Premium Power

From Spamwiki

Jump to: navigation, search

Contents

[edit] Introduction

Premium Power
Premium Power

Appearing on the scene in November 2011, Premium Power has been widely spammed.

ViaGrow, ViaGrow Pro, ViagPure, ViagMax, MaxPro, EasyPharmacy go hand-in-hand.

They often share the same name servers, and reside on the same IP address.

It is safe to conclude that all sites are from the same perpetrator.

Other brands sharing the same name servers (for example ns1.gogofastnow.com ns2.gogofastnow.com ns1.roadislongnow.com ns2.roadislongnow.com) are

carolmonth.com Diamond Replicas
comesweet.com Exquisite Replicas
flashcarol.com Ultimate Replicas
kanobottle.com US Healthcare
largepremium.com Premium Power

[edit] Redirection abuse

Fake news site
Fake news site

In November 2011 they set up several front-end domains to be used in spamming campaigns. Each of these domains hosted an identical fake news outlet web site, entitled Morning News Stop. This web site looks like a genuine newspaper or TV channel web site, with the lead article looking like a news story on a herbal product, Premium Power.

Sample fake news sites:

  • explodeunder.com
  • getpenile.com
  • inchesgains.com
  • malesplus.com
  • manlygrow.com
  • shoppenile.com
  • soopremium.com

These are all registered in the Ukraine with the registrar CENTER OF UKRAINIAN INTERNET NAMES or UKRNAMES.

[edit] False pretenses

Non-secure page
Non-secure page

As is common with so many fraudulent web site, Premium Power claims to be using secure encryption when you provide your identity, personal details, and your credit card. Secure encryption is provided by a protocol known as Secure Sockets Layer or SSL. You can always tell if security is in place, by looking at the browser's address bar, to see if it is using https (secure sockets layer). If it is using http then you know that it is not secure.

As you can see, clearly that is not the case here image:Premium_Power_http.jpg

These perpetrators compound their fraud by displaying the words Secure Checkout on this obviously non-secure checkout page.

[edit] Sponsoring registrars

Sample site

largepremium.com

IP 85.120.94.38 

Domain: largepremium.com
Registrar: CENTER OF UKRAINIAN INTERNET NAMES
Name Server: NS1.TENTEN10.RU
Name Server: NS2.TENTEN10.RU
Name Server: NS3.MONDAY-THUESDAY.RO

Registrant:
Svetlana Poltavceva poltavtzeva.svetlana@yandex.ru
ul. Leninskaya 17 43
Yubileynyy, 141090
RUSSIAN FEDERATION
+7.4956548754

Redirectors are on the same Registrar: CENTER OF UKRAINIAN INTERNET NAMES

Title: Morning News Stop

Fake news magazine sites with only one article, all links leading to the target redirection (such as largepremium.com)

  • explodeunder.com
  • getpenile.com
  • inchesgains.com
  • malesplus.com
  • manlygrow.com
  • shoppenile.com
  • soopremium.com

[edit] How to report this spam

The Complainterator is configured to request removal of these fraudulent sites. Add a link to this page as evidence.

Retrieved from "http://spamtrackers.eu/wiki/index.php/Premium_Power"
Personal tools