Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Damn::VPS aka Thrust::VPS Phishing

Damn::VPS aka Thrust::VPS Phishing

NodeKidNodeKid Member
edited January 2014 in General

Got this little gem this morning (haven't been a customer in a very long time); obviously the return address is NOT Damn/Thrust but watch out!

This is a notification to let you know that we need to verify for reduce fraud.

We want your data as soon as possible.

The data that we need is as follows:

Server Username (Included)

Server Password (Included)

Full Name (Included)

Address (Included)

City (Included)

State (Included)

ZIP (Included)

Phone Number (For Call To Verify)

Country (Included)

Paypal Email(If Order With Paypal)

Paypal Password (If Order With Paypal)

Credit Card Information (If Order With Credit Card)

Scan Of Credit Card Front And Back (If Order With Credit Card)

Data is sent to Email : [email protected]

http://damnvps.com - Damn::VPS - We give a damn

Thanked by 3vedran klikli Asim

Comments

  • Anyone who falls for this fully deserves what he gets, and a Darwin award in addition.

    -

  • Yea I would never send all that info. Looks like it is time to find another host.

  • said: [email protected]

    I think that's the best part, haha.

    SonicBoxes.com - VPS Tips, Tricks & Tutorials
    6UA.net Various tools, screenshots, password gen, looking glass, etc..

  • @kajak lol. It's not the host, it's some random other person who tries to trick you.

    -

  • @rds100 said: Anyone who falls for this fully deserves what he gets, and a Darwin award in addition.

    Well I'll say that I initially just flagged this as spam (since I have nothing to do with the company anymore) and only noticed the password requests before flushing my spam folder this morning; it's easy to overlook stuff if you're busy/drunk etc.

  • @NodeKid yes, but would you send your paypal password to anyone because he asked? That should have made it obvious.

    -

  • @rds100 said: kajak lol. It's not the host, it's some random other person who tries to trick you.

    Yea I totally missed that. That is what I get for posting while half asleep. :/

  • @rds100 said: NodeKid yes, but would you send your paypal password to anyone because he asked? That should have made it obvious.

    Obviously not…

  • Paypal Password (If Order With Paypal)

    Oh my god, that's the best part right there.

  • When I have time, I always help these spammers/phishers in subscribing their email address to all kinds of list. :)

    © 2011-2017 eLohkCalb
  • i so confuse why that provider need that all info for what ?

    provder just know we paid and no problem is done

  • Seems like a leaked database?

    Patrick | INIZ
  • Would be funny if someone generate some sort of spam with random info to that mail, they'll be like:

    Kakdifklsljfnd jags halls jsksksmsb which translates to "zomg !!!look at how many accounts I manage to phish today !!!" in Nigerian language

    vpsdash.com - Tips and tricks in life, information and technology news to get things done

  • @INIZ said: Seems like a leaked database?

    It's a fake mail.

    @OP

    Verify the sender's address. And It's better that you rename the title.

  • "We want your data as soon as possible."

    Lmfao.

  • isy44h112isy44h112 Member without signature

    @ZeroCool said: i so confuse why that provider need that all info for what ?

    provder just know we paid and no problem is done

    There's problem with your head

  • That email needs to be added to some spammers list.So he gets bombarded by offers.

    I am not Rick

  • Methods of Reporting Phishing Email to US-CERT

    In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to [email protected] and send it.
    In Outlook Express you can also open the email message* and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message to [email protected]
    If you cannot forward the email message, at a minimum, please send the URL of the phishing website.
    

    I am not Rick

  • Thanked by 1Mark_R
  • Do you have any proof it is actually Thrust/DamnVPS doing this and not someone trying to give them a bad name?

    Taking a hiatus.

  • winnervpswinnervps Member, Provider
    edited January 2014

    I've also got this email. Weirdly this seems to be sent from their server.

