This is a heads up! Beware of this Spammer! He has increased our member numbers dramatically by creating new member names.
LottoCoordinator, Gold Stike Lotto,Lottery Manager are just a few names this Spammer uses to access PHP accounts. He's been using the WebMail Module to Spam the heck out of people. We finally caught on and put a stop to his business on our site. Apparently he has been blacklisted numerous times.
Here is a copy of the letter he sends out from your WebMail:
It's absolutely crazy on the amount of mail he sent out using our site.
International Promotions/Prize Award Department
Dear Winner,
RESULTS FOR CATEGORY "A" DRAWS
Congratulations to you as we bring to your notice, the
results of the First Category draws of LUCKY STRIKE
LOTTERY UK. We are happy to inform you that you have
emerged a winner under the First Category, which is
part of our promotional draws. The draws were held on
the day prior to your notification and results are
being officially announced . Participants were
selected through a computer ballot system drawn from
2,500,000names/email addresses of individuals and
companies from Africa, America, Asia, Australia,
Europe, Middle East, and Oceania as part of our
International Promotions Program.
You/Your company, attached to ticket number
6422-5-486, with serial number 59-18 drew the lucky
numbers 33-92-78-05 (1 and consequently won in the
First Category.
You have therefore been awarded a lump sum pay out of
£6,500,000 (Six million, five hundred thousand Great
Britain Pounds), which is the winning payout for
Category A winners. This is from the total prize money
of £13,000,000 shared among the 2 winners in this
category.
CONGRATULATIONS!
Your fund is now deposited with our transfer agents
CASH CHANGE UK LTD and insured in your name. In your
best interest and also to avoid mix up of numbers and
names of any kind, we request that you keep the entire
details of your award strictly from public notice
until the process of transferring your claims has been
completed, and your funds remitted to your account.
This is part of our security protocol to avoid double
claiming or unscrupulous acts by participants/non
participants of this program.
We also wish to bring to your notice our end of year
premium stakes draw where you stand a chance of
winning up to £50 million; we hope that with a part of
your prize you will participate.
Please contact your claims agent immediately for due
processing and remittance of your prize money to a
designated account of your choice:
Mr. Andrew Young,
Foreign Department Manager,
Cash Change UK Ltd
Foreign Service Number: + 88216 4665 5376
Tel: +44 2070600695
FAX: +44 2079002649
EMAIL:finan_direct1@cashchangelimiteduk.org
You are advised to contact our agents by both email and
fax within a week of receiving this notice. Failure to
do so may warrant Disqualification.
NOTE: For easy reference and identification, find
below your reference and Batch numbers. Remember to
quote these numbers in every one of your
correspondences with your claims agent.
Well well well!! Thanks to the spammer we were suspended! Very nice!! Totally uncool!
UndergroundHydro Lieutenant
Joined: Nov 08, 2004
Posts: 199
Location: London, England
Posted:
Tue Nov 30, 2004 11:15 am
lol, wasn't with SurfSpeedy was it ???
I only say because i've been getting server overload on the server my site is on, and got told tonight that they've terminated someones account that was causing the overload.
Last edited by Prophet on Tue Nov 30, 2004 12:12 pm; edited 1 time in total
Prophet Captain
Joined: Mar 14, 2004
Posts: 422
Location: Florida, USA, Earth, Space
Posted:
Tue Nov 30, 2004 11:47 am
I have the IP addresses of some of your Lottery spammers. 81.199.84.12 and 82.206.150.211
I ran a search through my database using ...
Code:
SQL-query:
SELECT `username`
FROM `nuke_users`
WHERE `username` REGEXP 'Lotto'
LIMIT 0 , 30
Result for 'Lotto':
Username: lottocordinator
User email: smartballlotto@yahoo.com
User IP: 81.199.84.12
Result for 'lot':
Username: lottcoord
User email: lottcoord@yahoo.co.uk
User IP: 82.206.150.211
Use the sql above to help locate them and block their IPs.
Change the REGEXP value to lottery, game, lotto, smartball or anything else that the spammer may use as an alias.
Nuke that bastard!
_________________ - Prophet
Get the Last Visit module (and others modules I designed) from my website! FREE! http://jasonlau.biz
And the telephone number has a redirect on it, most likely premium rate to nigeria, have emailed British Telecom to advise of possible scam (not sure though that number is actually BT's)
Well, we are working on getting the account up again. In the meantime, thanks guys for checking into that for us. Glad to finally get him out of our site. Even tho it took a drastic turn.
Prophet Captain
Joined: Mar 14, 2004
Posts: 422
Location: Florida, USA, Earth, Space
Posted:
Tue Nov 30, 2004 1:08 pm
One sure way to reduce this problem is to disallow the use of free email services when members register.
Most commonly people use free email services to do dirty deeds.
Forcing the use of paid services reduces that "oh so anonymous" feeling that people with malicious intentions get when they can change email addresses more often than they change underpants.
How can you do this? Very easy!
Open modules/Your_Account/index.php
There are 2 places you will need to edit.
One is located in the finishNewUser() function, and the other is in the saveuser() function,
Exactly after this line
Code:
$user_email = check_html($user_email, nohtml);
(line 353 and line 3519 in version 7.6).
Insert the following code
Code:
//
// FREE EMAIL BLOCKER
// add any email to block to the badmail array below.
//
$badmail = array('yahoo', 'mail.com', 'hotmail', 'freemail', 'mailinator');
foreach($badmail as $freemail){
if (eregi($freemail, $user_email)) {
die("<META HTTP-EQUIV=\"refresh\" content=\"2;URL=modules.php?name=Your_Account\">You cannot use Free email services here!"); }}
//
// END EMAIL BLOCK
///
Edit the $badmail array, adding as many blocks as you want.
This will prevent the new user from using email domains that you have listed. Existing members cannot later change to the blocked email after registration either.
Hope this helps!
_________________ - Prophet
Get the Last Visit module (and others modules I designed) from my website! FREE! http://jasonlau.biz
Last edited by Prophet on Tue Nov 30, 2004 1:49 pm; edited 3 times in total
Prophet Captain
Joined: Mar 14, 2004
Posts: 422
Location: Florida, USA, Earth, Space
Posted:
Tue Nov 30, 2004 1:12 pm
How about if everyone adds to the free email services list.
If you can think of a free email service that should be added to the $badmail array, post it.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum