dslreports logo
    All Forums Hot Topics Gallery
spc
uniqs
815296
MGD
MVM
join:2002-07-31

2 edits

1 recommendation

MGD

MVM

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

This very active card fraud charging entity does not have absolute confirmation of the OCS ownership yest. However, it has the exact same game database as MG Online Games Enterprises aka MGGAMEZONE.COM 330-536-7675 with different micro pricing. It also is hidden from search engines, and is clearly a cyber-mule configuration:

SCAM FRAUD = IM-GAMED.COM LLC aka IM-GAMED.COM 303-872-7857 = FRAUD SCAM »IM-GAMED.COM




Same games, same order rotation:




============================
Support
Please contact us via phone or email below.
To call: 1-(303)872-7857
To email: pay@IM-GAMED.com
Address: 1055 13th St. P2, Denver, CO 80204
Phone/FAX: 1-(303)872-7857
Email: pay@IM-GAMED.com
============================




and of course blocked from the net:




Lots of victim fraud complaints,which are dispersed due to either no number or various numbers used in the bill descriptor:

Complaints begin surfacing the last week of March:
quote:
Rob C
2 Apr 2010
Incidentally, the phone number itself was NOT posted on my bank statement--and while I was dealing with the bank over the fraudulent charge, it emerged that in this case there was no phone number associated with the supposed vendor. I found your complaint by googling "im gamed," in quotes--but hadn't any information about a phone number.

==================================

Kate S replies to Rob C
2 Apr 2010
Actually, my bank gave me the phone number when I called about the charge on my online statement. The bank wanted me to call the vendor, which I did, and I got a voicemail saying the person I was trying to reach was unavailable. I did not leave a message. When I entered imgamed.com into my web browser, I went to a site that is obviously bogus. I would not click on anything there, but there are gaming links, travel links, etc. It gave me the creeps. And now thanks to my bank's advice these people also have my cell phone number because I called them. When I called my bank again to dispute the charge and cancel my card they didn't seem interested in all these details. They just said the theives "always seem to stay one step ahead". They gave me back my $4.89, and canceled my card, and that's it. They said if the credit card companies get enough complaints they'll flag the vendor as fraudulent. But the "company" apparently has numerous names and phone numbers. Check out the last several posts on this site under phone number 213-286-4100, starting with Alan Brock, 29 Mar 2010. Someone had a $4.89 charge by IM Gamer. If you put imgamer.com into your browser you come to a different website, also obviously bogus. If these people have gone to the trouble of setting up at least two phony websites, it doesn't look like just some small-time scam artist. But I don't know how to get anyone to take it seriously.

»whocallsme.com/Phone-Num ··· 38727857

Fraud charges can appear with no number:

IM GAMED.COM LLC DENVER CO POS DEBIT $4.89

Can also appear as:

IM GAMED.COM LLC 213-286-4100
»800notes.com/Phone.aspx/ ··· 6-4100/7
quote:
Kim
31 Mar 2010
This number is on my BANK Statement with a charge of 4.89 and it say IM Gamer.com LLC, 213-286-4100 CO. I found this site because I searched the number - I'm totally confused about this...
Caller: 213-286-4100

»whocallsme.com/Phone-Num ··· 864100/3

A search for the LLC should bring up more fraud complaints:
»www.google.com/search?hl ··· M+LLC%22

The cyber-mule is apparently located near Denver, Colorado:




Conveniently has a proxy drop address:

===========================
ID Number: 20101033648
Name: IM-GAMED.COM LLC

Registered Agent: Corporation Service Company
Registered Agent Street Address:
1560 Broadway, Suite 2090, Denver, CO 80202, United States
Registered Agent Mailing Address:

Principal Street Address:
1055 13th St. P2, Denver, CO 80204, United States
Principal Mailing Address:

Status: Good Standing
Form: Limited Liability Company
Jurisdiction: Colorado
Formation Date: 01/18/2010
Term of Duration: Perpetual
Annual Report Month: January
===========================




[EDIT ADD]

I pulled a copy of the original LLC filing paperwork on IM-GAMED.COM LLC from the state of Colorado. As you may know Corporation Service Company is an online service for setting up Business registrations and for an additional fee serves as the registered agent uisng proxy lawyers in the domicile state.

The filings indicate that the duped cyber-mule is named "JEROME STONE", and as best as I can tell, the listed mailing address for the LLC: 1055 13th St. P2, Denver, CO 80204 appears to be a mail drop service location. The registered agent address of:1560 Broadway, Suite 2090, Denver, CO 80202 should correspond to a local lawyer who is an agent representing "Corporation Service Company"






[END EDIT]

MGD
MGD

1 edit

1 recommendation

MGD

MVM

SCAM FRAUD = IM-GAMED.COM LLC aka IM-GAMED.COM 303-872-7857 = FRAUD SCAM »IM-GAMED.COM

Based on the DNS servers, hosting appears to be provided by LOTOSUS:


Domain name: lotosus.com

Registrant Contact:
Whois Privacy Protection Service, Inc.
Whois Agent ()

Fax:
PMB 368, 14150 NE 20th St - F1
C/O lotosus.com
Bellevue, WA 98007
US

Status: Locked

Name Servers:
ns1.lotosus.com
ns2.lotosus.com

Creation date: 20 Nov 2006 19:48:58
Expiration date: 20 Nov 2010 19:48:58


The domain though privacy cloaked has been around since 2006. Since I do not know who they really are, I did a little digging. As it turns out they are based in LATVIA, a familiar and repeated location of this crime syndicate's operational focus, especially as a multi year money drop for the fraud proceeds:

From Circa 2007:


Registration Service Provided By: BizMajors.com
Contact: millennium@mail.lt

Domain name: lotosus.com

Administrative Contact:
BizMajors.com
Vygantas Lipskas (millennium@mail.lt)
+370.60157877
Fax:
R.Kalantos 171-13
Kaunas, 52326
LT

Status: Locked

Name Servers:
NS1.LOTOSUS.COM
NS2.LOTOSUS.COM

Creation date: 20 Nov 2006 19:48:58
Expiration date: 20 Nov 2008 19:48:58


There is nothing to indicate that they have any knowledge of this, GoDaddy is a regular provider also, just an interesting tidbit which indicates the true location of the criminals.

IM-GAMED.COM is hosted on a server in Michigan:

Server Type: Apache/2.2.15 (Unix) mod_ssl/2.2.15
OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
IP Address: 67.227.203.245
IP Location: - Michigan - Lansing - Liquid Web Inc
Response Code: 200
Domain Status: Registered And Active Website


IM-GAMED.COM

IP Address History

Event Date Action Pre-Action IP Post-Action IP
===============================================================
2009-11-18 New -none- 67.227.135.200
2010-01-03 Change 67.227.135.200 67.227.203.94
2010-02-03 Change 67.227.203.94 67.227.203.245

Registrar History

Date Registrar
2009-11-17 eNom.com

Name Server History

Event Date Action Pre-Action Server Post-Action Server
===============================================================
2009-11-13 New -none- Registrar-servers.com
2009-11-18 Transfer Registrar-servers.com Lotosus.com


The IM-GAMED.COM domain registration has been privacy cloaked from the start:


ICANN Registrar:
ENOM, INC.
Registration Service Provided By:
NameCheap.com
Contact:

Domain name: IM-GAMED.com

Registrant Contact:
WhoisGuard
WhoisGuard Protected ()

Fax:
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Status: Locked

Name Servers:
ns1.lotosus.com
ns2.lotosus.com

Creation date: 11 Nov 2009 17:24:55
Expiration date: 11 Nov 2010 17:24:55


MGD
MGD

1 recommendation

MGD

MVM

said by MGD:

On several occasions over the past few years I have awarded the title of the organized crime syndicate's current "longest running card fraud money laundering LLC / website" which is still actively charging. It should also be noted that the award can only be assigned to the "longest known" fraud site. Despite over 6 years and thousands of postings on over a half dozen threads on DSLR, we still only scratch the surface of this massive operation.

I made the mistake back in July of 2009 of assigning that longest running active fraud title to: EBSEBOOKS.COM aka Electronic Business Resources 412-927-0410. At the time, I had presumed that the prior record holder of four and half years of continuous fraud charging, KCSOFTWARECOM LLC aka KCSOFTLLC.COM had been shut down after THIS POST in October of 2008.

Unfortunately, 10 months later in October of 2009, I had to issue THIS RETRACTION when it was discoverd that KCSOFTWARECOM LLC aka KCSOFTLLC.COM.com had continued processing fraud charges and laundering the proceeds out the country as late as Jun 10th, 2009. Since KCSOFTWARECOM LLC aka KCSOFTLLC.COM began operation in March of 2004, that meant they had racked up over 5 years, or half a decade of continuous fraud charging:
...
..
Not long after that, a security insider at a major financial institution went on an intensive hunt to track down the associated business bank account, and have it closed down for fraud and money laundering. There have been no reported fraud charges since that time.

Several days ago when I saw more fraud charging coming in from EBSEBOOKS.COM aka Electronic Business Resources 412-927-0410 a 2006 organized crime syndicate's fraud entity, I decided it was time to firmly plant them in the # 1 spot again.
...
You can now scratch the organized crime syndicate's current longevity record holder off the map.

Finally: EBSEBOOKS.COM aka Electronic Business Resources 412-927-0410 is no more. Thanks once again to the same financial systems security individual who nailed KCSOFTLLC.COM.com aka KCSOFTWARECOM LLC and then took on the difficult task of rooting EBSEBOOKS out of the system. Apparently it was not an easy task, and required repeated efforts to snuff them out. There are clearly eCommerce and business account financial providers out there who are not adept in the current environment.

EBSEBOOKS was finally terminated at the end of the second week in April, and I have not seen any additional reports of fraud charges. The last one to surface was for charges at the end of the first week of April:
EBSEBOOKS.COM aka Electronic Business Resources 412-927-0410
quote:
Elkton, FL
26 Apr 2010
Whoever this is is quite busy. I think the company aforementioned has something to do with it, too.

We did not get a call from this company, but we got a charge on our Debit card for 4.95 on 4/7/2010. We don't know this company, did not order an e-book. Also called the number; got a message that the number is not in service. We called twice to make sure. I'm going to check our credit cards to see if there are similar fraudulent charges.

We are going to call our bank and get reimbursed as well as get another card issued.

The longevity of EBSEBOOKS was repeatedly leveraged in order to uncover many of the organized crime syndicate's latest hidden operations. Victims who either did not catch the monthly charges over an extended period, or ignored them, became a revealing source for the other cross charging entities.

Most recently it was EBSEBOOKS who revealed the latest tactic of now using fake tangible sites which revealed the entire fake "Electronics" themed fraud websites:

This EBSEBOOKS complaint in March:
quote:
quote:
Matt
20 Mar 2010
I had this scam hit my one bank account last year about 4 times (each time it was a different electronics company name with a phone number that went direct to voicemail). I went to my bank (a federal credit union) and canceled my debit card and went back to ATM cards. However, i have 2 accounts there and kept my Debit card with the other account. Now, that account just got hit with 2 charges this month (one from Electronic Business and one from Planet of Electronics). Same deal as everyone - one $4.95 charge, 1 $2.95 charge. I will now be going back to a regular ATM card for the 2nd account as well as our other one has been fraud-free since i got rid of the debit card.

coughed up Planet of Electronics aka PLANETOFELECTRONICS.COM 206-426-2670 which has now also been closed down. The existence of PLANETOFELECTRONICS.COM led to the discovery of several other clones.

EBSEBOOKS also contributed to the revelation and subsequent confirmation that the organized crime syndicate had other new groups:

You need to read this victim's post more than once for the significance of their attitude to sink in, and wonder how many other victims unknowingly support the syndicate's fraud tax by choice.
quote:
melvin Says:

March 5th, 2010 at 1:24 pm

I got hit by this scam with three charges over the last two months from 'Amp Games Com'

On the same card, I also noticed 4 changes for 4.95 from 'Electronic Business Re' every three months in 2009.

I'm reluctant to call my bank because I don't want to go through the effort of changing credit card number.

Frustrating !!

