Saturday, July 7, 2007

ED Pill Store: new spam served by old "friends"

After a few "boring" days I got something new to play with today. A spam which tries to pass the spamfilters by supplying the main content in a PDF document



The spam is advertising the site www.upergimtwo.com, which turns out to be the well-known ED Pill Store:


My first thought when looking at the domain + hosting services used for this site was - ahhhh nothing like old chineese "friends". Domain is registered by Beijing Innovative Linkage Technology Ltd, dns.com.cn and site is hosted by China Network Communications Group (CNC Group), www.chinanetcom.com.cn.

I know these service providers from my time playing with Robert Alan Soloway and they are good, really good. Not good for me and you but good for the spammers because complaints doesn't seem to affect them at all. But my past experience will of course not affect me and I will ones again file a complaint.

It should be unecessary to mention but I do it anyway, of course the domain registration information is forged, there are no contact information on the site at all, there are an opt-out (email removal tool) that doesn't work and their secure payment process it not secure at all (credit card information send in clear text over internet). Nothing unusual there.

Unfortunately then ED Pill Store actually validates credit card information immediately, so I can't play my usual "Show me who looks at the orders" game without providing real credit card information, and doing that is not an option on sites like this.

So actually very boring and nothing really interesting about this spam mail right?.... well I save the good parts for my next post... because I of course found something interesting :-)

No comments: