URLVoid Blog

How to identify fake shopping websites

admin — Wed, 27 Nov 2013 16:08:07 +0000

When you want to buy something on Internet, you generally search for cheap clothes, or cheap shoes, but that is not always the best way to find a trusted and legit shopping website. Many scam websites are located on the top pages on Google search engine when you search for a brand name followed by […]

The post How to identify fake shopping websites appeared first on URLVoid Blog.

Malware: UPS Delivery Notification Tracking Number

admin — Thu, 24 Oct 2013 23:21:54 +0000

We recently logged some emails with attached two suspicious files: As you can see, the email has a subject and an address that may seem coming from the UPS, but in reality the email is a scam and it is used to spread as attachment a file named invoiceCM0V9ORWJF23KX8PAP.PDF.exe, that is the executable file of […]

The post Malware: UPS Delivery Notification Tracking Number appeared first on URLVoid Blog.

Google Translate used by spammers to bypass Anti-Spam filters

admin — Fri, 04 Oct 2013 11:57:05 +0000

Google Translate is a free service created by Google that translates any web page, content or document from native language to a language specified by the user that is using the service. We have noticed that some spam messages contain links to websites that use the service Google Translate to translate their page content, but […]

The post Google Translate used by spammers to bypass Anti-Spam filters appeared first on URLVoid Blog.

Phishing: PayPal Notice of Policy Updates

admin — Sun, 29 Sep 2013 11:27:39 +0000

Be aware, we have logged a lot of phishing emails that are targeting PayPal users on these days. The phishing email message looks like almost identical to the real PayPal message, but the link present in the message redirects the user to an URL shortener service. The malicious link present in the email is: hxxp://lnko.in/bhqr […]

The post Phishing: PayPal Notice of Policy Updates appeared first on URLVoid Blog.

Spam: New Product to Lose up to 15 lbs.

admin — Thu, 15 Aug 2013 16:15:28 +0000

We noted an increase amount of email messages that promote a new product that should help people to lose weight. All the email messages we have captured, redirect users to .RU websites used to promote some king of green tea product used to lose weight, that is of course a scam. This is one of […]

The post Spam: New Product to Lose up to 15 lbs. appeared first on URLVoid Blog.

WordPress-how-to-videos(dot)com Spreads Java Exploits

admin — Sun, 16 Sep 2012 01:13:15 +0000

When we analyzed few Twitter followers in one of our websites, we noted that there was an user that was following us, see the image: We have analyzed the website (infected): www (dot) wordpress-how-to-videos (dot) com The website wordpress-how-to-videos(dot)com is hosted at BSE Software GmbH and its current IP address is 82.220.34.22 (330.hostserv.eu). The server […]

The post WordPress-how-to-videos(dot)com Spreads Java Exploits appeared first on URLVoid Blog.

URLVoid API v2.0

admin — Thu, 09 Aug 2012 15:24:51 +0000

URLVoid API is a free service (for non commercial use) that allow users to query our database of already analyzed domains and receive, in XML format, detailed details about each submitted domain. The URLVoid API supports multiple domains in one single query, so you can submit 250 domains and receive details of each domains in […]

The post URLVoid API v2.0 appeared first on URLVoid Blog.

Phishing: PayPal Account Review Department

admin — Wed, 13 Jun 2012 11:40:40 +0000

Phishing email against PayPal users: Header details: Received: from mail14j.g14.rapidsite.net (mail14j.g14.rapidsite.net [128.121.64.175]) Received: from ca1-mx26.mlpsca01.us.mxservers.net (128.121.64.172) by mail14j.g14.rapidsite.net Received: from unknown [128.121.143.147] (EHLO mmm1430.rapidsite.net) by ca1-mx26.mlpsca01.us.mxservers.net (mxl_mta-3.1.0-05) Received: from unknown (HELO mikesmirnoff-%cf%ca.local) (marketing@77.50.19.97) Subject: Account Review Department Date: Wed, 13 Jun 2012 12:27:42 +0400 X-SOURCE-IP: [128.121.143.147] To:undisclosed-recipients:; Content-Disposition: attachment; filename="Account.zip" Attached there is a ZIP […]

The post Phishing: PayPal Account Review Department appeared first on URLVoid Blog.

Amazon.com Order Confirmation leads to Blackhole Exploit Kit

admin — Sat, 09 Jun 2012 21:40:10 +0000

We received few emails with subject: Amazon.com Order Confirmation Inside the email message there is a HREF link that redirects users to a malicious web page containing malicious javascript code used to redirect users to the main URL of Blackhole exploit kit: The Blackhole exploit kit URL is: GET /main.php?page=017f3bb5c2be6a41 HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE […]

The post Amazon.com Order Confirmation leads to Blackhole Exploit Kit appeared first on URLVoid Blog.

New Malicious Injected Code: Injection_head and Injection_tail

admin — Fri, 08 Jun 2012 22:29:16 +0000

We have logged few websites infected with a new injected javascript code that seems to target mainly the websites powered with WordPress and Joomla. Below there is a screenshot of the malicious script: As we can see from the image above, the injected code starts with: And it ends with:

The post New Malicious Injected Code: Injection_head and Injection_tail appeared first on URLVoid Blog.