But the upside then confirmed the organized crime syndicate's:

MG Online Games Enterprises aka MGGAMEZONE.COM 330-536-7675

and

IM-GAMED.COM LLC aka IM-GAMED.COM 303-872-7857

Then flushed these out:

FRAUD SCAM = AMP-GAMES.COM aka AMP GAMES (FL) 407-412-9664

FRAUD SCAM = COSTICTSKYRYNGAMES.COM Address: Slidell, LA 70460 504- 322-3530

FRAUD SCAM = DREAMS-GAMEROOM.COM aka HOPES & DREAMS 478-394-4394 (GA)

FRAUD SCAM = GAMES-N-BOOKS-4FAMILYFUN.COM FAMILY FUN-GAMES&BOOKS (AZ) 520-762-7185

FRAUD SCAM = GAMING-EXPRESS4U.COM

FRAUD SCAM = MYGAMESONTHEGO.COM

FRAUD SCAM = TKM-GAMES.COM aka TKM Games 719-387-0811, CO

FRAUD SCAM = SKYRNGAMES.NET SKYRYN GAMES 504-322-3530 LA also 504-610-3983

FRAUD SCAM = FERICULGAMES.COM FERICUL GAMES Houston TX

FRAUD SCAM = VPNMONSTER.COM

These domains were ID's by profile but may not have made it off the ground:

DARRELLS-GAMES.COM

DAWN1GAMES.COM

PANDORASBOX1-GAMES.COM

MGD
MGD

MGD

MVM

Re: Rosmann Enterprises LLC 305-767-1953

FRAUD ALERT: IM-GAMED.COM LLC aka IM-GAMED.COM 303-872-7857

Attention FTC, what happens when victims do not cancel their cards after the first fraud charge.

It may take a while, but MGD then picks up another of the Organized Crime Syndicate's fresh card fraud laundering entity.

The last post only a few hours ago:
said by whocallsme.com :
=====================================
NCvictim
11 May 2010
They got me today as well, but only for $1.89. Called and canceled card, passed along the above information to financial institution.
Caller: IM-GAMED.COM LLC
=====================================
truely disgusted
13 May 2010
Noticed the same $4.89 charge from IMGAMED.COM today on my visa account. When I went to investigated the site I came across multiple bloggs with complaints about this fraud. Called and cancelled credit card~now must wait for new ones:( This is absolutely rediculous! Thanks for all your post!
=====================================
jefepiloto replies to Old Computer Wizard
24 May 2010
Just got the same charge to my Chase account
=====================================
royallen
16 Aug 2010
the scam continues,seems like the banks don't care,law enforcement doesn't care,and the thieves continue to get rich five dollars at a time
=====================================
DBS
10 h 55 min ago
I too had this happen to me back in May. I got just a similar "not in svc" msg when I called it. Thinking it may have been just a fluke I didn't bother to cancel my debit card. I just had a similar charge ($4.97) from a Rosmann Enterprises LLC with a phone number of 305-767-1953 from Keys, Fla. When I called it I was told (by a persone w/a British accent) the person I was calling was unavailable & instructed to lve a msg. Keep an eye out for this one too folks! My card is changed as soon as the bank opens in the morning!
=====================================

»whocallsme.com/Phone-Num ··· 727857/2

FRAUD SCAM = ROSMANNENTERPRISES.COM aka Rosmann Enterprises LLC 305-767-1953 »rosmannenterprises.com




LOL!!! = "TOYS UNDER $10"

Address: 2221 NE 164th Street,
North Miami Beach, FL 33160
Phone: 1-(305)-767-1953
Email: support@rosmannenterprises.com

You can also use the form below to send a quick message.
Please tell us your name, your question and your email information.
Your issue will be addressed as soon as possible. Full Name:




ROSMANNENTERPRISES.COM

Registrar: ENOM, INC.

Registration Service Provided By:
NameCheap.com
Contact: support[@N]ameCheap.com

Domain name: rosmannenterprises.com

Registrant Contact:
WhoisGuard
WhoisGuard Protected ()

Fax:
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Administrative Contact:
WhoisGuard
WhoisGuard Protected
(b9e143e0ff1f442b9ff27a9845f6f5d7.protect@whoisguard.com)
+1.6613102107
Fax: +1.6613102107
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Name Servers:
dns1.registrar-servers.com
dns2.registrar-servers.com
dns3.registrar-servers.com
dns4.registrar-servers.com

Creation date: 21 Jun 2010 14:42:00
Expiration date: 21 Jun 2011 09:42:00


===============================
IP Location: United States Scottsdale Godaddy.com Inc
Resolve Host: ip-97-74-216-48.ip.secureserver.net
IP Address: 97.74.216.48
===============================

===============================
Florida Limited Liability Company

ROSMANN ENTERPRISES LLC

Filing Information
Document Number L10000065008
FEI/EIN Number NONE ----------->LOOK
Date Filed 06/17/2010
State FL
Status ACTIVE

