The Latest in IT Security

Payday loan scam


Weebly is a free platform for website creation. Like many free hosting and DNS providers, it is abused by spammers and scammers. Recently, I found over 400 sub-domains advertising “instant cash loans” and redirecting users to

Here are some of the 400 sub-domains:

  • etc.

The 400+ domains have an identical layout with some text at the top, but the majority of the page is simply a large image showing an application form.

the form is actually an image

The image is also a link to the actual Payday loan website. But instead of linking directly to, they link to “custom” shortened URLs. The URLs do not come from legitimate URL shortening services, but rather domains that have been setup by the scammers for the sole purpose of linking to spam/scams. This is a technique used by other spammers, notably fake Canadian Pharmacy, to work around spam filters. Here are some of the domains used for the redirections:

  • serves as a broker in finding payday loans for customers. Potential borrowers have to fill out 2 forms and provide very sensitive information including a social security number, bank account information, etc.

Payday loan form, page 1
Payday loan form, page 2

From my experience after filling out the form, and from what I gather from many forums, borrowers get a $200 loan, but here is an $89 charge every time the loan is renewed. The renewal happens automatically every nine days and herein lies the scam: it is apparently very hard to get the company to stop the automated renewal. The $200 loan can get very expensive after a few weeks!

My loan offer (I asked for $800)

The company operates under different names: Brighton Fnl LLC, Kingston Financial, etc. The Better Bureau Business record for Brighton Fnl LLC is not great: eight complaints are currently listed on the BBB website.

After sending a few URLs to Weebly, some sub-domains have been taken down, but most are still up. Weebly is fairly young, it does not look like they have the correct tools and processes in place to respond quickly to this kind of spam. I’ve offered to send them the full list, but I have not heard back from them yet.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments