One funny thing about writing a computer security blog is that many different kind of people read my blog posts: final users looking for advice, competitors looking for good information 😉 security researchers… and of course the bad guys. I remember the day I saw Netkairo, one of the arrested guys that was behind the Mariposa botnet, made a comment here some weeks ago… imagine my face when I saw that…

One gets used to everything, but you always find new stuff. Yesterday some “wanna be cybercriminal” from Portugal sent a comment on a blog post about spam; I didn’t approve the message, but you can read it here:


This is what you get when you click on the provided link:


The Portuguese guy who wrote the comment seems to be the one behind this “service”, as the web site provided by him is the same one, his e-mail address matches, his IP address is in Madeira and I’ve found some more black stuff in Portuguese made by this guy. If you click the “Click here” for the PRO version you will go to a place where you can write a message to the guy and give him your contact details.

Anyway I was not going to pay for the PRO version, so I decided to try the DEMO one. 1st things 1st, so I introduced the e-mail address of the creator of the web 😉

The only problem is that I didn’t have access to his e-mail account, or even if I had I shouldn’t get in 😉 so I created a mail account to test this DEMO. The address wass, I wrote it in the text box and clicked on “Enviar” (Send). Then I was redirected to the following page:


You are not redirected after 1 minute, so I took a look at the source code of this page:


It seems that it is subscribing the provided e-mail address to different mailing lists. Lovely! But is it really working or this guy is only harvesting the e-mail addresses that I am providing? Well, let’s take a look at my brand new inbox, that should be empty:


OK, so at least we can say it works. This guy will be so happy today when he finds out that his inbox has received these junk messages 🙂