Principal Address

2221 NE 164TH STREET
SUITE 377
NORTH MIAMI BEACH FL 33160

Mailing Address
2221 NE 164TH STREET
SUITE 377
NORTH MIAMI BEACH FL 33160

Registered Agent Name & Address
CORPORATION SERVICE COMPANY
1201 HAYS ST
TALLAHASSEE FL 32301 US

Manager/Member Detail
Name & Address

Title MGRM
PAUL ROSMAN
2221 NE 164TH STREET SUITE 377
NORTH MIAMI BEACH FL 33160
===============================





The listed address:

Title MGRM
PAUL ROSMAN
2221 NE 164TH STREET SUITE 377
NORTH MIAMI BEACH FL 33160

is a mail drop and forwarding service:
quote:
Mail Bags Private Mail Box Business Center
2221 NE 164th Street
North Miami Beach, FL 33160
US

Full Service Business Center
Home / FAQ / About Mail Bags / Contact Us 305-945-3222 · Fax: 305-949-1689 · mailbags[@]earthlink.net

Private U.S. Mailing Address

Convenient and Confidential

Your Private Mailing Address With Your Personal Suite Number in
North Miami Beach, FL 33160

Pick up your mail and packages at your convenience or we can forward your mail and packages to you anywhere in the world, once a month or as often as you wish.

Private Florida Mailing Address

Call Ellen or Valerie to check your incoming mail
305-945-3222

Ask us about our other business services

Contact Us Today

Private Mail Address Fee Schedule:

Monthly $22.47
Quarterly $67.41
Semi-Annually $134.82
Annually $240

All prices include tax.
There is a one-time $15 setup fee.

The forwarding fee for mail and packages is $10 (plus cost), and a forwarding opening account balance of $50 is required.

We provide you with a street address and suite number.

You may call at any time to inquire about mail received and give instructions regarding forwarding. We will forward your mail at your request anywhere in the world.

You may also fax the information to us 24 hours a day, seven days a week.

We will accept deliveries from UPS, DHL, FedEx, US Post Office and all private courier services.

For $30 a month, you get your own phone number and can receive an unlimited number of calls.

We accept all major credit cards.

You will need to download a form which is required by the post office. Two pieces of identification (driver's license or some other identification that has your picture, and a major credit card, etc.) are needed. All this can be faxed or emailed to us.

If you have any further questions, please do not hesitate to call us, or email us.

»www.mailbags.org





Since Mail Bags Private Mail Box Business Center aka
»www.mailbags.org can be set up without ever showing a live body in the office, was it really opened by PAUL ROSMAN ?. All of the opening documents, including those required by the Post Office can be downloaded and faxed in along with two forms of identification, one a picture ID. We already know that the Organized Crime Syndicate has an ample supply of US identification edocuments and corresponding picture IDs. I have personally seen the OCS use them.

In this case, I am suspicious because there is no IRS tax id listed in the filings, and the name is spelled wrong is has two "N"s. Also because of the type of confidential mail forwarding service offered by Mail Bags Private Mail Box Business Center aka »www.mailbags.org. Is PAUL ROSMAN a cyber-mule or could he be an identity theft victim and the cyber-mule is really someone else. Since recent infiltrations and blocking of the fraud wire proceeds going offshore the Organized Crime Syndicate is using more sophisticated tactics to shelter and hide the true cyber-mules.

A check of public data bases shows only one PAUL ROSMAN in the state of Florida, located about 50 miles away in Port Saint Lucie:




Did the OCS use his Name, picture identity, and SSN to open up the mail drop and then register a Florida LLC in his name?. Did they pick a full service mail and faxing forwarding drop close by the address in order to then apply for a merchant account. I am still amazed that merchant accounts could not only be opened specifically and exclusively for card fraud laundering, but also using identity theft. I do not know the answer.

I need a fraud charge victim to post the first 7 digits of the ARN so that the bank business and fraud proceeds wiring Bank can be located.

According to the FTC filings the toll free division repeatedly used identity theft victims:




said by FTC :
The websites of the fake companies purport to sell some kind of product such as electronics and office supplies. (Id.) Each fake company also has a toll-free telephone number, as well as a "home" telephone number for the "owner" of the company. (ld.~ 27-31.) The toll-free numbers forward to a cell phone number registered in Belarus. (Id.~~ 30-31.) Defendant( s) Doe also use the names of identity theft victims as "owners" of these fake companies. (PX 1 ~ 39; PX 2 ~ 15, Att. D; PX 3 (identity theft victim); PX 4 (same).) Without their knowledge, Defendant(s) Doe provide the victims' name, social security number, and date of birth on merchant account applications. (Id.) Before Defendant( s) Doe use an identify theft victim's name to open an account, they run credit checks on the stolen identities to ensure that the victims have good credit scores so that the merchant accounts are approved by credit card processors. (PX I ~ 40.) These fictitious companies are therefore "owned" by identity theft victims without their knowledge.

MGD
MGD

2 edits

MGD

MVM

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

Not only are some of the OCS's long standing card fraud laundering websites such as SCREENSAVERSRISE.COM and IM-GAMED.COM still rolling right along spewing card fraud charges,





now some of the OCS's fraud websites first reported here during their factory creation phase back in May of 2010, are now well seasoned and in full card fraud blasting mode. One such example which I first reported during its birthing phase in May, is now generating high volumes of search referrals to this thread is VPNMONSTER.




Since search referrals can only come from someone who knows the domain name, and that is hidden from the world, then the most likely place it is being seen is on bank statements. Very little data has been captured as to the likely location of the crime syndicate's cyber-mule, however recent postings of the billing descriptor on 800notes.com confirm that the cyber-mule and merchant bank account is based in Fresno, California. Though one report also shows an additional three letter tag of QPS FRESNO CA a check of both Fresno county Fictitious business name registrations and the state of California corporations database has yet to identify the most likely candidate. Again, a posting of the first 7 digits of the ARN for a VPNMONSTER fraud charge would go a long way in identifying the rogue account.

Though the original SCREENSAVERSRISE.COM card fraud domain has now expired and is pending deletion or sale, that apparently has no effect on the merchant account status.


Registrant:
Pending Renewal or Deletion
P.O. Box 430
Herndon, VA. US 20172-0447

Domain Name: SCREENSAVERSRISE.COM

Administrative Contact, Technical Contact:
Pending Renewal or Deletion
P.O. Box 430
Herndon, VA 20172-0447
US
570-708-8786

Record expires on 16-Sep-2010.
Record created on 16-Sep-2009.

»SCREENSAVERSRISE.COM

It has been noted for several years that there was only minimal benefit to killing off the websites, as it appeared to have little or no effect on the syndicate's ability to process fraud charges under the domain once the merchant account has been obtained. There is no apparent ritual of checking by the providers that a functioning website remains in operation for a given merchant account. The only change is that instead of victims reporting charges on their cards from an entity they never actually made a purchase from, it now becomes a charge from an entity that no longer exists, which they could not have made a purchase from. Though in most victim complaint cases that material fact fails to raise much concern in the financial card processing community.

In previous posts I documented multiple systemic errors in the FTC's analysis report on the operation by attorney Wernikoff. As I noted then, the multiple incorrect conclusions were understandable, since a thorough forensic examination would have required significant additional resources. A primary flaw in their conclusion was the the Organized Crime Syndicate was "abusing" the card processing system.
said by Robert McMillan :
...... "We're going to aggressively seek to identify the ultimate masterminds behind this scheme," Wernikoff said. According to him, the scammers found loopholes in the credit card processing system that allowed them to set up fake U.S. companies that then ran more than a million phony credit card transactions through legitimate credit card processing companies. .....
That conclusion is seriously flawed, the OCS is neither "abusing" the systems, nor are they using "loopholes". The Organized Crime Syndicate is simply "USING" the existing system. The FTC's flawed conclusion is that it tends to "absolve" the merchant account system and infer it as being adequate, when in fact it is not. In addition, the FTC's description of "setting up fake U.S. companies" is also flawed. The OCS caused "US companies" to be registered in the proper and normal manner. There was nothing "fake" about the registrations, as per many of the documents that I have posted. Of course the ultimate intent was to operate a fake business, but the registration process contains no process of validating the intent or purpose. While some state's rules require an affirmation that the business be established for lawful purposes, there is neither a vetting process nor actively used criminal statues of enforcement. Essentially it is an honor system, one in which both the banks and merchant processing system assigns significant inherent legitimacy to the fact that a business entity is a properly "registered company". No such legitimacy should be conferred, as other than a small filing fee and a completed form, filed remotely via the Internet in many cases, no validation has been performed, including verifying the identity of the filer.

