Facebook, LinkedIN, attacked again

in Favor of SOPA and PIPA? Okay, Facebook, LinkedIn, Google, AOL, Boing Boing and the rest of you bitching and moaning about a “free internet” and the “SOPA” and “PIPA” legislations … where are you now? Still getting smacked by cybercriminals, I see. Folks, cybercrime is relentless — it doesn’t stop, it never rests. Watch out Facebook and LinkedIn users, they’re out to get YOU . . .

There were sixteen separate attacks in the past 24 hours, all targeting Facebook or LinkedIN. Several of the attacks actually known, NAMED “friends” … that’s scary. Facebook seems to be the most productive target for cybercrime because people click without thinking. Most of the attacks attempted to get us to click a link to a page where there’s malware downloaded to your computer … Mac or PC.


Three of the Facebook attacks all took a similar look to this one, in addition to offering updates or “unread” messages. We tracked this one back to Denmark, but then the RIPE WhoIS turned out to be ‘broken’ and couldn’t take us any further — so we really don’t know where the money trail leads on this one. Here’s the DNS TOOLS dossier on this one:

Domain: danskfolkepate.dk
DNS: danskfolkepate.dk
IP address:
Nameservers Hostname: ns1.surf-town.net
Registrant: Surftown A/S (SURFTOWN558), Copenhagen, DK
Reverse DNS: ws55.surf-town.net.
Reverse DNS authenticity: [Verified]
ASN Name:  COHAESIONET (Cohaesio A/S)
Registrar (per ASN): RIPE
Country (per IP registrar): DK [Denmark]
Location: Unknown 
RIPE is broken.
Please contact ripe-dbm@ripe.net.

Here’s the SpamCop.net dossier on this criminal. Notice it says “ISP does not wish to receive reports regarding http://danskfolkepate.dk/”. (Screen capture of this report)

For LinkedIn users : here are just two of the screens from LinkedIN attacks — one from Poland, and one hosted in Brazil … yet BOTH sharing the SAME arrival page content! I didn’t take the time to report on these, but I do have the SpamCop reports and can share those if you’re interested. Two LinkedIN attacks here.

Quite frankly, I don’t even know if it’s worth my time to continue tracking and reporting these events. Each and every day there are dozens of them. I report the worst that come along from time to time — but tracking and reporting them all would be a full time job for two people. Since nobody seems to care, and nobody seems to be doing anything about it, nor listening to common sense, I’m thinking I’m just wasting my time. I will continue to report each and every one to SpamCop, though …. it’s my duty as one from the near extinct population of good netizens.

As I’ve been shouting since 1999, the internet MUST obtain self-regulation and accountability. If it fails, then some other entity will do it for you. And that’s either the good guys or the bad guys. It’s YOUR decision. And at the risk of relentless comment spammers, I’ll leave the comments turned on in hopes we get at least ONE intelligent comment to this issue.

Also see : In Favor of SOPA and PIPA?

And …thanks for reading

Fred Showker

What did you miss in the last Safenetting post
GO Send in your items for Safenetting readers
GO Facebook Safe Netting
GO Join / Like / contribute : UGNN FaceBook Group, (ug.netnews)


If you think you’re a victim, file a complaint with the
GO FBI Internet Crime Complaint Center : IC3.

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.