Last month, I made a posting called Spoofed Emails Make Me Look Like Dodgy Software Saleman …. I’m now beginning to see the bigger picture after I followed through the initial investigation after receiving another email spam today.  My interest was piqued because the spam was very different but the final web page destination was not!

It pointed to http://formarnione.com/ which, if it’s still going, is the same as http://lierkaser.com/ from last month.  The website is registered like so:

Domain Name: FORMARNIONE.COM
Reseller…………..: PlanetDomain
Created on…………: 8 Nov 2008 07:02:16 EST
Expires on…………: 8 Nov 2009 07:02:16 EST
Record last updated on: 8 Nov 2008 07:02:16 EST
Status…………….: ACTIVE
Owner, Administrative Contact, Technical Contact, Billing Contact:
Joan Vairo (ID00391833)
11 Bay Point Drive
Toms River, NJ 08753
United States
Phone: +1.2127734859
Email:

You can find it on google maps here:
View Larger Map

Further fishing, took me to this forum post on FraudWatchers, say, and to this very informative website which everyone should bookmark immediately! http://spamtrackers.eu/wiki/index.php?title=Main_Page

A host of highly informative stuff is in the root http://spamtrackers.eu but for now, let’s go here to:

…. which is all about the very problem I’m poking with my metaphorical stick.

Today’s site, formarnione, isn’t listed, which is hardly surprising when you read all the information.  A key bit is the link to Leo Kuvayev who has been responsible for a shed-load of nasties for years.

Whack his name into Google.  Bizarrely, for someone so nefarious, he has less online pictures than a mafioso!  There are 4 identical ones, all on spock.com, but whether that’s him or not – he just looks too nice and smiley for words!

Anyway, I’ve done a few spamtracker suggestions, including using the wacky little tool called “The Complainerator”   :-D    It’s quirky, but works!  Now let’s see if our friends in the Far East at http://59.63.157.213/ actually do anything.

EuroMarketSoftware security details! n.b. Firefox address bar NOT green!

The forged software website, http://eurosoftmarket.com/  stays mostly constant because the “secure” purchase area is sub-domained off like https://secure.eurosoftmarket.com/!  What you make of the security is your business.  I just know that Firefox doesn’t go green, even though there is some sort of certificate…  Check the (wide, I know) picture.

But I tell you, the funniest thing about the whole shebang, is right at the very bottom, next to the “money back policy” and “terms and conditions”, they have the audacity to put the following phrase:

© Euro Software LCC`2005-2008

Ha Ha Ha Ha Ha Ha

• My Prosper Internal Rate of Return Update (End of Jun 07) = 5.75% This is a RateLadder only IRR update. (An IRR lender “game” update is in the...
• My Prosper Internal Rate of Return Update (End of Jly 07) = 0.57% This is a RateLadder only IRR update. (An IRR lender “game” update is in the...
• My Prosper Internal Rate of Return Update (End of September 07) = 0.61% This is a RateLadder only IRR update. (An IRR lender “game” update is in the...
• Geithner Introduces Foreclosure Plan, Bank Stocks Tank Yesterday President Obama allowed Geithner and his Treasury Department to once again speak to the...
• Twitter Weekly Updates for 2009-11-22 kjwriteleft.com Breaking the New White Australia Policy http://is.gd/4Vsbu # kjwriteleft.com Breaking the New White Australia...
• Curvalicious: A New Romance Line by Karen Jones, guest blogger and Promotions Manager for Accomplice Press.com Accomplice Press is proud...
• Week in Tweets Ending 2009-04-19 FREE FLV Download And Editing Software (http://ping.fm/eMTm3) # Thanks for the RT @jeffrose: RT @jwcorbett:...

Related Posts by Tags

• MyBookface, Google, Utah and Nevis Scamboys United (9)
• Robert G Allen, Grants, and a Credit Card Slimeball (37)
• Google Treasure Chest – it’s a scam and a half! (274)