Three days after we reported to Digiweb.ie that an apparently abandoned web site they host (AskGareth.com) is home to at least three infected directories being used in a global phishing scam aimed at CIBC (Canadian Imperial Bank of Commerce) customers, the malware is still happily infecting anyone duped by the phishing emails to visit the Digiweb server.
Emails sent to Gareth O'Shea at the address listed in his site's domain name registration bounced.
Emails sent to technical contact John McKenna at Digiweb were ignored, so additional copies were sent to Michael Doyle, Digiweb Ireland's Chief Financial Officer and the media contact listed on their web site. And ignored.
How do we know they're ignored? Because overnight, another set of phishing emails pointing to yet another infected file on the AskGareth.com site hosted by Digiweb and apparently abandoned sometime last year. As of the time of writing, ALL of the malware links in the phishing emails pointing to the Digiweb network are still in full operation.
It's truly unfortunate that given the dramatic rise in identity theft worldwide and the well-documented fact that the vast majority of online identity theft attacks are intended to steal money from existing bank accounts that an ISP calling itself "Ireland's leading independent telecommunications company" would be so totally cavalier about hosting one of the key elements that cybercriminals need to steal money.
Sad and pathetic.
-g
Linux and Windows web hosting plans start at just $7.95/mo.