Log In | Subscribe | | |

Anatomy of a webform fraud with one very strange feature

FCRO Subsection: 
Editorial Staff

As internet crime spikes with coronavirus related fraud, an oldie - the work for us and we'll pay you - fraud returns. The anatomy of this one is interesting.

This is the submission from a webform on one of our Group sites: DO NOT click on anything.

Submitted on Monday, 9 March, 2020 - 11:38
Submitted by user: Anonymous
Submitted values are:

Salutation: Miss
Your Christian or first name: Patricia
Your surname: Patricia Abel
Your e-mail address: patricia@interactivewise.com
Your company: CentTip Co.,Ltd
Your company's business area: CentTip Co.,Ltd
Country: Kiribati
Which business area are you enquiring about? : Nigel Morris-Cotterill -
seminars / speaker / media enquiry
Your enquiry:
Go Here To Review Our Service

Hi,

Interactivewise is a website that collects opinions from
webmasters/bloggers/business owners for Bing, Bluehost, etc.

We are looking for people like you to test our website.

They spend *,000,000,000 dollars each year collecting data, and then
improving their products.
Interactivewise pays to each member $ *** daily for their opinions.

Interested? Click here: https://www.interactivewise.co...

Looking forward to hearing from you,

Patricia Abel

^^^^^^^^
Unsubscribe: https://www.interactivewise.co...

I accept the legal and privacy terms: I accept the legal and privacy terms
Submission date / time: Monday, 9 March, 2020 - 11:37

IP Address: 117.93.34.18

Not terribly interesting you might think - until you look up the IP address.

Details for 117.93.34.18
IP: 117.93.34.18
Decimal: 1969037842
Hostname: 18.34.93.117.broad.yc.js.dynamic.163data.com.cn
ASN: 4134
ISP: China Telecom
Organization: China Telecom
Services: None detected
Type: Broadband
Assignment: Likely Dynamic IP
Blacklist:
Continent: Asia
Country: China cn flag
State/Region: Shanghai
City: Nanqiao
Latitude: 30.9161 (30° 54′ 57.96″ N)
Longitude: 121.4494 (121° 26′ 57.84″ E)

This information is provided by whatismyipaddress.com which reports that the IP address is listed in only four out of 80 blacklists.

The most interesting thing about this is that this very westernised form spam originates from servers in China. How likely is it that someone outside China is bouncing off a Chinese server? Not particularly we would guess but it's only a guess.

---------------- Advertising ----------------

--------------------------------------

 


 

Amazon ads

| |