posted by anon-e-mouse
    If it is ebay phishing, report it to ebay, they will take care of the rest Be sure to include the full headers.

    I did, but only after giving the host time to take care of it themselves. I seriously thought they would react in the same manner I would, by removing the file or at least disabling it.

  17. #17
    Join Date
    Feb 2006
    Location
    Swellyville
    Posts
    2,340
    Quote Originally Posted by anon-e-mouse
    If it is ebay phishing, report it to ebay, they will take care of the rest Be sure to include the full headers.
    yup and you get a coffee cup too when you report it to ebay. Same with PayPal.
    <<< Please see Forum Guidelines for signature setup. >>>

  18. #18
    Quote Originally Posted by HostFrog
    yup and you get a coffee cup too when you report it to ebay. Same with PayPal.

    Great, and I don't drink coffee. Go figure...

  19. #19
    Join Date
    Feb 2006
    Location
    Swellyville
    Posts
    2,340
    Quote Originally Posted by Darph Bobo
    Great, and I don't drink coffee. Go figure...
    Sell it on ebay
    <<< Please see Forum Guidelines for signature setup. >>>

  20. #20
    While many members here (including me) understand the reasons for your actions,
    didn't it occur to you that OSPs (Online Service Providers) have no obligation to 3rd
    parties like yourself? You are a 3rd party towards the website in question, and the
    hosting provider doesn't have to do anything for you.

    If anything goes wrong, it's not your fault. You did what you could.

    Whether the host is an "accomplice" or not is for the law to decide. And the law is
    trying to catch up with technology's lightning-fast progress.

    You don't drink coffee!? Why!?

  21. #21
    Join Date
    Mar 2006
    Posts
    55
    Quote Originally Posted by Darph Bobo
    Even though they aren't hosting the actual phishing site, by not removing the link, they are at least an accomplice to a crime.
    You are utterly incorrect. In the US, internet service providers (including hosts) are legally shielded from the actions of their customers.

    Otherwise every ISP in the country would be an accomplice to piracy for example.

    Communications Decency Act, 47 U.S.C. 230(c)


    John Doe v. Franco Productions, et al.
    2000 U.S. Dist. Lexis 8845 (N.D. Ill., June 21, 2000)
    Court holds that those engaging in web site hosting activities are immunized by the Communications Decency Act, 47 U.S.C. 230(c) from liability arising out of their involvement, via those activities, in the dissemination or publication of information originating from third parties. Section 230(c)(1) provides that "no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider." The court held that those who provide web hosting services are service providers within the meaning of the CDA, and hence entitled to the immunity it provides. Said the court: "by offering web hosting services which enable someone to create a web page, [defendants] are not magically rendered the creators of those web pages. See 47 U.S.C. 230(c)(1). As such, plaintiffs' new characterization of [defendants] as web hosts neither prevents these defendants from being deemed service providers protected by immunity under the CDA nor makes them content providers unprotected by the CDA's immunity."

  22. #22
    Quote Originally Posted by Dave Zan

    You don't drink coffee!? Why!?
    Nasty stuff......plus, the Dr. said I can't have caffeine after my little heart problem.

  23. #23
    Join Date
    Jul 2002
    Location
    Tasmania, Australia
    Posts
    34,798
    Quote Originally Posted by HostFrog
    yup and you get a coffee cup too when you report it to ebay. Same with PayPal.
    pffft! Benefits of living in the states I guess. I have forwarded heaps to them but no coffee cup in site

  24. #24
    Quote Originally Posted by anon-e-mouse
    pffft! Benefits of living in the states I guess. I have forwarded heaps to them but no coffee cup in site

    If I actually get one, you can have it Mouse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •