Google Answers Logo
View Question
Q: Spam Investigation ( Answered,   1 Comment )
Subject: Spam Investigation
Category: Computers > Security
Asked by: johnny_moniker-ga
List Price: $10.00
Posted: 12 Sep 2005 04:32 PDT
Expires: 12 Oct 2005 04:32 PDT
Question ID: 567062
Browsing through all of the archived answers on this site I became
aware of a recurring piece of spam posted in the GA comments area of
several questions.

The offending pieces of spam can be viewed here, in this saved search

Three different identities, same basic claims about hacking e-mail
accounts.  All likely the same people (person).  I was just wondering
how much can be discovered about organizations like this.

Anybody who can tell me anything about this organization running this,
and tell me exactly what internet resources were used to "mine" this
sort of data from the web, gets my money.  I'm most interested having
the tools to investigate the shadowy parts of the web with reliable
information, not the abundant misinformation "planted" throughout the surface web.

I will tip generously for an especially inventive, complete answer.

I realize my question may be confusing, feel free to ask for clarification
Subject: Re: Spam Investigation
Answered By: justaskscott-ga on 12 Sep 2005 16:24 PDT
Hello johnny_moniker,

In cached versions, you can still see several of the posts that were
on Google Answers:

"I think my wife is cheating" (Google cache from Sep 8, 2005)
Google Answers

"Breast Implants" (Google cache from Sep 12, 2005)
Google Answers

"Dating" (MSN cache from 9/10/2005)

"fun things to do with a date" (MSN cache from 9/10/2005)

"Russian Bride" (MSN cache from 9/10/2005)

It seems that two of the sites you mention,
and, are indeed from the same person or
organization, apparently located in India.  They were even created on
the same date.

Whois Source

Whois Source

The registration information is dubious: the telephone number includes
"12345678," while "c/o SANTOSH JHA" apparently refers to accused
scammer Santosh Jha, mentioned in various articles such as:

"Kingpin Santosh Jha surrenders" (June 2, 2005)
The Tribune [Chandigarh, India]

It also seems that both sites have appeared at .tk addresses. (MSN cache from 9/2/2005)
MSN (MSN cache from 9/7/2005)

Unfortunately, the Whois server for .tk URLs ( is
not working at the moment.  Perhaps if and when it works again, it
will reveal additional helpful information.

The third site that you mention seems to have its origin in Brazil.

Whois Source

Its US registration information, at least, is doubtful, in part due to
the same kind of unlikely telephone number as that for the other two
sites (in this case, including "1 234 56789").

A copy of the site is found at:

Hire Hackers

- justaskscott

Search strategy --

Searched on Whois Source for:

Searched on Google, Ixquick, and MSN for one or more of the following
terms, individually or in combinations:

"google answers"
santosh jha

[I tried other searches as well; but the searches I've mentioned led
me to the pages I've cited.]
Subject: Re: Spam Investigation
From: myoarin-ga on 12 Sep 2005 06:16 PDT
The good people in Mountain View have been advised, so there is a good
chance that all the comments will be deleted in the course of Cal. AM
time.  You probably noticed that the posting appeared a second time
with a different user name on the first question that comes up with
your link, that one Sept. 11.  The others all were posted within a few
minutes on Sept. 10, maybe after a search on "sex", "relationship" or
the like to sleect target questions.
The posters were obviously pretty savvy about GA, since the "subject"
line was changed when posting the comments, something that even some
avid commenters did not know was possible.
Yes it would be very interesting.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy