How to stop phishing???

[Bender]

My sister in law got caught by some scammers and ever since I tried to get that site down, with no success.I reported the site to the host, and even to yahoo - no reply or action!!!
The site is encrypt3d.net .
Does anyone know what else can be done?
btw, if you pay them a visit, do not enter your yahoo details ;-)
Regards,
Daniel

 

[JuniperPark]

The only thing that can be done is tell your less-savvy computer friends to NEVER clink a link in an email where any kind of log-in is required, period. They have to type the site into the address bar.

 

[dotcomgiant]

i came across that site few days back. and i reported to netcraft. You can also consider it to do so.

download its anti-phissing tolbar and report :
http://toolbar.netcraft.com/

hope this works.

 

[Honan]

My sister in law got caught by some scammers and ever since I tried to get that site down, with no success.I reported the site to the host, and even to yahoo - no reply or action!!!
The site is encrypt3d.net .
Does anyone know what else can be done?
btw, if you pay them a visit, do not enter your yahoo details ;-)
Regards,
Daniel

Hi Daniel
What about the domain registration provider
http://easyhosting.com/page.asp?intNodeID=2600&switchlang=true
Did you tell them?
Presumably the whois is bs
Report that to http://wdprs.internic.net/

 

[DNGeeks]

The easiest way to report this type of scum is to take the spam report method. Report the abuse to the registrar and to the owner of the IP address. 95% of the time this works quickly.

http://ws.arin.net/cgi-bin/whois.pl
216.251.32.98 is the IP in question

OrgName: InternetNamesForBusiness.com
OrgID: INFB
Address: 500 East Broward Boulevard
Address: Suite 1700
City: Fort Lauderdale
StateProv: FL
PostalCode: 33394
Country: US

RTechHandle: ZI51-ARIN
RTechName: InternetNamesForBusiness
RTechPhone: +1-954-323-0075
RTechEmail: [email protected]

Send your abuse report to that address.

http://www.whois.sc/encrypt3d.net

Shows a number of places you can send complaints to. Tucows, look.ca, gmail, easyhosting.

Why gmail some may ask? They don't want to be associated with spammers/scammers. Most webmail companies will delete the account if they are shown to be associated with this type of site.

If you fling off 10 emails reporting this type of abuse you are almost guaranteed to have this resolved quickly. Make sure you use CC and not BCC. This way they can see that you are being serious about reporting this garbage.

Send in as much factual data as you can include. Traceroutes, whois, ip reports etc. Do not include attachments. In the body of your email specify the name of the company and the reason why they are receiving this email. Go to the companies website and copy the section of their TOS/AUP that the user is offending.

When companies see this much research they will almost always investigate.

Yes it's a lot of work, and this is why most spam/scam reports never receive the attention they require is because admins don't receive the information required.

I have received abuse reports saying "your user is abusing usenet" and a subject that was not copied, but typed out incorrectly. Now I've got to first try and find the subject and match it, confirm this is the post, identify the user, find out what the user is doing and finally make a decision. This can take an hour of my time, instead of just reading an email with clear and concise information, identify the user and cancel their account in less than 2 minutes.

Sorry for the long reply, abuse reporting is an art.

 

[dotcomgiant]

This is what i just received :

From: [email protected] <[email protected]> Mailed-By: netcraft.com
To: aloke m <[email protected]>
Cc: [email protected]
Date: Mon, 13 Feb 2006 05:13:01 UT
Subject: Thank you from Netcraft

The URL you recently submitted has been accepted as a phishing site by
the Netcraft Anti-Phishing Team.

URL:
http://encrypt3d.net/

.......
.......

The Netcraft Anti-Phishing Team

According to the info on their site, once a site accepted , they contact all the related authorities to shutdown the site .

Hope this helps..

 

[Bender]

thank you very much guys!
I did report them to look.ca, easyhosting and to yahoo, and I cannot believe that nobody took any action(it's been several days).
I know a recent incident with godaddy taking down an entire datacenter for a complaint- while they overreacted, no reaction is bad too.
Thank you again.
Best regards,
Daniel

 

[MrDude]

Well, By looking at his source he downloaded the whole page for free, Wonderfully from:
http://www.sweethost.de/index1.htm

Im sure somebody would like to report that to adsense, Ill work on taking the encrypt3d site down.

 

[RTM.net]

Agree with the recommendations to contact the ISP (and authorities if material loss was involved) and also... always type in your URLs in the browser.

IE 7 has an anti-phishing feature, but I have not experimented with it enough to pass judgement... the best approach is to be wary of any third party links (be they in an email, or on a thirdparty site....)

Rob

 

[gmac17]

i had my cc stolen a few weeks ago. First they bought a peoplefinders.com subscription to find out my address etc, and then they immediately started buying hosting accounts and put up a bunch of phishing sites. couldn't believe it.

BankofAmerica has a cool new feature where when you login they show you a picture (of your choosing - hundreds to choose from). They say "never login to your account unless you see this picture" - a pretty good system imo.

 

[Rarethings]

Another pointer that wasn't mentioned- always check for the https: (tells you an SSL is being used) followed by the full (correct) link.

 

[OgieOgalthorpe]

Site seems to be inaccessible (403).

 

[Bender]

yes, looks like someone did their job finally.
Thank you guys for the support

 

[MrDude]

I contacted Yahoo, (4 departments), The domain registrar and the hosting company DEMANDING they shut it down, And the site that provided him with the free script, Has been reported to google, and soon to clicksor, they are allready struggling with bandwith on their hacking site as it is