Stolen WHMCS DB Spammers - name and shame

**PhilB** · 05-26-12, 12:33 AM

It seems likely that with the disclosure of the WHMCS licencee list that we're going to need a nice central place to keep track of the immoral individuals who have used the leaked database to send spam to people who's contact details have been disclosed.

I've seen the post about "AJ Online Services" http://forum.whmcs.com/showthread.ph...127#post224127 already - but I haven't received a copy of their spam. I have however this evening received an unsolicited mass-bcc spam message from frogost - a company I have never dealt with - (sender address [email protected]) pimping their HiPay Payment module. This has been reported to the host of their sending MTA as junk mail.

It goes without saying that any company that promotes themselves by such means can't be trusted to run any other part of their business in an honourable manner and you should steer well clear - to that end I (and doubtless others) would be interested to hear of anyone else abusing the leaked data in this manner.

**rosscoD** · 05-26-12, 01:05 AM

I just received an email from frogost.net as well. Needless to say I am very annoyed at the theft of my personal details. I've already had to renew my bank account twice in 2 years due to similar things happening and I might have to again.

**b0r3d** · 05-26-12, 02:09 AM

more people getting them from frogost.net??? I hope Matt or if Bear have access create a topic for public shaming. Allow threads to shame these sites. Google will pick it up in no time and anyone looking up reviews or information on them will see they are shady people

**bear** · 05-26-12, 02:21 AM

Originally Posted by b0r3d

I hope Matt or if Bear have access create a topic for public shaming.

That would be Matt's call and not mine, but this thread is viewable to the public.

**zlib** · 05-26-12, 07:18 AM

Got the frogost.net this morning. Reported it to spamcop.

Seems like some dumbass kid.

Good afternoon,

would be interested in processing payments by Credit Card in your WHMCS?

You can do this through our HiPay Gateway for integration with WHMCS.

HiPay (hipay.com), is a company like Paypal, but enables its customers to pay by Credit Card and other 15 different types of payments (easy account setup without waiting or approval time). We provide you with a gateway that allows you to use HiPay in your WHMCS, similarly to how you probably already use Paypal.

We offer full support in setting up the gateway to your whmcs and the possibility of testing, totally free, the gateway for 7 days.

For a free license follow this link: http://www.frogost.com/en/cart.php?a=add&pid=47

Any difficulty in the installation please contact us, which will help you in everything you need for free. If you prefer support by msn: [email protected]

That is all.

Best regards,
Frogost.com

**Marcus** · 05-26-12, 07:27 AM

Originally Posted by zlib

Got the frogost.net this morning. Reported it to spamcop.

Seems like some dumbass kid.

same here ....

**ProHostGold** · 05-26-12, 08:18 AM

Originally Posted by zlib

Got the frogost.net this morning. Reported it to spamcop.

Seems like some dumbass kid.

Got the same email.

**lance** · 05-26-12, 08:24 AM

yes, received that one lastnight too from frogost.net

**easyhosting** · 05-26-12, 09:02 AM

reported frogost to spamcop also their supplier OVH and theplanet as these are the ones linked to the sending IPS

AJ Online Services have you seen this kids website so many broken links, i tweeted him to say he has been reported for using stolen info and guess what he closed down his twitter account as if that would help him

**ProHostGold** · 05-26-12, 09:10 AM

frogost are hosted by godaddy.

**panacheweb** · 05-26-12, 09:14 AM

Originally Posted by ProHostGold

frogost are hosted by godaddy.

maybe godaddy might do something.

**easyhosting** · 05-26-12, 09:23 AM

Originally Posted by ProHostGold

frogost are hosted by godaddy.

email header shows

Received: from box2.frogost.net ([176.31.225.30]

http://whois.domaintools.com/176.31.225.30

IP location: France Ovh Systems

spamcop states

Report Spam to:

Re: 176.31.225.30 (Administrator of network where email originates)
To: [email protected] (Notes)
To: [email protected] (Notes)
To: [email protected] (Notes)

Re: hXXp://frogost.com/en/cart.php?a=add&pi... (Administrator of network hosting website referenced in spam)
To: [email protected] (Notes)

**ProHostGold** · 05-26-12, 09:28 AM

Originally Posted by easyhosting

email header shows

Received: from box2.frogost.net ([176.31.225.30]

http://whois.domaintools.com/176.31.225.30

IP location: France Ovh Systems

spamcop states

Report Spam to:

Re: 176.31.225.30 (Administrator of network where email originates)
To: [email protected] (Notes)
To: [email protected] (Notes)
To: [email protected] (Notes)

Re: http://www.frogost.com/en/cart.php?a=add&pi... (Administrator of network hosting website referenced in spam)
To: [email protected] (Notes)

I stand corrected

The domain is with godaddy

**easyhosting** · 05-26-12, 09:43 AM

so far only spam from

AJ Online Services (ajonlineservices.co.uk)
Froghost (frogost.com)

feel free to add to this list is spam from anyone else

**Matt** · 05-26-12, 09:51 AM

We appreciate everyone forwarding us a copy of the spam emails they are receiving - but please can I ask that you don't forward either of the 2 mentioned here anymore as we have enough copies of it! We have already passed them on to both the FBI and UK E-Crime Unit, along with the name & address details held for the licenses of both sites.

Matt

Community Forums

Thread: Stolen WHMCS DB Spammers - name and shame

Thread Tools

Stolen WHMCS DB Spammers - name and shame

Similar Threads

Spammers attack WHMCS forum

How spammers can be removed from spam lists?

people have NO Shame anymore !