My friends from Nuffnang Philippines have warned their users about a phishing attempts making rounds over the weekend. To those not familiar with Nuffnang, it is a blog advertising community and their ads are seen on some 260,000 blogs by 8 million people daily.

Quoting their announcement to their users

As some of you may have noticed, our community is indeed growing in numbers by the day! As such, we can’t help but draw potential phising attacks and hackers that try to gather a huge blogger database and exploit you guys for profit using the Nuffnang name. There have been some reports of a Nuffnang email sending out “new banner codes“. We have NOT done so. This is an attempt at asking you to register to their database. The link it leads to is nuffnung.com.

Phishing email content and screen capture courtesy of Nuffnang.com.ph:

Checking the offending site’s whois records:

Whois record and screencapture credits to whois.domaintools.com

The offending doamin is a fresh one (registered recently) and its whois info was set to be very similar to the original Nuffnang Philippines website.

As of writing the domain is unavailable (and is reportedly for sale already).

More details about this incident can be found in the Nuffnang website.

Thanks to Nuffnang Philippines Team for the timely notification to their users! Imho, they also handled the issue transparently and responsibly.

Lastly some notes:
This is not a paid post. I am blogging it here at menardconnect.com as a support to Nuffnang and also to increase awareness among bloggers that Phishing is a real security threat and we should increase our awareness on how to respond to it.