    Delivered-To: [email protected] Received: by 10.76.141.83 with SMTP id rm19csp72737oab; Fri, 17 Jan 2014 19:31:31 -0800 (PST) X-Received: by 10.194.62.70 with SMTP id w6mr4929709wjr.55.1390015890921; Fri, 17 Jan 2014 19:31:30 -0800 (PST) Return-Path: Received: from server.damnvps.com (server.damnvps.com. [87.117.244.16]) by mx.google.com with ESMTPS id c9si9809161wjy.47.2014.01.17.19.31.30 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 17 Jan 2014 19:31:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of [email protected] designates 87.117.244.16 as permitted sender) client-ip=87.117.244.16; Received: from clients by server.damnvps.com with local (Exim 4.82) (envelope-from ) id 1W4Mcx-0001qN-Eg for [email protected]; Sat, 18 Jan 2014 03:31:19 +0000 To: [email protected] Subject: Damn::VPS aka Thrust::VPS From: Admin

    WINNERvps | LA/NYC/CA/SG/ID Windows Xen Forex VPS and Anti DDoS Cloud Linux

  • edited January 2014

    Got this email this morning

    Header's information:

    Received-SPF: pass (google.com: best guess record for domain of [email protected] designates 87.117.244.16 as permitted sender) client-ip=87.117.244.16; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of [email protected] designates 87.117.244.16 as permitted sender) [email protected] Received: from clients by server.damnvps.com with local (Exim 4.82) (envelope-from clients@server.damnvps.com) id 1W4MZc-0001yT-KW

    Maybe their email account/server got compromised?

  • BradBrad Member, Provider
    edited January 2014
  • gkzgkz Member

    I'm receiving the same email today. It's weird, because I don't have an active service anymore. Maybe their WHMCS/Cpanel Account were compromized.

  • Got the same email, but the reply to email is [email protected]

    This is going to be interesting.

  • SpiritSpirit Disabled

    @MrObvious said: Got the same email, but the reply to email is [email protected]

    The same. I got it 30 minutes ago.

  • @INIZ said: Seems like a leaked database?

    I think so. I tweet the email to them

    Designers: www.linkun.info

  • my Gmail also received it today, and already flagged fraud email and reported to Google :)

  • ThrustVPS is a legit company. They've been hacked.

  • dnwkdnwk Member
    edited January 2014

    @Steve said: ThrustVPS is a legit company. They've been hacked.

    Rus Foster's legacy

    Designers: www.linkun.info

  • SrvisLLCSrvisLLC Member, Provider
    edited January 2014

    from: Admin [email protected]
    to: [email protected]
    date: Fri, Jan 17, 2014 at 10:31 PM
    subject: Damn::VPS aka Thrust::VPS
    mailed-by: server.damnvps.com

    "This is a notification to let you know that we need to verify for reduce fraud.

    We want your data as soon as possible.

    The data that we need is as follows:

    Server Username (Included)
    Server Password (Included)
    Full Name (Included)
    Address (Included)
    City(Included)
    State (Included)
    ZIP (Included)
    Phone Number (For Call To Verify)
    Country (Included)
    Paypal Email (If Order With Paypal)
    Paypal Password (If Order With Paypal)
    Credit Card Information (If Order With Credit Card)
    Scan Of Credit Card Front And Back (If Order With Credit Card)

    Data is sent to Email : [email protected]

    Thanks in advance for your patience and support.

    http://damnvps.com - Damn::VPS - We give a damn"

  • mikhomikho Member, Provider

    Yes

    ask me about Storage offers
    Get a LES NAT VPS! and some Shared Hosting offers
    Locations: Phoenix (US) | Amsterdam (NL) | Lenoir (US) | Kansas City (US) | Falkenstein (DE), | Sofia (BG) | Reins (FR) | Sandefjord (NO) | Sydney (AU) | Perth (AU)
  • paypal password is important for prompt support and billing ... :)

    Instant Linux OpenVZ/Xen & Windows RDP VPS in 17 Locations : UK, USA (CA, TX, FL, GA, NJ states), Mexico, Canada, Bulgaria, Italy, Lithuania, France, Germany, Netherlands, Switzerland, Russia, Singapore | PayPal, Webmoney, Perfect Money, Bitcoin, Payza, Skrill, CashU, Ukash, Neteller
Sign In or Register to comment.