Umm... we'll get to that phishing site when we please

As you may know, Paul and Robin Laudanski and I started PIRT recently, a project to take down phishing sites. It’s doing gangbusters and sites are getting shut down at a rapid clip (if you want to volunteer to be a takedown handler, we constantly need help — click here).

Well, sometimes it seems some ISPs just don’t care that much. Take the example of WebNames in Russia.

Here’s the email:

----- Original Message -----

From: "WebNames.Ru Support"

To: "CastleCops PIRT Squad"

Sent: Wednesday, April 12, 2006 12:26 AM

Subject: Re: [PIRT #4291] Chase Phish site on your network

CastleCops PIRT Squad пишет:

CastleCops PIRT Squad Report 4291

It has been discovered that a Chase phish is currently operating at

location(s):

http://mmn-chase(dot)com/.../

This domains will be checked and disabled in a two days[my emphasis]

--

Regards, Michail Egorov,

WebNames.Ru technical support

Two days? Huh? Hey WebNames, what’s up, you trying to protect somebody? These are still live, as I post this blog, stealing people’s money.