I just got the most ridiculous email spam ever:
Subject: corsin’s naked video
Body: Take a look at yourself 🙂
The text is linked to
hxtp://www.google.com/pagead/iclk?sa=3Dl&ai=3DYLlJXS&num=3D06193&=
adurl=3Dhttp://mood03.com/video.exe (do not download!)
As you can see, the spammers once again are abusing Google and Google AdSense to distribute their links. Hopefully Google will one day close this redirecting possibility, because normal web surfers trust a link that points to www.google.com in general more than one to an unknown website.
mood03.com is registered to:
RO. SA. SRL
Gaetano Gianfranco Sangrigoli (massimo@rosasrl.com)
VIA GAETANO BASILE, 77/F
RANDAZZO
Catania,95036
IT
Tel. +039.957992771
Fax. +039.957992771
The website itself looks legit. So the web server must have got hacked into.
Have you seen any emails like that one? Was there an other subject? Report it to the comments. Thank you!
Update
Other hijacked websites include:
- hxtp://grupoplaza.com/video.exe
I almost clicked !!!! The title was marcelo’s naked video, and when I saw it was a link from google I think is OK, may be one of those sites where friends make funny animations or something like that, when I saw it is an “exe” file I decided to check what is …. I still do not know what is but for sure NO FOR DOWNLOAD.
Google must do something with this kind of links!!
Just got the same today , title slightly different , it used the first word from my mail as title i.e. xxxx’ naked video.
Link is similar but diffeerent : http://www.google.com/pagead/iclk?sa=l&ai=XmWmew&num=74509&adurl=http://mood03.com/video.exe ( I repeat , DO NOT DOWNLOAD! )
I got it from an e-mail belonging to somebody that works in a welding company in Deutschland , I’m pretty sure without the knowledge of the sender’s.
“dmitri glenn” I got an E_mail from this person referring to mood03 site with the file is video.exe an executable file and not a movie, beware, lily really bad, don’t take the risk and open it
Marcelo:
You said “Google must do something with this kind of links!!”
They’re not psychic, we have to let them know.
So if you get one of these…
Please report it to Google quickly so they know to deactivate the pagead link – the quicker you report it the quicker they can take it out, so the less people will be caught by it.
NEVER run the exe file – if you accidentally download it – delete it.
I checked out some of these last week – they seem to be some kind of trojan or worm that is probably sending copies of itself to people from your PC and may be finding websites to put themselves on from your PC.
The exe files seem to all be hosted on sites that use templates to make them – they may be using SQL injection or something like that to get the files onto the sites. The ones I saw last week with my_foto.exe were on Joomla sites – presumably ones that had some vulnerable plugin module installed.
A problem with this is the fact that the people who need to use these kind of templates to build a website are often so non-technical that they don’t realise there’s bad files on their site, or maybe even how to get rid of them. If you can you should also contact the site owner, or failing that the hosting company that they use so someone can remove the exe file as well.
The longer these files stay on the website the more people will be tricked into downloading and running them, the more people will get
infected and the further the problem will spread.
If you get one of these emails – *you* can help!
@John
Thank you for your detailed message. I have sent an email to the owner of moo3d.com but no response so far and the file is still online.
Is there a special form where such incidents can be reported to Google?