msn-block.com scam goes international
In the last 2 months, I reported about a nasty phishing scam known as 'msn-blocked.com' that ask the users to type their MSN user name/password and then use their log-in details to connect the server of MSN/Live Messenger and send a fake invite messages to all the contacts of the user.
This Web site also send the users to msnpass.info Web site, which is used to sell my freeware MessenPass utility by using the payment system of Allopass. You can read more about this scam, in the previous posts of my Internet Scams section.
Until now, msn-blocked Web site was in french language, and targeted only users that speaks french.
But now the owner of this nasty scam decided to go international and created new versions of msn-blocked and msnpass.info Web sites in multiple languages, including English. The user that browse into these Web sites automatically get the right language according to the language settings of the Web browser and there is also a flags toolbar to select the right language.
This means that Internet users of many countries that were not affected by this scam until now, including all Live Messenger users in United State, are now vulnerable to this scam.
Since I discovered this scam, around 2 months ago, I tried to contact any company/ organization that can help to stop this scam right away, including well- known companies like Microsoft and GoDaddy. Unfortunately, it seems that these companies don't care that their services are used for Messenger spamming and phishing scams.
Here's a partial list of companies that received my complaint about msn-blocked scam and didn't do anything to stop it:
- GoDaddy: GoDaddy is the domain registrar of all domains used for this scam, including msnpass.info, msn-blocked.com, msn-block.info, msnblocks.com, msnapps.net, and possibly a few others.The Web site of GoDaddy says that "We do not allow our customers to send mass unsolicited e-mails, or spam" and they even provide a special spam report form to report about spammers. They also have an option in their form to report about IM Spam, which is exactly what msn-blocked Web site does.
So I sent my entire report about msn-blocked.com to GoDaddy, even twice, but so far, there is no any response from them.
- Domains by Proxy: This company provide a 'privacy protection' service that hides the real details of the user that Registers a domain. It's a very good and useful service, as long as it's used by legitimated Web site owners, but unfortunately, this service is also used by scam owners like msn-blocked.com that want to hide their identity.
Like GoDaddy, this company also says that they don't allow to their customers to send spam and they also provide a form to fill a complaint about a spammer.
I also send them my full report about msn-blocked.com scam, and exactly like GoDaddy, they simply don't answer.
- Microsoft Live Messenger Team: The entire scam of msn-blocked.com Web site is based on connecting the MSN/Live Messenger servers and flooding the contacts of the user with fake messages. The team of Live Messenger servers can easily block the IP addresses of msn-blocked Web site and bring down this scam right away.
I reported about this scam to the team of Live Messenger, by using their feedback form and as a comment in their Blog. I also know that I'm not the only one that reported them about the msn-blocked scam.Unfortunately, like the other companies, the team of Live Messenger don't bother themselves to do anything with this issue, even when they can easily shut down the scam by making a few changes in their Firewall.
Maybe now, when this scam also targets English speakers, and will probably start to spread in United States very quickly, Microsoft will understand that they have to do something about it.
- Allopass: As I already reported in my previous posts, the owner of this scam sell my MessenPass software in msnpass.info Web site, by using the SMS payment system of Allopass.
As opposed to other companies, Allopass answered the messages I sent them about this scam, but unfortunately, they refused to stop working with the scam owner, saying that they cannot legally close the account and other excuses. Allopass also enjoys their part in the scam, because for each SMS code used by msnpass.info Web site, the revenue is shared between the scam owner, Allopass, and the phone company.
- EURO-WEB Servers renting: EURO-WEB is the hosting company that currently hosts the servers of msn-blocked scam. I sent a full report about the scam to the abuse email of this company, but their is no any response from them.
I hope that one of the above companies will finally decide to take action against msn-blocked Web site before it start spreading in United States and many other countries that were not affected by this scam until now.
There is only one good side in this story: Both Firefox and Internet Explorer blocks some of the Web addresses of msn-blocked Web site thanks to the phishing reports made by users. However, this Web site blocking only slows down the spreading of scam, but it doesn't really prevent it. The scam owner also constantly replace the domain name and host name to avoid the blocking by the Web browser.