Blog for hpHosts, and whatever else I feel like writing about ....

Wednesday, 26 October 2016

Ten Years of Cybercrime & Doing Time

Very little is left worth celebrating any more (Christmas, Halloween, birthdays, Easter, the new Star Wars film, they're all over-rated rubbish), but this is one of those that you have to celebrate.

Dear Tagged, still not learned?

I've been getting Tagged spam on and off for years (sometimes it stops coming in). Seems they've still not learned to act like an ethical and honest company, and instead have decided that acting like complete unethical wankers is a better idea.

For those wondering, no, I don't usually have HTML email enabled (picture wouldn't have made as much sense in plain text).

As Tagged still haven't learnt, I've expanded the block on them ........ let's see if they work it out (I'll not hold my breath).


Tagged spam - with a difference being sued - and about bloody time too! pays $750,000 over deceptive emails

Dear Tagged .... weren't you already being sued for this?

Microsoft, Google, Facebook, Tagged et al - they never learn

Wednesday, 21 September 2016

WARNING: Apple phishes

Been yet another influx of Apple phishes, all seemingly registered to the same individual, all using those lovely new gTLDs (cheers for that ICANN!).

The vast majority are housed on:

AS: 36352 AS-COLOCROSSING - ColoCrossing, US

With the rest on;

ASN: 36352 AS-COLOCROSSING - ColoCrossing, US

ASN: 20150 SERVERCRATE - CubeMotion LLC, US

Personally I'd suggest firewalling both the IPs and ALL of the new gTLDs, but that's just me. I'll leave the decision to you.

Saturday, 27 August 2016


Just an FYI folks, the issue with producing an HTTP 500 has now been fixed. Sorry for the delay.

Saturday, 6 August 2016 A lesson in screwing your users

Not content with the previous actions which at least used ads that weren't quite, it seems the owner of has gone further down the "lets screw the users" path, in an effort to peddle crapware.

If you've been keeping up, you'll have seen the previous post I did on them, if not have wander, I'll wait;

Now however, it appears the owner has thrown ethics and morals out of the window, users be damned. Now, if you happen on a thread that has certain keywords in the post, such as drivers, you'll see a link - but not a link the poster has put there themselves. No, this link goes to another domain owned by the same person that owns (John Fairbrother, Designer Media Ltd) - This leads unsuspecting victims to (paying more than SysTweak are they?).

And not surprisingly, it's the same story on his other sites;


Only difference here, is it's not going via, but via, to;


And on;




The disgusting parts here of course are;

1. These are not clearly marked as affiliate links/ads, but are disguised as regular links as if the posters themselves included them
2. They're leading to crapware
3. This is supposed to be a security forums, helping users clean up their machine - not have them get more crap on their machines!

By far the most disgusting however, and embarrassing for the rest of us, is the owner is supposed to be a Microsoft MVP!

Not surprisingly, these activities have landed his domains in hpHosts, with the MMT classification, and there they'll stay until this is stopped. Those of us that work in the security community are doing so to help users clean up and secure their machines etc. Those engaged in activities such as the above are doing entirely the opposite, for their own personal gain - users be damned, and this can not be tolerated.