Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Look out - website still into phising, scamming and spamming!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Look out - website still into phising, scamming and spamming! (Read 2390 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Look out - website still into phising, scamming and spamming!
«
on:
March 03, 2015, 02:59:32 PM »
See:
https://www.mywot.com/en/scorecard/amega.com
and poor qualification at Adquard's:
http://adguard.com/en/adguard-report/amega.com/report.html
The malware is being given as dead now, but I have sources that report it is stiil active:
http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=85.158.139.%
Site actually found to be taken down! amega.com,85.158.139.194,dns1.cscdns.net,Multiple IPs,
REGISTERED AND NO WEBSITE:
http://whois.domaintools.com/amega.com
The viruscontent in a virusviewer:
http://support.clean-mx.de/clean-mx/view_virusescontent.php?url=http%3A%2F%2Famega.com%2Fowa%2Fservice_directory%2Fsettings.php
Get no objects here now:
url scheme host path type query aid cid date patterns objects name affilition
hxtp://amega.com/owa/service_directory/settings.php hxtp amega.com /owa/service_directory/settings.php n/a 2015-03-03 14:55:10
But owa service means spam, and spam means owa service- so read here:
http://garwarner.blogspot.nl/2009/10/targeted-urls-in-spam-owa-settings.html
and owa service means phishing also, read:
http://www.phishtank.com/user_verifications.php?page=731&username=SuIsh
So do not click malis from such sources, forewarned is forearmed,
polonus (volunteer website security analyst and website error-hunter)
«
Last Edit: March 03, 2015, 03:24:35 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37507
Not a avast user
Re: Look out - website still into phising, scamming and spamming!
«
Reply #1 on:
March 03, 2015, 03:11:34 PM »
site is down
http://www.downforeveryoneorjustme.com/amega.com
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Re: Look out - website still into phising, scamming and spamming!
«
Reply #2 on:
March 03, 2015, 03:19:54 PM »
Hej Pondus,
Good reporting, Pondus, but you may be mistaken.
He fortunately did not open it. Lucky for us all I also get now: Error: Supplied URL could not be fetched.
Their owa service is down or was taken down, but mind you cannot look for a down website,
because they never had any website running from amega dot com.
But look out for other IPs here: amega.com,85.158.139.194,dns1.cscdns.net,Multiple IPs,
Knujon reports them all:
http://knujon.com/nameservers/DNS1.CSCDNS.NET.html
Also read:
http://dnstools.fastnext.com/index.php?fDNSreport=travellink.se
polonus
«
Last Edit: March 03, 2015, 03:25:19 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Re: Look out - website still into phising, scamming and spamming!
«
Reply #3 on:
March 03, 2015, 03:50:37 PM »
Here we see IP is up, but domain is LOCKED and SPAM reported:
http://www.whoismind.com/whois/messagelabs.com.html
Read about Domain Locking:
http://wiki.dreamhost.com/Domain_locking
pol
«
Last Edit: March 03, 2015, 03:54:31 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Look out - website still into phising, scamming and spamming!