With such low standards to gain entry on to the card processing highway, and the ability to fleece consumer's account data, "abusing" the system is not necessary, just use it. It is reasonable to expect that eventually this decade long organized criminal operation and the modus operandi used, may generate Congressional hearings once sustained media attention is reached. That such an uninhibited and perpetual system can extort millions of dollars a year from consumers, and shuttle the laundering of the fraud proceeds out of the country unfettered in a post 911 era of a Patriot Act encumbered banking system, should raise significant concerns. Not that the entire system is belligerent, rather that there are significant variables in both the detection ability and behavior of the companies involved. The recognition ranges from leading edge and active systems to detect and block it, to the "We do not want to know" why don't you go after Careerbuilder instead, attitude.

One of the top five major financial system processors has for several years now, devoted significant resources to detecting and preventing the OCS from utilizing their services to launder hijacked card data through merchant accounts. Not only have they revised many of the procedures for issuing merchant accounts after recognizing that the OCS was routinely using them, but they also altered the vetting process and instituted advanced detection systems to catch any that may get through. A major west coast corporation with a merchant processing division also has an aggressive active operation to detect, block, and eradicate any of the Crime Syndicate's card fraud laundering operations from their systems. Both of those entities have not only devoted resources to the problem they have an effective strategy that significantly mitigates the ability for their systems to be abused in this manner. The problem is that though these entities are the "gold" standard for proper practices, it is not universal within the merchant processing system.

The FTC's Wernikoff is correct when he states:
said by Robert McMillan :
....."It was a very patient scam," said Steve Wernikoff, a staff attorney with the FTC who is prosecuting the case. "The people who are behind this are very meticulous." ....
The OCS has no problem probing, identifying, then flooding the merchant account providers and processors with substandard vetting and monitoring procedures, thus mitigating the effect of the few that do practice and utilize leading edge standards for fraud mitigation. In fact, one does not need to be a guru statistician to derive reasonable conclusions as to where First Data Corp fits in the picture in terms of the preventative standards of merchant fraud account implementations:
said by Robert McMillan :
..... One of the largest payment processors in the U.S., First Data, was a favorite of the scammers. Of the 116 fake merchant accounts the FTC uncovered, 110 were with First Data.
......... First Data would not comment on the measures it had taken to improve its merchant vetting process, but the company did confirm that it cooperated with the FTC investigation. .....
95% of the fraud merchant accounts uncovered by the FTC were through First Data Corp, clearly an overwhelmingly path of least resistance to the fraud operation. More significant is that the fact that the entire FTC operation does not even address 5% of the Organized Crime Syndicate's operation during the relevant period, so the actual number of accounts that were, and still are, using the services of First Data Corp can be any significant multiple of that number. It is therefore reasonable to assume that a significant number of fraud charging is still occurring through their system today.

It is not that First Data Corp intentionally facilitates the Crime syndicate, try as you might with any merchant account provider, and describe on your account application that you want a merchant account to process hijacked card data into cash, and you will never get one. In fact, it was First Data Corp who stepped up to the plate in 2008, and without hesitation immediately froze the merchant account of the OCS's EyeCon Technologies LLC. First Data Corp intervened after a security official at PNC Bank in Pittsburgh stated that he had no interest in delving into potential fraud and money laundering business accounts operating in his institution. Though First Data Corp acted immediately, they failed to recognize the implications that if you have one, then you probably have many.

Remember, the most incorrect and flawed statement made to date by the FTC's Wernikoff, is:
said by Robert McMillan :
.... The FTC's Wernikoff believes that whoever is responsible for this crime lives outside of the U.S., but with the money-cashing operation now busted up, the scammers will have to start again from scratch, if they want to keep bilking consumers. And criminal investigators now have a trail to follow.

"Does it prevent the people from ultimately responsible from building up again from scratch?" he asked. "No. But we do hope that this seriously disrupts them.". ...
Ref: »www.computerworld.com/s/ ··· ompanies

Though well intentioned, that diagnosis and conclusion could not be any further away from reality. They removed half a tentacle from the Octopus and declared it immobilized. Eventually, if there is an award for the most complacent entity in the entire operation, that will undoubtedly be given to Authorize.net / Cybersource / VISA. Over 90% of the OCS's fraudulent merchant accounts contain at least one, if not several, "red flags" which classifies them as suspicious. While the communications from the OCS shows that they are adept at monitoring and adapting to the weakest link in the chain for obtaining and sustaining the fraudulent merchant accounts, the never varied from designating Authorize.net / Cybersource / VISA as the gateway provider.

