Go Further with the Sex Blogger Community

Saturday, June 02, 2007

Potentially Dangerous Site

I received this email on Friday 01 June 2007 at 13:41 GMT:

Dear bloghub member,

Many have asked about uploading their site photo to your listing
at bloghub.com .

As of today, we have finally fixed the upload photo problem.
Login to your account @ bloghub.com and upload your photo if you have not do so.

Some secret to share with you.
Lsting with a photo get twice more traffic than one without any photo.

We hope your blog will get more traffic from our directory.

Have a nice weekend.

Btw, join me and other fellow members at our public forum at www.bloggerhub.com . See you there.


Need cheap web hosting, shoutcast, dedicated server or web design ?
Reply to this mail if you have any question or visit www.mxhub.com for our latest offers.

No longer with bloghub? Reply and we will remove you from our directory completely.

I thought it suspicious as I have never registered with this site.

When I clicked on the link to the site the error above was reported by McAfee. I did not of course allow the script to run. I would also advise anyone receiving this email not to click the “unsubscribe” link as my experience of such sites tells me that they may also contain suspicious scripting.
I would be very wary of this site and not advise anyone to go near it.

Tips for avoiding dangerous sites:

  • Don’t follow links on unsolicited emails, in fact don’t follow any link unless you trust the source of the email or web page its on.
  • Don’t try to “unsubscribe” by following links, this a) just confirms to spammers that your email address is a valid one and b) often takes you to a page with a software bomb on it.
  • Watch out for bad English or inconsistencies in the text. E.g. “Dear bloghub member” – “Login to your account @ bloghub.com”, but the site URL is “bloggerhub.com”. The first sentence too reads very badly too.

I have checked the email and it came from a sever in Texas at So I'm assuming it orginated in the US. (helo=devil.xtardns.com)

WHOIS tells me that the registration is anonymous:

Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL:
Name Server: NS1.XTARDNS.COM
Name Server: NS2.XTARDNS.COM
Name Server: NS7.XTARDNS.COM
Status: clientDeleteProhibited
Status: clientTransferProhibited
Updated Date: 15-mar-2007
Creation Date: 10-dec-2004
Expiration Date: 10-dec-2007


Anonymous Anonymous said...

I got that email too, but not remembering signing up for it, I treated it as Spam and marked it as such.

Makes me wonder where they picked up our email from, possibly through SBC.

Sat Jun 02, 02:38:00 pm GMT  
Blogger Alex said...

The email address is easy, if you've ever used it within a comment on a blog (within the text that is, not against a WordPress comment as part of the commentter info), put it on your site or sent an email to someone who has a virus on their PC ... spammers will get hold of it. Robots scour blogs all the time for email addresses so they can send you adverts for Rolexes, Viagra and penis enhancement patches.

I suspected it was a dodgey site, but thought I'd investigate. We have thoroughly up-to-date AV protection so I was safe, McAfee caught it.

Sat Jun 02, 03:30:00 pm GMT  
Anonymous Louis said...

I've linked to this post from the ABH news blog. The more people who know about this the better.

Sat Jun 02, 08:03:00 pm GMT  
Blogger Mistress160 said...

Thank you for posting this Louis!

Tue Jun 05, 05:19:00 am GMT  
Anonymous Anonymous said...

Good post!

Mon Jun 11, 07:57:00 pm GMT  

Post a Comment

Links to this post:

Create a Link

<< Home