Last month, I made a posting called Spoofed Emails Make Me Look Like Dodgy Software Saleman …. I’m now beginning to see the bigger picture after I followed through the initial investigation after receiving another email spam today. My interest was piqued because the spam was very different but the final web page destination was not!
It pointed to http://formarnione.com/ which, if it’s still going, is the same as http://lierkaser.com/ from last month. The website is registered like so:
Domain Name: FORMARNIONE.COM
Reseller…………..: PlanetDomain
Created on…………: 8 Nov 2008 07:02:16 EST
Expires on…………: 8 Nov 2009 07:02:16 EST
Record last updated on: 8 Nov 2008 07:02:16 EST
Status…………….: ACTIVE
Owner, Administrative Contact, Technical Contact, Billing Contact:
Joan Vairo (ID00391833)
11 Bay Point Drive
Toms River, NJ 08753
United States
Phone: +1.2127734859
Email:
You can find it on google maps here:
View Larger Map
Further fishing, took me to this forum post on FraudWatchers, say, and to this very informative website which everyone should bookmark immediately! http://spamtrackers.eu/wiki/index.php?title=Main_Page
A host of highly informative stuff is in the root http://spamtrackers.eu but for now, let’s go here to:
…. which is all about the very problem I’m poking with my metaphorical stick.
Today’s site, formarnione, isn’t listed, which is hardly surprising when you read all the information. A key bit is the link to Leo Kuvayev who has been responsible for a shed-load of nasties for years.
Whack his name into Google. Bizarrely, for someone so nefarious, he has less online pictures than a mafioso! There are 4 identical ones, all on spock.com, but whether that’s him or not – he just looks too nice and smiley for words!
Anyway, I’ve done a few spamtracker suggestions, including using the wacky little tool called “The Complainerator” :-D It’s quirky, but works! Now let’s see if our friends in the Far East at http://59.63.157.213/ actually do anything.
EuroMarketSoftware security details! n.b. Firefox address bar NOT green!
The forged software website, http://eurosoftmarket.com/ stays mostly constant because the “secure” purchase area is sub-domained off like https://secure.eurosoftmarket.com/! What you make of the security is your business. I just know that Firefox doesn’t go green, even though there is some sort of certificate… Check the (wide, I know) picture.
But I tell you, the funniest thing about the whole shebang, is right at the very bottom, next to the “money back policy” and “terms and conditions”, they have the audacity to put the following phrase:
© Euro Software LCC`2005-2008
Ha Ha Ha Ha Ha Ha
Related posts:
- Even More on Baer Bank versus Common Decency/Law/Sense (WikiLeaks) More on the Julius Baer (un)Trust(worthy) goings on with WikiLeaks....
- Combatting WordPress Trackback Comment Spam Two WordPress trackback spams lead our hero to investigate their...
- Email Spam Trojans Hiding on Websites as MSNBC Breaking News Items For the past few weeks I suppose everyone has had...
- DHL Core Values under threat! German police get a disc with heaps of dodgy dealings...
- Scum Debt Relief Spammers from China via Live Spaces I decided to have a small investigation on (some!) of...
Related posts brought to you by Yet Another Related Posts Plugin.
[...] = ‘The State is in Danger, says a Return Spam Message from Eurosoftware’; Following on from my post a few days ago about EuroSoftware, I had an interesting spam [...]
Edit
[...] More Info on Eurosoftware (EuroSoftMarket dot con) [...]
Edit