Results 1 to 4 of 4

Thread: sweedat.com malware site warning (via phishing email)

  1. #1
    benreffell Guest

    Default sweedat.com malware site warning (via phishing email)

    (Not sure where to report this kinda thing, but may give one of you a headsup)

    Got the email below from my brother, it's obvious to me he did not write it, then there's the usual hooks i.e. a cheap whatever!

    I can't contact him now as he's overseas and I've not been to the site just in case it has malware not yet detectable etc

    His hotmail account was compromised (it seems)

    email looks like this, don't click on the link if you get an email like this or with that website.
    ***********

    Hello,
    So amazing!I ordered one black apple iphone 3gs 32gb from this website sweedat.com one weeks ago,today I've got it .Far from my imagination, it's genuine and as good as I expected,but much cheaper.I can't help sharing this good news with you! May all goes well for you.
    Cheers!
    Patrick


    ****************

    Whois info . . .. .yep dat look sus to me! (only registered domain yesterday & lok at the contact details)

    WHOIS information for sweedat.com :

    Domain name: sweedat.com

    Registrant Contact:
    chenbailong
    bailong chen chenbailong98747544@163.com
    0592-9797966 fax: 0592-9797966
    xiamen
    xiamen fujian 361002
    cn

    Administrative Contact:
    bailong chen chenbailong98747544@163.com
    0592-9797966 fax: 0592-9797966
    xiamen
    xiamen fujian 361002
    cn

    Technical Contact:
    bailong chen chenbailong98747544@163.com
    0592-9797966 fax: 0592-9797966
    xiamen
    xiamen fujian 361002
    cn

    Billing Contact:
    bailong chen chenbailong98747544@163.com
    0592-9797966 fax: 0592-9797966
    xiamen
    xiamen fujian 361002
    cn

    DNS:
    ns5.cnmsn.net
    ns6.cnmsn.net

    Created: 2010-01-29
    Expires: 2011-01-29
    Last edited by fax; January 30th, 2010 at 12:22 AM. Reason: direct link to site removed

  2. #2
    benreffell Guest

    Default Re: sweedat.com malware site warning (via phishing email)

    My brother has now confirmed he did not send email (not that I needed confirmation) and he has been compromised, not sure at this stage how or where it has occured, could be anything/anyplace in which he has my email address.

    Hope this saves someone some pain!

  3. #3
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,466

    Post Re: sweedat.com malware site warning (via phishing email)

    Quote Originally Posted by benreffell View Post
    My brother has now confirmed he did not send email (not that I needed confirmation) and he has been compromised, not sure at this stage how or where it has occured, could be anything/anyplace in which he has my email address.

    Hope this saves someone some pain!
    NOTE: the steps below works only if you are on the latest versions of ZA (7.0.470.000 or later). If you are not, please update.

    Try to perform a full Antivirus/Antispyware scan but in SAFE MODE WITH NETWORKING.

    1. Disable system restore;

    2. Set ZA Antivirus/antispyware to "Ultra Deep Scan" under the advanced options of the ZA antivirus/antispyware tab (scan modes);

    3. Reboot in SAFE MODE WITH NETWORKING;
    4. Manual run ZA (ZA firewall will be OFF but Antivirus/Antispyware will be functional);

    5. Run a full ZA AV/AS scan;
    6. Reboot in Normal Mode

    7. Set ZA Antivirus/Antispyware back to Normal
    8. Enable System restore

    How to start in SAFE MODE WITH NETWORKING
    How to disable windows SYSTEM RESTORE

    If the above fails try to clean your system with:

    A. Download update and scan with MBAM
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running

    B. Use the superantispyware online cleaning tool --> Here or download, update and scan with superantispyware FREE

    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running

    C. Download update and scan with A2 free

    Still Problems? Try the bootable CD fromDrWeb

    if ALL the above fails please post your Hijackthis log to BleepingComputer or SpywareHammer
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  4. #4
    wezzar Guest

    Default Re: sweedat.com malware site warning (via phishing email)

    Hi Ben
    Just to let you know that my wifes e-mail adress has also been hit by the same site. The exact message was sent to a whole list of her contacts in her hotmail contacts list. We first found out about it at 5 am on monday morning when her blackberry went off with loads of failed email attempts sent back by postmaster@hotmail.com. Don't know who to contact and don't know what it means in terms of her security breach. Does anyone know if it is a virus on her pc or transmitted to any pc that logs in to her hotmail account.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •