As you have seen from my precedent posts in this period MSN Privacy Threat Domains signed a significative incrase. You can also see how methods and structures used in these domains are similar.
The same HongKong Domain runned with the same HTTP-Daemon, the same way of Tracking Cookie releasing and finally different advertised End Point Domains.
Now my question was “Is possible to reveal the presence of a Chain of Spam Informations between these sites?”
The response come out automatically yesterday, some time ago I’ve created a fake MSN Account and joined to one of these “Services”, precisely yopicz.com.
yopicz.com is one of the classical Domain spreaded through MSN, but with some basilar difference respect others one.
Let’s see the code:
<frameset cols=”0,*” frameborder=0>
<frame src=”pop.php” name=”">
<frame src=”indexx.php” name=”mainwindow”>
_uacct = “UA-3898830-2″;
In other words you’re redirected to awesomeoffers.info that is the advertised Website.
“By filling out this form, you authorize TST Management, Inc to spread the word
about this 100% real and upcomming Messenger Community Site.
You will receive your share of the credit in helping us spread the word. This is a harmless
Community site which is offering users a platform to meet each other for free.
We do not share your private information with any third parties.
This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).
simply bookmark this page for future reference.
You understand that this agreement shall prevail if there is any conflict between this
understand that by temporarily accessing your msn account, TST Management, Inc
After substribing to yopicz.com my HoneyPot account popped with various advices from
So this IS a CHAIN of Spam Websites that exchange/sends your credentials to the various domains!
If you receive other of these advices report me it, and I’ll dissect it
May the God of Paranoia be with you