Humanbeing Posted yesterday at 07:01 PM Share Posted yesterday at 07:01 PM (edited) Pretty much all WHMCS sites and their billing functions, ordering etc are being spoofed and proxied maliciously. For example: https://www_whmcs_com.gamelaunch.goldwin.com/ To check if your site is also targetted, simply replace the first part in the URL with your domain. What could be done to prevent this? Edited yesterday at 07:02 PM by Humanbeing 0 Quote Link to comment Share on other sites More sharing options...
bear Posted yesterday at 07:35 PM Share Posted yesterday at 07:35 PM That fails SSL checks, so never loads. I don't see how that's "spoofing" anything since it shows in the URL field as www_whmcs_ and so on, and again, won't load. How is it you even came across this unloadable URL? 0 Quote Link to comment Share on other sites More sharing options...
Humanbeing Posted yesterday at 08:02 PM Author Share Posted yesterday at 08:02 PM (edited) All whmcs functions (search, login, ordering, etc.) are being replicated in realtime on a malicious proxy site. How is that not a serious security concern? Not all customers can verify correct URLs in the address bar. Spoofing is when a URL mimics a legitimate website to deceive users into visiting fraudulent sites, often to steal login credentials or download malware. A number of whmcs sites are affected. I provided whmcs's own website as an example. Edited yesterday at 08:04 PM by Humanbeing 0 Quote Link to comment Share on other sites More sharing options...
bear Posted 23 hours ago Share Posted 23 hours ago It won't load for me at all. May be my browser or my security software (which says it's a malicious site), but it refuses. If nothing in yours says it's a bad idea to visit, I'd be concerned. 0 Quote Link to comment Share on other sites More sharing options...
Damo Posted 21 hours ago Share Posted 21 hours ago Report the parent domain to the abuse address of the network hosting it. Thats about all you can do. This is not specific to WHMCS sites and its poor form to suggest people put their own website address in to it. 0 Quote Link to comment Share on other sites More sharing options...
Humanbeing Posted 21 hours ago Author Share Posted 21 hours ago 2 minutes ago, Damo said: Report the parent domain to the abuse address of the network hosting it. Thats about all you can do. This is not specific to WHMCS sites and its poor form to suggest people put their own website address in to it. As stated above, whmcs sites are already actively copied and run by the offending server. Putting your address hasn't got anything to do with it. 0 Quote Link to comment Share on other sites More sharing options...
Damo Posted 21 hours ago Share Posted 21 hours ago You can put any address in and it will 'actively' (as you say) pull and display the content. This site is not for WHMCS sites specifically. 0 Quote Link to comment Share on other sites More sharing options...
bear Posted 10 hours ago Share Posted 10 hours ago https://www.reddit.com/r/neocities/comments/1ptjfvd/gambling_site_imitating_neocities_sites/ 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.