Monday, December 11, 2006

Spam = Criminals. Always

In the past week since starting this blog, I have discovered a disturbing trend towards more and more obviously criminal activity being perpetrated by idiot spammers than has ever been seen in the past five years.

This should come as absolutely no surprise to anyone. Spammers are almost always tied to fraudulent activity, whether it's something seemingly innocuous like click fraud or something much more dangerous such as sales of fake pharmaceuticals or DDOS'ing a competitor's website off the map.

Last thursday, we started seeing several spam messages making the rounds touting a so-called "russian children's fund" under the domain "" (Nice choice of illiterate domain, assholes.)

The email contained nonsensical text and featured an attached gif which told you to merely type the "savechilds" domain into your browser. The image looked like this:

You'll notice it looks EXTREMELY similar to the following two spammed images as well, both of which were received the same day:

So we're clearly definitely dealing with a repeat, career spammer with obviously fraudulent background. If this same individual suddenly started telling me to start using FedEx I would immediately question the security of FedEx as well. Who would ever assume that this was legitimate when it's coming from an unsolicited source who is apparently also trying to sell you penis pills and attempting to pump and dump an obviously failing stock to you?

The site featured no security (of course) but claimed that all transactions were secure. Then went on to recommend sending your donation via Western Union, possibly the most obvious indication that these people were out to steal your money wholesale. Nobody should EVER send money via Western Union in my opinion and that of others. Lots of Nigerian scammers out there rely solely on WU for the receipt of fraudulent funds from hapless victims.

Then today I noticed that an old standby, Pharma Shop, was suddenly using slightly more JavaScript than usual on its site. That turned into a bit of a lengthy trail of breadcrumbs which ultimately led to evidence that they were actually attempting to perform a malicious install of a Windows virus in the background. (It failed, of course, because these idiots don't have a single brain cell that could cause them to write code that would not obviously expose their intentions.)

Pharma Shop domains have also been used as the mail domains for numerous 419 emails (nigerian scams, "sweetheart" scams, donation scams to fake religious groups, always located in either Romania or Nigeria.)

I am sick of these assholes constantly being given authorization to register their domains. Is nobody out there doing any kind of background check into these idiots and their stupid domain names? Isn't *anyone* paying any attention to this crap? Why does it always fall to an independent citizen like myself to expose these criminals' operations?

To whoever is behind those ridiculous Pharma Shop spam runs: your days are fucking numbered. Count on it. You are exposing more and more of your operation and you're probably thinking that you're pretty sneaky when in fact the whole world is really getting prepared to track you down, lock you up, and throw away the key so you can spend the rest of your days wondering why you boasted to so many people about how fabulously wealthy you were.

Die you ignorant scum bastards.



Anonymous said...

Well, I feel the same way & would like to get a law passed to cut off their hands and burn them at the stake. Even so, I do not think they should be underestimated. Some are not just fagot spammers like Michael Lindsay / iMedia Networks. Some are entire criminal organizations and some are Chinese and we all know how the Chinese do not seem capable of caring about others.

IKillSpammerz said...

Despite your racial epithets, I tend to agree with you regarding the criminality of these setups. I would argue however that they largely appear to be Russian or Ukranian in origin. Sure, some of them originate from China, but not nearly as many as appear to crop up from Russia specifically. That's the tougher nut to crack.

Fortunately some headway appears to have recently been made in that department, as this story will show.