I’ve recently been in communication with the unfortunate victim of a physhing scam. She and I hadn’t talked for a long time except that recently her MSN seemed to have been sending me messages containing only a website and a winking smiley.
That’s odd, I thought, so I told her about it. She didn’t seem to know it was happening so I pointed her to a free Antivirus program and told her to try running that and scan her system at bootup. She said it did indeed find something and that it had fixed it. All seemed fine except that soon after I receved more of those messages whenever she logged on containing the website and a winking smiley.
Well this website turns out to be a physhing scam which collects your MSN details. Once you change your MSN password it would appear that the problem simply goes away.
If you check out their “Terms of Use” it reads as follows:
“.NET Passport Policy: We save your Passport username or password for further use of advertising from your MSN to your friendlist. You can change your password anytime to stop us sending messages these advertising messages.
Copyright: All content including Text & Images are the property of Blockdelete.com. Windows, MSN and MSN Messenger are registered trademarks of Microsoft Corporation. AOL and AIM are registered trademarks of America Online, Inc. ICQ is a registered mark of ICQ, Inc. Yahoo is a service mark of Yahoo. THIS SITE IS NOT AFFILIATED IN ANY WAY WITH MICROSOFT CORPORATION, AMERICA ONLINE, ICQ OR YAHOO.
Disclaimer: We do not take any responsibility for any error or omission by Blockdelete.com or Third Parties. And we are not responsible for any damage caused by anyone using our tools or directly by our tools.”
So their game is to subversively ask for your permission to send your entire friends list the same webpage you were suckered into logging in to. The fact of the matter is this tool doesn’t do anything you can’t do yourself without giving up your login credentials. You can see who has blocked you through widely available tools.
Let’s do a little digging, shall we? First I’ll find out where the site is coming from.
Here is what www.blockdelete.com resolves to: [89.149.242.248]
Using ARIN’s whois database leads us to the RIPE database which reveals that the perpetrator of this physhing scam is hosting their files in Germany.
I don’t know who is doing this but I’m sure it’ll be shut down soon. In the meantime, don’t click on any strange links your friends send you as soon as they log on to MSN.
Where the **** can i downoad this ****???plz tell me i really need it.
Alphones: I’m not really sure what you’re talking about. What do you want to download?
If this is a scam page where can i download this?
You want to download the scam itself?
Well just go to the site and save their information – supposedly it’s copyright and not to be used by anyone else, however.
Just install Pidgin and it tells you in the user stats who has blocked you and who still has you on their contact list.
http://www.pidgin.im/