I Tracked Down a Scammer

I filter my email, so sometimes I don’t see messages that I meant to. Today I was looking through my spam filter and found this:

I own this domain, and I once jokingly registered the website http://overrated.expert. So this was definitely meant for me, and definitely spam. I looked at the link for the button and found this:

[website]/de/vs.php?email=[my email]

So I put in a fake email address and was taken to this page:

And this is how phishing scams work, of course. If you don’t realise it’s a scam, you type your password in this text field, and yoink, the spammer has it. So I typed a fake password, which took me to a white page with this URL:


But if I take off the filename, I can peer inside the entire /de/ directory, where I can see this:

None of the PHP files will help much, but that zip file looks promising. So I downloaded it, unzipped it, and I found all the sourcecode for the scam.

The code itself wasn’t super interesting. It’s just a fake form that sends the results to an email. And that email is helpfully called out in a file called to.php:

Well hello there, nopeace2021@shebasecurity.com! Looks like you work for a company that sells security services and runs scams on the side. Or maybe the scams are the only business.

Either way, I’d find a new job if I were you.




Designer, writer, teacher. I love building things.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

#surPRIZEPOOL #GELT #galileo Fantastic project with great potential.

TryHackMe | Internal

Top 25 Account Takeover Bug Bounty Reports

COVER hack and YETI performance: PowerPool team analysis

What Is Patch Management?

How To Protect Your Identity Online

identity theft shadowsafe brisbane

#JET NFT Token Presale is live Now Grab Your #JET Token

RedPanda Earth is Listed on LATOKEN Crypto Exchange

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jon Bell

Jon Bell

Designer, writer, teacher. I love building things.

More from Medium

Fisher of Fishermen

The Bible: Pharisee-free edition, version #???, Entry #1

Spring Climate Outlook in New England: Leaning Warmer Than Normal

Western Trout Rivers: A Prospectus