Thursday, March 20, 2008

Cybersquatting Security Vendors for Fraudulent Purposes

Just like the creative typosquatting coming up with domain names spoofing the structure of PayPal and Ebay's web applications I covered in a previous post, this most recent example of cybersquatting is yet another example of how impersonating known and trusted brands can not only damage their reputation if the campaign's not taken care of fast enough, but can also result in actual adware infection. Who's getting targeted in this campaign? PandaSecurity, McAfee, Adobe Acrobat, and several other third party applications. It seems that IBSOFTWARE CYPRUS is keeping the entire domains portfolio undercover for the time being, with a great deal of these domains returning 403 forbidden messages. However, there are several domains that are actually serving the fake E-shops. This minimalistic approach on behalf of the malicious parties may have proved valuable if the domains were hosted on different IPs, however, they're all hosted on a single IP. The type of "pay us and we'll point you to the download location" scheme applied here is a bit moronic, in fact the template nature of the E-shop does not know what healthy competition means as you can see in the screenshot above. Here are the domains themselves :

PandaSecurity -

McAfee -

Adobe Acrobat -

Misc Cybersquatted software -

What is Interactive Brands Inc?

"Interactive Brands is a privately held corporation formed by a team of experienced professionals who strive to offer the “ultimate” interactive shopping experience to internet users around the world. In partnership with the best software publishers, Interactive Brands develops unique and high value offers for the benefit of all computer users. In the spirit of giving the best shopping experience possible, Interactive Brands offers their clients access to a customer support center available by toll free number, email and live chat that covers any inquiry including: downloading, installing, using and any other questions regarding our products."

Interactive Brands Inc.
PO Box 178, St-Laurent, Quebec
H4L 4V5, Canada
Phone: : +1 (514) 733-2549
Fax: +1 514 733 2533

The billing center is located at which loads and 90% of the domains are hosted on a single IP -, however, the entire netblock is a scammy system by itself with several hundred more such cybersquatted domains.

Don't be cheap, if you're to buy any kind of software, do so through the official site, and cut the fraudulent intermediaries like the ones in this case. Read more about Interactive Brands at the Ripoff Report : Interactive Brands, Rip-off; Report: Interactive Brands; Report: Interactive Brands. Lavasoft's and Avira's comments on the case as well.