Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Reporting a set of 45,000+ scam domains (?)

  • 1 phendula
  • 1 inayo le ngxaki
  • 8 views
  • Impendulo yokugqibela ngu philipp

more options

Greetings,

I am a pfrivate Internet security researcher.

I have carefully isolated and verified a set of exactly 45,500 domain names which, from the look of them, are all quite likely to be in use as components of a very large scale Tech Support Scam farm. (This operation has apparently been ongoing for more than a year.)

I think that it would be a Good Thing if some appropriate person could arrange for these domains to all be flagged as fradulent when and if any Firefox user happens to come upon them while browsing.

You may view the entire list of domains here: https://pastebin.com/raw/e1K644jw

Current forward DNS resolutions for these domains are shown here: https://pastebin.com/raw/vLNjUQv8

Note that unless you visit the web sites associated with any of these domains while using a "correct" full (coded) URL, the web sites will simply redirect you to the Google home page. This, of course, is part of the the scammer's technique to avoid and evade detection and investigation of these scam domains.

In addition to this set of scam domains, I have several other and additional such sets for which it would be useful and helpful to have Firefox flag these domains as untrustworthy for the benefit of the entire end user community. Also, I come upon new sets like this on a regular basis. I am already providing this data to the Google Safe Browsing team, but would like to be able to routinely supply it to appropriate representatives of the Mozilla project aas well. Please let me know if this is something that the Mozilla Project would have an interest in.

Greetings, I am a pfrivate Internet security researcher. I have carefully isolated and verified a set of exactly 45,500 domain names which, from the look of them, are all quite likely to be in use as components of a very large scale Tech Support Scam farm. (This operation has apparently been ongoing for more than a year.) I think that it would be a Good Thing if some appropriate person could arrange for these domains to all be flagged as fradulent when and if any Firefox user happens to come upon them while browsing. You may view the entire list of domains here: https://pastebin.com/raw/e1K644jw Current forward DNS resolutions for these domains are shown here: https://pastebin.com/raw/vLNjUQv8 Note that unless you visit the web sites associated with any of these domains while using a "correct" full (coded) URL, the web sites will simply redirect you to the Google home page. This, of course, is part of the the scammer's technique to avoid and evade detection and investigation of these scam domains. In addition to this set of scam domains, I have several other and additional such sets for which it would be useful and helpful to have Firefox flag these domains as untrustworthy for the benefit of the entire end user community. Also, I come upon new sets like this on a regular basis. I am already providing this data to the Google Safe Browsing team, but would like to be able to routinely supply it to appropriate representatives of the Mozilla project aas well. Please let me know if this is something that the Mozilla Project would have an interest in.

All Replies (1)

more options

hi, thanks for reaching out about this! as the support forum here is primarily a users-helping-users forum you might not have the right audience here - in order to reach out to mozilla's security team, i'd recommend sending your information by mail to the address mentioned at https://www.mozilla.org/en-US/security/