Mode of Operation
You get an an instant message from your friend with just a link provided. Something like this http://yourfriendsaccount.hdd5.imagehosters.info. Following the link will yield a site like this.
Note: I am not affiliated with TST Management. This is a Phishing like site and I am posting their Policy so everyone can read it clearly, and be aware of their operations.
Please do not fill out their form unless you want to surrender some of your privacy!!!
Their Policy and Terms and Conditions
Note: Italics are my comments pointing out critical points with Bold highlighted areas.
By filling out this form, you authorize TST Management, Inc to spread the word about this 100% real and upcomming Messenger Community Site. You will receive your share of the credit in helping us spread the word. This is a harmless Community site which is offering users a platform to meet each other for free. Harmless and you provided them your email account and password. Amazing how the cons stress their innocence.
We do not share your private information with any third parties. By using our service/website you hereby fully authorize TST Management, Inc to send messages of a commercial nature via Instant Messages and E-Mails on behalf of third parties via the information you provide us. This is not a "phishing" site that attempts to "trick" you into revealing personal information. Everything we do with your information is disclosed here. If you are under eighteen (18), you MUST obtain permission from a parent or guardian before using our website/service.
Not a direct phishing attempt, but then why do you want confidential information like a password, from there they can get some your credentials and guess what your identify could be compromised.
This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).
ANY LIABILITY, INCLUDING WITHOUT LIMITATION ANY LIABILITY FOR DAMAGES CAUSED OR ALLEGEDLY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, SHALL BE STRICTLY LIMITED TO THE AMOUNT PAID BY OR ON BEHALF OF THE SUBSCRIBER TO THIS SERVICE.
We may temporarily access your MSN account to do a combination of the following:
1. Send Instant Messages to your friends promoting this site.
2. Introduce new entertaining sites to your friends via Instant Messages.
This is a free service. You will not be asked to pay at any time. You will not be subscribed to anything asking for payment. This service is made possible by many hours of human effort. You will pay for it by the spam and sacrificing your privacy.
This agreement shall be construed and governed by the law of the republic of Panama. You expressly consent to the exclusive venue and personal jurisdiction of the courts located in the Republic of panama for any actions arising from or relating to this agreement. Want to take a trip to Panama to contest this, or fight it?
If any provision of this agreement is held to be invalid, illegal or unenforceable for any reason, such invalidity, illegality or unenforceability shall not effect any other provisions of this agreement, and this agreement shall be construed as if such invalid, illegal or unenforceable provision had not been contained herein.
Copyright 2008 TST Management, Inc
Now TST Management sites have come under many different name. Here is a list, from what I can gather from a few other blog and websites. It isn't a complete listing, but at least some of their aliases.
pooop.info, srys.info,rkntbp.info, vnxpkf.info, yzxvsn.info, jcyhzr.info, vnxpkf.info, xrsnbt.info, dytgms.info, qpcbkt.info, yqbzfj.info, yxwzmq.info, psnkcq.info, sxwmkr.info, tqxycj.info, wcmbsj.info, rhqwcp.info, qmnfct.info, rsbkdg.info, zjdgxq.info, mxbpkr.info, xjctsp.info, rhqwcp.info, mgtwdn.info, kfytsj.info, dsbpzg.info, gmnzby.info, dbnyzc.info, jcyhzr.info, dsbpzg.info, dbnyzc.info, bzjnxd.info, zjdgxq.info, qvsgwy.info, cdystp.info, hmybqw.info, yvmjzc.info, vmytks.info, nhcswv.info, ztmrcj.info, wkfbmt.info, fvkgcz.info, zcxrjb.info, jtyqkv.info, xhzsrg.info, hqnxmv.info, srbgxz.info, pghzvq.info, bgpmwr.info, ndkzcy.info, tpyhzx.info, etc...
According to the followup links: The whois on these sites lead to Panama and from there to the Blue China Group, Ltd located in Hong Kong. There is a possibility that it is a virus by some of the sources too.
So pass the word along. And here are some links to followup with.
Your Defense - Revision 2009/01/09
Alright: From the comments and from observation.
What happens if you got toke by this site.
1. Immediately - Without delay - change your password.
2. Tell your friends, odds are they are going to get spimmed from this from now on. If TST got your friends email addresses from your accounts, they have now added your friends email accounts to their list.
As to virus infection, I don't think so. But there are dangerous Websites out there with hacker HTML scripts. But it would be a good idea to run an antispyware like Lavasoft, Spybot S&D, and antivirus program on your computer.
Your greatest defense is 'Don't give out your password' , don't submit it to any website asking you for it (except your email site). This isn't a bad rule even for social network sites like Facebook, Twitter, and so on. No needs access to your accounts. If they say find your friends - do yourself a favor enter them manually.
Updates on new TST Sites.
This is just recent within the week of May 29 2008
Update for June16, 2008 The following sites can be added to the growing list:
- adp0int.info h0t-pics.into
Summary of Sites provided by comments:
- <MSN name>.xmas-party-pics.com
- <MSN-my name>.holliday-pics.com
- <MSN-my name>.zopblob.com
- <MSN-my name>.all-part-pics.com
- <MSN-my name>.gone-wild-party-pics.com
- <MSN-my name>.new-year-party-pics.com
Scams and Phishing
More by this Author
Rob Benwell is having problems, that it's a "Buyer be aware policy" when purchasing his products. He is the author of Google Annihilation, bloggingtothebank, Auto Blog X, Blogging Espionage,Bloggingtothebank...
A key feature in todays computer system is UUID numbers. For Linux users this tells which hard drive your root system is on, and critical to booting up. Without it your boot will fail, and you need to find the proper...
What are the top 10 popular breakfast cereals? And more importantly how do they rank for their nutrition. Good, bad or ugly.