Saturday, July 25, 2009 and scams moved to a new hosting and Allopass returned a ridiculous response. and are a pair of scam Web sites in french that are extermly active in the last few weeks.
The first one, - asks innocent users to type their MSN user/password, and then floods all their contacts with fake instant messages that invite them to join msn-blocked Web site, and enter their user/password too.
The second one, - offer the users of to purchase the MessenPass utility of NirSoft through the SMS payment system of, misleading french users that don't know that this utility is available for free at

As I already reported in my previous posts, these Web site were hosted in hosting company, but in the last few days the owner of these scams moved most of the servers into another hosting company - EURO-WEB Servers renting, which is also an hosting company in France. Although most of the activity moved to the new hosting company, some of the servers are still active in the previous hosting company -

The host names in the new hosting company are:

...And there are possibly more...

Ridiculous Answer From

I the previous post, I reported that there was no answer from Allopass payment company that is used as a part of scam.
So after a while, they sent me their ridiculous answer to my complaint about these scams, and here's the quote from their response:
"Please apologize for this late answer. As a payment system provide, Allopass is not entitled to take side in this kind of dispute. However, we just notified the publisher of of your complaint, and now look forward to his reply."

So Allopass don't want to "take side" in this issue, but they actually enjoy to take their side in sharing the revenue with owner.
Each time that a new innocent victim pays for my MessenPass software in Web site, Allopass company also get their side in the SMS revenue, together with scam owner.
But the main problem with is not the action of illegally selling NirSoft software, but the fact that this Web site get all the traffic by spamming the MSN Messenger accounts of innocent people with fake messages generated by Web site.

As you can see from Alexa ranking, the traffic of Web site continue to grow, and in the last days the it reached to a new record:

most of the traffic of comes from countries with french speakers - France, Belgium, Switzerland, and a few more.

How This Scam Works

If you still don't understand how exactly this scam works, and how these scam Web sites get so much traffic, here's a simple explanation of the viral spreading made in these Web sites.
For the examples below - User X, User Y, and User C are french speakers that constantly use MSN or Live Messenger to chat with their friends.

  1. User X get an instant message in MSN from his good friend, User Y, that recommend him to visit Web site (And User X doesn't know yet that this is fake message generated by Web site)

  2. User X Visit msn-blocked Web site and put his MSN user name and password, assuming that it's a safe Web site, because User Y, his good friend that he trust, sent him to this site.

  3. After giving his MSN user name/password to msn-blocked, this Web site connect to the MSN account of User X, and send fake instant messages to all his contacts !!

  4. Now User C, D, E, F, and others, which are in the contacts list of User X, receive the fake invitation message from User X, and some of them, like User X, do the same mistake, and go to msn-blocked Web site and give their user name/password.

  5. In the User X side, msn-blocked page is loaded and display his contacts list for a few seconds.

  6. After a few seconds, the Web site is suddenly redirected to Web site.

  7. Web site offers User X to download my MessenPass Software by using the SMS payment system of
    User X still doesn't know that all his contacts received the fake instant messages in his name, and he think that is good Web site recommended by his friend, and of course, User X doesn't know that MessenPass utility is available to download for free at NirSoft Web site.

  8. User X send an SMS and get the code for downloading my MessenPass Software, assuming that User Y recommeneded him to do so.

  9. When User X send the SMS, the payment is shared between the scam owner, Allopass payment company, and the phone company.

  10. After a while, User C, a friend of User X, ask him about the link he sent him earlier.
    User X doesn't remember that he sent any link to User C, and he start to understand that sent fake messages to all his contacts.
    But it's already too late. Some of the User X contacts, the received the same fake invitation message, already gave their MSN user/password, and continued the viral spreading of msn-blocked scam.

  11. User X, angry about the embarrassment that this Web site caused him, browse into link again, and report it as 'Web Forgery' from the Web browser interface.
    After a while, the Web address reported by User X will be blocked by Firefox/Google and other Web site blockers, but it won't help much to the next victims, because the scam owner constantly modifies the Web site address. For example: If User X, received the Web site address as, the next victims will get a new address like, and thus it won't be blocked for the next victims.

  12. The owner of and msn-blocked sites, accumulates more and more money from the SMS system, allowing him to pay more for the hosting services and to extend his scam Web sites to more servers.

  13. Due to the nature of "viral spreading" like in this scam, the number of users visit these sites grows exponentially, and the scam owner rent more and more servers in order serve all the site "visitors".
    The scam owner probably relies on payments from Allopass system for paying the new hosting servers.

  14. Allopass company also enjoy the scam of, and get their part of the revenue, without caring about the nasty way that the visitors are sent into Web site, and without caring about violation of my intellectual property rights, even if it's against their own conditions of use.

  15. It's possible that all MSN user/passwords provided by users in msn-blocked Web sites, are collected into a large database of passwords for using it later for
    identity theft and other crimes.

That's all for now.

You are welcome to add your comment about Allopass behaviour in this matter, and whether they should continue to provide their payments services for the nasty scam Web sites that I described above.


Blogger The MAZZTer said...

I am sure if Google receives enough reports about different msn-blocked subdomains they will eventually block the whole domain. If the individual persists with different sites Google may block the web hosting service entirely, if it hosts a number of illegitimate websites.

July 25, 2009 6:55 PM  
Blogger - said...

You really should report Microsoft about this scam website. Microsoft really doesn't like scammers that use their trademarks.

July 26, 2009 6:38 AM  
Blogger eduardo said...

August 21, 2009 2:59 PM  
Blogger Sérgio O. Marques said...

I keep receiving those nasty messages from my contacts. Some of them are sent by people I trust. Fortunately I don't accept any kind of link. Though that's disgusting because they keep on comming on msn or by mail.

September 26, 2009 4:31 AM  
Blogger Pipwig12345 said...
Another Site to report!

September 27, 2009 10:19 AM  

Post a Comment

<< Home