Does anyone know anything about this site? I've been getting this message from them:"You've received a post card from a family member. I clicked on it and it showed something being downloaded and then nothing. I went immediately to my hard drive and found a new executable, which I deleted. Am I being paranoid or is this a bad thing?
------------------
Howard
postcards 1001
Moderator: Wiz Feinberg
-
Howard Tate
- Posts: 3378
- Joined: 17 Oct 2004 12:01 am
- Location: Leesville, Louisiana, USA, R.I.P.
- State/Province: -
- Country: United States
-
Bill McCloskey
- Posts: 8520
- Joined: 5 Jan 2005 1:01 am
- Location: Nanuet, NY
- State/Province: New York
- Country: United States
-
Wiz Feinberg
- Posts: 6117
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
- State/Province: Michigan
- Country: United States
Whois Record
ICANN Registrar: BELGIUMDOMAINS, LLC
Created: 06-Jul-2006
Expires: 06-Jul-2007
Registrar Status: REGISTRAR-LOCK
Whois Server: whois.belgiumdomains.com
Name Server: NS5.TEST--ZONE.COM
Whois History: 7 records have been archived
Registrant:
Cambridge Capital, Ltd (POSTCARDS1001-COM-DOM)
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
+1.5097526515
Whois Privacy and Spam Prevention by Whois Source
Domain Name: POSTCARDS1001.COM
Status: PROTECTED
Administrative Contact:
Cambridge Capital, Ltd Whois Privacy and Spam Prevention by Whois Source
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Reverse IP: 239,066 other sites hosted on this server
This domain is part of a huge parked domain rediredtion scheme managed by oingo.com. The landing page for the domain is a frameset with this as the main frame source: apps5.oingo.com/apps/domainpark/domainpark.cgi?s=postcards1001.com
The scripting detects the IP location of the visitor and provides a landing page in that language. The snapshot I saw on DomainTools.com shows Russian text. A warning during a whois lookup also states: "Belgium Domains appears to only register domains for cybersquatters."
Avoid visiting this website without a highly secured browser.
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices</small>
ICANN Registrar: BELGIUMDOMAINS, LLC
Created: 06-Jul-2006
Expires: 06-Jul-2007
Registrar Status: REGISTRAR-LOCK
Whois Server: whois.belgiumdomains.com
Name Server: NS5.TEST--ZONE.COM
Whois History: 7 records have been archived
Registrant:
Cambridge Capital, Ltd (POSTCARDS1001-COM-DOM)
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
+1.5097526515
Whois Privacy and Spam Prevention by Whois Source
Domain Name: POSTCARDS1001.COM
Status: PROTECTED
Administrative Contact:
Cambridge Capital, Ltd Whois Privacy and Spam Prevention by Whois Source
The Bahamas Financial Centre
Shirley & Charlotte Streets
Nassau, Island of New Provid
Bahamas
+1.5097526515
Fax- +1.5097526515
Reverse IP: 239,066 other sites hosted on this server
This domain is part of a huge parked domain rediredtion scheme managed by oingo.com. The landing page for the domain is a frameset with this as the main frame source: apps5.oingo.com/apps/domainpark/domainpark.cgi?s=postcards1001.com
The scripting detects the IP location of the visitor and provides a landing page in that language. The snapshot I saw on DomainTools.com shows Russian text. A warning during a whois lookup also states: "Belgium Domains appears to only register domains for cybersquatters."
Avoid visiting this website without a highly secured browser.
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices</small>
-
Howard Tate
- Posts: 3378
- Joined: 17 Oct 2004 12:01 am
- Location: Leesville, Louisiana, USA, R.I.P.
- State/Province: -
- Country: United States
-
b0b
- Posts: 29079
- Joined: 4 Aug 1998 11:00 pm
- Location: Cloverdale, CA, USA
- State/Province: -
- Country: United States
-
Wiz Feinberg
- Posts: 6117
- Joined: 8 Jan 1999 1:01 am
- Location: Mid-Michigan, USA
- State/Province: Michigan
- Country: United States
A driveby download of an executable can do anything allowed by the privileges assigned to the account to which you are logged in. People who login as a Limited User or Power User are much less likey to be impacted by these threats than those running as administrators. See my recent blog post about Limited User Account Privileges for more details about doing this. I also have a web page about running with reduced privileges here.
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices</small>
------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices</small>