Allopass continue to support msnpass.info and msn-blocked.com scam Web sites.

A few days ago, I reported that Allopass company decided to close the account of msnpass.info scam. So it seems that they simply lied to me.
After a few days, I saw that msnpass.info Web site is still very active, so I contacted Allopass again, and now their representative says that they are not going to close the account.

The reason: The owner of msnpass.info told them that msnpass.info sell a software developed by msnpass.info team, and this Web site doesn’t sell the utilities of NirSoft at all.
This is probably the reason for the screenshot change, that I reported a few days ago.

The owner of msnpass.info created a fake screenshot of a software that doesn’t really exist, and told the Allopass company that msnpass.info sell the software shown in the screenshot, which doesn’t look like the MessenPass utility of NirSoft.

But according to reports that I received in the last days from 2 people that fell into msnpass.info scam, after users pay through the payment system of Allopass, they are still sent to download my MessenPass and Mail PassView utilities.
The fake screenshot in the landing page of msnpass.info was just created to give Allopass a good excuse for not closing the account.

The sad fact is – Both msnpass.info and Allopass company have interest of keeping msnpass.info account open and to continue making a lots of money from this nasty scam.

In the last few weeks, I was in contact with a few employees of Allopass company regarding this scam, and in all this time, they just wasted my time and protected the side of the criminals.
Instead of suspending the account of msnpass.info and require this Web site owner to stop the nasty MSN spamming activities and to stop selling the software of others,
Allopass simply sent my complaint to msnpass.info owner. msnpass.info owner answered them that he sell his own software and not my software, and Allopass simply accepted this answer, and decided to keep the account open.

Just to remind you again – msnpass.info and msn-blocked.com are a pair of scam Web sites in french that use very nasty way to get a large amount of traffic and… money.
The first one, msn-blocked.com – asks innocent users to type their MSN user/password, and then floods all their contacts with fake instant messages that invite them to join msn-blocked Web site, and enter their user/password too.
The second one, msnpass.info – offer the users of msn-blocked.com to purchase the MessenPass utility of NirSoft through the SMS payment system of allopass.com, misleading french users that don’t know that this utility is available for free at www.nirsoft.net.

For more information about how this scam works, read this post.

msn-blocked.com blocked by Firefox, so other domains are used

Due to complains of many users about msn-blocked Web site, Firefox and Google blocked this domain for ‘Reported Web Forgery’.
So the owner of this scam started to redirect Firefox users to other domains like msn-block.info, msn-blocking.com, msn-check.info, and possibly others.
msn-block.info and msn-blocking.com domains are already completely blocked by Firefox too, while msn-check.info is only partly blocked.

So for, Firefox/Google are the only good side in this world that do something against this scam.
I already reported about this scam to Microsoft (for MSN Messenger abuse), to GoDaddy (The domain registrar), to Domains By Proxy (the privacy protection company), to EURO-WEB Servers renting (the current hosting company), and to some other organizations that handle these kind of scams. So far, there is no any action from any of them.

4 Comments

  1. The MAZZTer says:

    You could place a warning in the about dialog and a popup on first run for all further releases that the software is available for free, and users should contact their credit card company to cancel orders made for the software with disreputable parties.

    Unfortunately this would not prevent those parties from just distributing the older versions.

    This is the solution that hackmii.com has chosen for their Wii homebrew software that has been stolen and sold similarly.

    You may want to try getting Allopass themselves shut down, try finding a parent company or webhost company or their domain name registrar using WHOIS. Send them links to your blog posts here and copies of your e-mail conversations with Allopass.

    If that fails you can try contacting law enforcement in the country where the msn-*.com and allopass web servers are located. Unfortunately it seems many still don't understand the basics of internet-based crime, so be sure to make clear from the start that this individual is running a scam to sell your software for his personal profit without your permission.

  2. Aaron says:

    I would recommend to any who contact you about having paid for this software to initiate a charge back on their credit cards. The reasoning should be something along the lines of fraud (selling someone's product without authorization) rather than failure to deliver goods or service. If enough of these are successful, the parties responsible will have trouble maintaining a merchant account to process credit cards.

  3. Nick says:

    The popup about the software being free is a good idea.

    Also while you are notifying various companies as noted in your post, you may want to notify security companies that offer anti-phishing/etc. website checking (like McAfee, Trend Micro, etc.) and also DNS companies like OpenDNS, EveryDNS, FreeDNS, etc. and those who might provide them phishing lists like Phishtank. I guess it's most relevant to get those companies and also ISPs providing the most services to french speaking users.

    Good luck and keep up the super sweet utilities, your work is awesome.

  4. Sander says:

    I reported msnpass.info to the google chrome team. They are not blocking it currently. 1 of their servers you mentioned in the other post (e.msnpass.info) does no longer exist. the a.* b.* c.* d.* and f.msnpass.info do still exist.

    An other strange thing about this site is that it does redirect '2.msnpass.com'; 4.msnpass.com and 5.msnpass.com to google.com, but by using a very long script. Pretty strange for a simple redirection…

Leave a Reply