As you may know, Paul and Robin Laudanski and I started PIRT recently, a project to take down phishing sites. It’s doing gangbusters and sites are getting shut down at a rapid clip (if you want to volunteer to be a takedown handler, we constantly need help — click here).
Well, sometimes it seems some ISPs just don’t care that much. Take the example of WebNames in Russia.
Here’s the email:
—– Original Message —–
From: “WebNames.Ru Support” <support @ webnames.ru>
To: “CastleCops PIRT Squad”
Sent: Wednesday, April 12, 2006 12:26 AM
Subject: Re: [PIRT #4291] Chase Phish site on your networkCastleCops PIRT Squad пишет:
CastleCops PIRT Squad Report 4291It has been discovered that a Chase phish is currently operating at
location(s):This domains will be checked and disabled in a two days [my emphasis]
—
Regards, Michail Egorov,
WebNames.Ru technical support
Two days? Huh? Hey WebNames, what’s up, you trying to protect somebody? These are still live, as I post this blog, stealing people’s money.
Alex Eckelberry