Select Page

As you may know, Paul and Robin Laudanski and I started PIRT recently, a project to take down phishing sites.  It’s doing gangbusters and sites are getting shut down at a rapid clip (if you want to volunteer to be a takedown handler, we constantly need help — click here).

Well, sometimes it seems some ISPs just don’t care that much.  Take the example of WebNames in Russia.  

Here’s the email:

—– Original Message —–
From: “WebNames.Ru Support” <support @  webnames.ru>
To: “CastleCops PIRT Squad” 
Sent: Wednesday, April 12, 2006 12:26 AM
Subject: Re: [PIRT #4291] Chase Phish site on your network

CastleCops PIRT Squad пишет:
CastleCops PIRT Squad Report 4291

 It has been discovered that a Chase phish is currently operating at 
location(s):

 http://mmn-chase(dot)com/…/ 

 This domains will be checked and disabled in a two days [my emphasis]

 — 
Regards, Michail Egorov,
WebNames.Ru technical support
 

Two days?  Huh?  Hey WebNames, what’s up, you trying to protect somebody?  These are still live, as I post this blog, stealing people’s money.

Alex Eckelberry