MSN Credentials Theft


My MSN-honeypot catched in these moments another classical MSN Credentials theft.

The system used is the classical Offline Message sent by an already compromised contact.

Here the message:


Xxx scrive:
Xxx check out these awesome pics from the awesome party LOL

__________________________ presents a classical form that asks for

MSN E-Mail

MSN Password

and as usual the already see (please refer to my previous MSN releated blog posts) a disclaimer..

Now let’s investigate a bit on this domain..

ICANN Registrar: ENOM, INC.
Created: 2008-12-04
Expires: 2009-12-04
Updated: 2008-12-04
Registrar Status: clientTransferProhibited
Name Server: DNS1.REGISTRAR-SERVERS.COM (has 151,962 domains)

IP Address: Whois | Reverse-IP | Ping | DNS Lookup | Traceroute
IP Location Hong Kong – Hong Kong (sar) – Hong Kong – Ta_kung_pao

And finally we can see that is Whois Protected
Domain name:

Registrant Contact:
WhoisGuard Protected ()

3 Responses to MSN Credentials Theft

  1. notedscholar says:

    Wow. This is some confusing stuff!!

    Do you have a computer science degree?


  2. Glad Bee says:

    Great,thanks! keep the good job you doing here!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: