Updated Information
Update May 17, 2009: These and new sites are still stealing MSN Passwords. Among the new sites I have discovered:
LikeThatStuff.com
MegaCoooL.com
PictureFreakz.com
Update April 1st, 2008: As Cheyenne wrote in the comments, the site seems to have moved to www.friendpics.info! Do not enter your password data in there.
Update March 31st, 2008: It seems like partypicz.info is no longer an active website. I still would suggest you to change your password.
Original Message:
I have just received a MSN message from a friend of mine. The only content of the message was to http://HER_NAME.partypicz.info (or http://NAME.friendpics.info). Because I know she likes parties and pictures I was not to suspicious.
On the page is a login box which asks for YOUR MSN LOGIN credentials. This made me suspicious and I scrolled down a little. And there it was: The pure evil.
Quote:
Terms of Use / Privacy Policy:
By filling out this form, you authorize TST Management, Inc to spread the word
about this 100% real and upcomming Messenger Community Site.
You will receive your share of the credit in helping us spread the word. This is a harmless
Community site which is offering users a platform to meet each other for free.We do not share your private information with any third parties.
By using our service/website you hereby fully authorize TST Management, Inc to send messages of a commercial nature via Instant Messages and E-Mails on behalf of third parties via the information you provide us. This is not a “phishing” site that attempts to “trick” you into revealing personal information. Everything we do with your information is disclosed here. If you are under eighteen (18), you MUST obtain permission from a parent or guardian before using our website/service.This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).
ANY LIABILITY, INCLUDING WITHOUT LIMITATION ANY LIABILITY FOR DAMAGES CAUSED OR ALLEGEDLY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT,
DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, SHALL BE STRICTLY LIMITED
TO THE AMOUNT PAID BY OR ON BEHALF OF THE SUBSCRIBER TO THIS SERVICE.We may temporarily access your MSN account to do a combination of the following:
1. Send Instant Messages to your friends promoting this site.
2. Introduce new entertaining sites to your friends via Instant Messages.This is a free service. You will not be asked to pay at any time.
You will not be subscribed to anything asking for payment.
This service is made possible by many hours of human effort.TST Management, Inc reserves the right to change the terms of use / privacy policy at any time without notice. To view the latest version of this privacy policy, simply bookmark this page for future reference.
You understand that this agreement shall prevail if there is any conflict between this agreement and the terms of use you accepted when you signed up with MSN. You also understand that by temporarily accessing your msn account, TST Management, Inc is NOT agreeing to MSN’s terms of use and therefore not bound by them.
This agreement shall be construed and governed by the law of the republic of Panama. You expressly consent to the exclusive venue and personal jurisdiction of the courts located in the Republic of panama for any actions arising from or relating to this agreement.
If any provision of this agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability shall not effect any other provisions of this agreement, and this agreement shall be construed as if such invalid, illegal or unenforceable provision had not been contained herein.
Please take a closer look at the bold and marked text. If you have ever entered your data or login details I advice you to immediatly change your password!
But this shows again how easy you can trick people to enter their login details…
Thank you for sharing this info. It just happened to me as well, a friend of mine sent me this through MSN Messenger and i almost checked it out. Thank you!
Thanks for the warning! For fucks sake, I got the message from the most stupid person in my msn list … as was to be expected xD
Thanks for the heads up.
I received a the same message from one of my MSN contacts who was offline at the time. I thought it a little odd so googled it and found this page! Lucky because i almost put in my password!
Hi! I’m so stupid that received the instant message from an offline contact, and clicked on it…
But the thing is that the page didn’t load, it showed the typical MS Explorer error when a page is not found or unable to load. Does anybody have further information about this trick? Does anybody know if i’m possibly infected? Thanks a lot guys!
i have a friend who signed up on there and now all her friends keep getting messages, including me.
once you’ve signed on a way you might be able to get away from it is to change your password, they’ll still have your old one and not be able to log in.
Yesterday, I received a the same message from one of my MSN contacts…
hi!
first, excuse me for my english…
I’ve recieved this message from one of my contacts. I’ve signed up. And now my friends recieve this same message.
I’ve changed my password, but must I do anything else?
