Jump to content

Stolen WHMCS DB Spammers - name and shame


PhilB

Recommended Posts

It seems likely that with the disclosure of the WHMCS licencee list that we're going to need a nice central place to keep track of the immoral individuals who have used the leaked database to send spam to people who's contact details have been disclosed.

 

I've seen the post about "AJ Online Services" http://forum.whmcs.com/showthread.php?47640-WHMCS-Hacked&p=224127#post224127 already - but I haven't received a copy of their spam. I have however this evening received an unsolicited mass-bcc spam message from frogost - a company I have never dealt with - (sender address admin@frogost.net) pimping their HiPay Payment module. This has been reported to the host of their sending MTA as junk mail.

 

It goes without saying that any company that promotes themselves by such means can't be trusted to run any other part of their business in an honourable manner and you should steer well clear - to that end I (and doubtless others) would be interested to hear of anyone else abusing the leaked data in this manner.

Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply

Top Posters In This Topic

I just received an email from frogost.net as well. Needless to say I am very annoyed at the theft of my personal details. I've already had to renew my bank account twice in 2 years due to similar things happening and I might have to again.

Link to comment
Share on other sites

more people getting them from frogost.net??? I hope Matt or if Bear have access create a topic for public shaming. Allow threads to shame these sites. Google will pick it up in no time and anyone looking up reviews or information on them will see they are shady people

Link to comment
Share on other sites

Got the frogost.net this morning. Reported it to spamcop.

 

Seems like some dumbass kid.

 

Good afternoon,

 

would be interested in processing payments by Credit Card in your WHMCS?

 

You can do this through our HiPay Gateway for integration with WHMCS.

 

HiPay (hipay.com), is a company like Paypal, but enables its customers to pay by Credit Card and other 15 different types of payments (easy account setup without waiting or approval time). We provide you with a gateway that allows you to use HiPay in your WHMCS, similarly to how you probably already use Paypal.

 

We offer full support in setting up the gateway to your whmcs and the possibility of testing, totally free, the gateway for 7 days.

 

For a free license follow this link: http://www.frogost.com/en/cart.php?a=add&pid=47

 

Any difficulty in the installation please contact us, which will help you in everything you need for free. If you prefer support by msn: msn@frogost.pt

 

 

That is all. :D

 

Best regards,

Frogost.com

Link to comment
Share on other sites

reported frogost to spamcop also their supplier OVH and theplanet as these are the ones linked to the sending IPS

 

AJ Online Services have you seen this kids website so many broken links, i tweeted him to say he has been reported for using stolen info and guess what he closed down his twitter account as if that would help him

Link to comment
Share on other sites

frogost are hosted by godaddy.

 

email header shows

 

Received: from box2.frogost.net ([176.31.225.30]

 

http://whois.domaintools.com/176.31.225.30

 

IP location: France Ovh Systems

 

spamcop states

 

Report Spam to:

 

Re: 176.31.225.30 (Administrator of network where email originates)

To: abuse@vsnl.co.in (Notes)

To: abuse@ovh.net (Notes)

To: abuse@gblx.net (Notes)

 

Re: hXXp://frogost.com/en/cart.php?a=add&pi... (Administrator of network hosting website referenced in spam)

To: abuse@theplanet.com (Notes)

Edited by easyhosting
Link to comment
Share on other sites

email header shows

 

Received: from box2.frogost.net ([176.31.225.30]

 

http://whois.domaintools.com/176.31.225.30

 

IP location: France Ovh Systems

 

spamcop states

 

Report Spam to:

 

Re: 176.31.225.30 (Administrator of network where email originates)

To: abuse@vsnl.co.in (Notes)

To: abuse@ovh.net (Notes)

To: abuse@gblx.net (Notes)

 

Re: http://www.frogost.com/en/cart.php?a=add&pi... (Administrator of network hosting website referenced in spam)

To: abuse@theplanet.com (Notes)

 

I stand corrected :)

 

The domain is with godaddy :)

Link to comment
Share on other sites

  • WHMCS CEO

We appreciate everyone forwarding us a copy of the spam emails they are receiving - but please can I ask that you don't forward either of the 2 mentioned here anymore as we have enough copies of it! We have already passed them on to both the FBI and UK E-Crime Unit, along with the name & address details held for the licenses of both sites.

 

Matt

Link to comment
Share on other sites

spam from the same. Reporting. and will be doing the same for any other spammer. i think we need to take a pro-active stance on this. While i know we are in competition with each other. we can also work together (500,000+ clients) i would say we are a formidable force to be reckoned with is we just work together.

 

 

If you get spam from somebody you suspect to be using whmcs database details.

 

Make sure you are viewing full header (this works in thunderbird) Then hit forward, the full header will also be visible in the email and forward it to their hosting provider. Also make sure that you follow it up .

 

You can add your own message to the email just ensure it goes before the note saying "x sent this on y date". Ensure they know you intend following this up and are reporting the ipaddress to spammer blacklists.

Edited by disgruntled
Link to comment
Share on other sites

spam from the same. Reporting. and will be doing the same for any other spammer. i think we need to take a pro-active stance on this. While i know we are in competition with each other. we can also work together (500,000+ clients) i would say we are a formidable force to be reckoned with is we just work together.

 

I totally agree as these so called " we are emailing you this helpful info" brigade downloaded a STOLEN DB and then unzipped this and then decided to use this ILLEGALLY obtained personal information to SPAM others really to push their own businesses.

 

doing this they dont deserve to be in business.

Edited by easyhosting
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated