Gmail scam

Just read an interesting article about a new Gmail phishing e-mail that's being sent around the net. The full article can be read here: http://5thirtyone.com/archives/845#comment-50706

I decided to do some investigative work and see what I could figure out about the person running the scam. Their server's based in China, so obviously nothing will ever be done about it. It's unfortunate that there's no international law against spamming/scamming/phishing, etc. All people have to do is purchase an offshore server and voila! Instant identity theft. The results of my investigation, and my reply to the post, are posted below:

===============================================================
Just figured I’d putt around on the fake website. I tried going directly to the login.php page and got a table that looks like this:

Warning….You may ingore this…!!!!You have set to get upload/attachments in your email from form, however, you have not set temp folder path, where your image would be save Please Set this path in variable “$TempFolder”

Warning….You may ingore this…!!!!However, If you don’t specify the path, then uploaded files will be store in the folder ” /home/fabio20/public_html/gmailupgrades// ” Is this ok ?Just for your information

What do you wish to do with uploaded files, after sending those file with email as an attachment to you ? Do you wish to keep upload files or wish to delete? If you wish to delete your uploaded files after sending an email to you,set option to “0″,like,”$DeleteUploadFiles=0″, if you wish to keep the uploaded files set this to “1″, Currently it is set to “0″

Obviously the guy’s running a linux server with the username fabio20. A whois.net search on the domain name returned these results:

Registrant Contact:
name– DNS MANAGERorg– ABSOLUTEE CORP. LTD.
country– CN
province– Hongkong
city– Hongkong
address– FLAT/RM B 8/F CHONG MING BUILDING 72 CHEUNG SHA WAN RD KL
postalcode– 999077
telephone– +00.85223192933
fax– +00.85223195168
E-mail– gm2827655711104@absolutee.com

It’s the same information for all sections of the whois.net result.

I checked the domain the e-mail was registered at, and didn’t pull up an actualy website. Rather, I googled the domain section of the e-mail and found that a lot of scammer e-mails come from that domain. It’s probably something offshore, maybe Hong Kong also. I didn’t bother doing the whois.net search on it, but if anybody’s bored you can do it.

Just wanted to throw this information out there for everyone to look at. I know it’s not super important or anything. It’s too bad that these people make so much money from scamming and phishing. If only people would begin to wisen up and not trust e-mails asking for verification of usernames and passwords. Alas, this problem will always be around.
===============================================================

Just make sure you don't fall for this scam. I'm sure a lot of people are going to anyway, because the site is actually pretty convincing. You can check out the original site at www.gmailupgrades.com *DO NOT INPUT YOUR ACTUAL LOGIN INFORMATION*

Remember, information is power.

-Andrew