Well, you can not do much more than changing your password. if your friends are still receiving the message, let me know and i will investigate more.
thanks a lot!
Thanks for pushing this out there. I just got the same type of message from a different website called http://www.friendpics.info. Must be a clone using the same dirty ethics. I posted and dugg my blog entry here, cause I couldn’t find anything on Google regarding this site.
http://www.cheyennejack.com/blog/index.cfm/2008/3/31/friendpicsinfo-phishing-legally-maybe-Dirty-still-the-same
This scam is also hosted at 0sev.info and potentially numerous other addresses. (I read about one that does not work anymore in another blog.)
Hello, I received a message to look at http://very.c0olstuff.info
That is also TST Management, Inc
http://www.whois.net/whois_new.cgi?d=c0olstuff&tld=info
Thanks heaps for the heads up! I made sure I googled what people were sending me before I decided to click on it!
Someone should report the new site they are on now and shut them down. They are nothing but a bunch of wasted space anyway…
Anyway keep up the great work!
Cheers!
Now is moved to nameofyourcontact.imagehosters.info
That is really annoying.
Domain Name:IMAGEHOSTERS.INFO
Created On:22-Apr-2008 14:59:45 UTC
Last Updated On:22-Apr-2008 15:26:53 UTC
Expiration Date:22-Apr-2009 14:59:45 UTC
Sponsoring Registrar:eNom, Inc. (R126-LRMS)
Status:TRANSFER PROHIBITED
Registrant ID:a1c2f5cd1d7
Registrant Name:Mark Bradley
Registrant Organization:TST Management, Inc
Registrant Street1:edificio Magna Corp – 5th Floo
Registrant Street2:
Registrant Street3:
Registrant City:PANAMA
Registrant State/Province:PANAMA
Registrant Postal Code:0000
Registrant Country:PA
Registrant Phone:+507.2021577
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:tstmanagement@gmail.com
Admin ID:a1c2f5cd1d7
Admin Name:Mark Bradley
Admin Organization:TST Management, Inc
Admin Street1:edificio Magna Corp – 5th Floo
Admin Street2:
Admin Street3:
Admin City:PANAMA
Admin State/Province:PANAMA
Admin Postal Code:0000
Admin Country:PA
Admin Phone:+507.2021577
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:tstmanagement@gmail.com
Billing ID:a1c2f5cd1d7
Billing Name:Mark Bradley
Billing Organization:TST Management, Inc
Billing Street1:edificio Magna Corp – 5th Floo
Billing Street2:
Billing Street3:
Billing City:PANAMA
Billing State/Province:PANAMA
Billing Postal Code:0000
Billing Country:PA
Billing Phone:+507.2021577
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:tstmanagement@gmail.com
Tech ID:a1c2f5cd1d7
Tech Name:Mark Bradley
Tech Organization:TST Management, Inc
Tech Street1:edificio Magna Corp – 5th Floo
Tech Street2:
Tech Street3:
Tech City:PANAMA
Tech State/Province:PANAMA
Tech Postal Code:0000
Tech Country:PA
Tech Phone:+507.2021577
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:tstmanagement@gmail.com
Name Server:DNS1.REGISTRAR-SERVERS.COM
Why not to send an email to this fucking stupid??
I don’t think that this mail account really exists. And if it exists it isn’t in use or you will not get any answer. If you would make such a site…would you answer the complains of the people??
The postal code 0000 is very implausible too.
mfg
DC
I keep getting these from someone on my MSN buddy list. Same guy is sending them out (Mark Bradley at TST Management, Inc.) but the link has changed (as of 2 May 2008) to the following:
http://wickedi17.h0st1.real.awes0mestuff.info
is there any virus or dangerous object on the page? or it simply asks for the account and pw?
@letelet
I haven’t checked lately and I can not guarantee for anything. If you suspect a virus or something you better run an anti-virus scanner.
Yes, i scanned with nod32, but nothing was found. The page moved again, so i can’t even send a copy to the virus labor. But the worrisome thing is yesterday evening an ie window just popped up, and showing me ads. I don’t know what was that. But thank’s anyway.
I received such a message too. But it looks like the site now has moved to checkimg.info (IP: 210.56.53.224).
It’s still out there guys as friendpics. I stupidly entered my password dammit!