I did get a brief message from Lee, the lead of ostel.co. He said that ostel.cc a site that he helped setup, and it federates with ostel.co. The phishing style domain name is unfortunate though.
.hc On Jan 17, 2016, at 2:13 PM, cexinho . wrote: > currently its ostel.co that is overwriting ostel.cc on the cache page, but > that's simply because ostel.co atm has more hits, but as soon as ostel.cc > gets more hits it will overwrite the cache for ostel.co. > So all of a sudden they can start to show malicious data on the page and that > will affect the SEO of ostel.co > > On Sun, Jan 17, 2016 at 1:08 PM, cexinho . <[email protected]> wrote: > Hey, that is actually not phishing, and the way to handle with it is not that > easy. That is actually a method that is attempting to steal the search engine > index ranks. > Depends a bit on how it works, it usually creates a live mirror of the real > site, so any change on the real site should reflect on that copy site. If > this is verified then you can simply block any requests that come from that > site/IP and it should instantly stop working. > > If the above don't check then just follow the steps outlined here: > http://www.indigoextra.com/blog/report-scraper-site-to-google > Since their whois info seems to be protected the last step would be to > contact the hosting provider on which that site is hosted on :). > > If you want more details about this, this is possibly an attack method that > is taking advantage of a bug with Google's cache system. > See here how it already affected it: > > https://webcache.googleusercontent.com/search?q=cache:EiJ20XvpiwEJ:https://ostel.cc/+&cd=1&hl=pt-PT&ct=clnk&gl=us > that's a cache page for ostel.cc but the page being shown is actually from > ostel.co/ :) > > On Sun, Jan 17, 2016 at 12:15 AM, Patrick Connolly > <[email protected]> wrote: > Ugh. No, wasn't aware of it myself. Not good. > > Should we report it as phishing attempt to Google? > https://www.google.com/safebrowsing/report_phish/ > > > -------------------------------------------- > Q: Why is this email [hopefully] five sentences or less? | A: > http://five.sentenc.es > > On Sat, Jan 16, 2016 at 9:37 AM, Hans-Christoph Steiner > <[email protected]> wrote: > > Anyone know about ostel.cc? It seems to be a clone of ostel.co: > > https://ostel.cc/ > > .hc > > -- > PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 > https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: [email protected] > > > _______________________________________________ > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > To unsubscribe, email: [email protected] > > > > > -- > César > > > > -- > César
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