Edit Add:

There are far too many victim reports such as this, that may never be included in the FTC's type of analysis:

SCREENSAVERSRISE.COM:
quote:
robbie
5 h 14 min ago

I saw the charge and my bank said I had to call screen savers, they were polite and said the charge would be removed . Two weeks later they charged me again . My bank would do nothing .. so I had them issue me a new debit card...six months later I recieved another charge right after making a small purchase from an online store in New Jersey . I canceled the card . I filed a complaint with the FBI site mentioned above..it was kinda lose info but hope it helps stop these creeps .

»800notes.com/Phone.aspx/ ··· 284-4437

MGD
MGD

2 edits

MGD to nobounds

MVM

to nobounds

Re: MelissaGoodCompany.com 786-245-7823

Good catch !!

SCAM FRAUD = MELISSAGOODCOMPANY.COM 786-245-7823 = FRAUD SCAM

is relatively fresh, and utilizes a known prior modus-operandi in its configuration, particularly with past Florida fraud laundering set ups. The domain was registered last month using a registrar with prior OCS history:

===========================
MELISSAGOODCOMPANY.COM

ICANN Registrar:

MONIKER ONLINE SERVICES, INC.

Created: 2010-10-07

Reverse Whois:"Melissa McClain" owns about 3 other domains
===========================

There is also a prior history of using the small LOTOSUS entity for both DNS and hosting,for example IM-GAMED.COM 303-872-7857. Though LOTOSUS.com is now privacy cloaked and has been around since 2006, I traced its history back to a Vygantas Lipskas in Kauna, Latvia. I am not sure, though it is possible that you have captured the website during its merchant account application and vetting phase. Whether it is displaying these contact details permanently or only during the vetting phase, remains to be seen:

================================

Contact Us

"MelissaGoodCompany.com"

Address: 2637 E Atlantic Blvd #14768
Pompano Beach, FL 33062

Phone: 1-(786) 245-7823

Email: support@MelissaGoodCompany.com

You can also use the form below to send a quick message.
Please tell us your name, your question and your email information.

Your issue will be addressed as soon as possible.

================================


»www.melissagoodcompany.c ··· t_us.php
Snapped 2010-11-24 12:56:26


Regardless of the listed data, the cyber-mule is still well hidden:


Detail by Entity Name

Florida Limited Liability Company

MELISSAGOODCOMPANY LLC

Filing Information:

Document Number L10000102289

FEI/EIN Number NONE
Date Filed 09/30/2010
State FL
Status ACTIVE

Principal Address
2637 E ATLANTIC BLVD #14768
POMPANO BEACH FL 33062

Mailing Address
2637 E ATLANTIC BLVD #14768
POMPANO BEACH FL 33062

Registered Agent Name & Address
CORPORATION SERVICE COMPANY
1201 HAYS STREET
TALLAHASSEE FL 32301 US

Manager/Member Detail
Name & Address
Title MGRM
MCGILL, MELISSA
2637 E ATLANTIC BLVD #14768
POMPANO BEACH FL 33062

Annual Reports
No Annual Reports Filed

As in the case of at least five other recent Florida card fraud laundering operations an anonymous mail box and reshipping service is used and listed on document filings in order to hide the cyber-mule and their true location:

=========================

Parcels Plus

We ship anything anywhere.

(954) 782-9836

2637 E Atlantic Blvd

Pompano Beach, FL 33062

»www.parcelsplus.net/
=========================

Amazing, this is the third relatively small non chain mailbox services entity used, and all within a 15 mile radius of each other.




There are several people named "Melissa McGill" within the state of Florida alone. Though not probable, it is however possible that several of these matching LLC set up types could be done entirely using stolen identities. It is the mail box drop addresses and forwarding services configuration which makes this a possibility, even if a remote one. Mail drops are also used to shield the real cyber-mule as well. Besides the FTC's recent action which also uncovered this tactic, I am aware of multiple attempted set ups, which failed, using stolen identities. Merchant account applications were faxed using services such as Kinkos, etc, generally from locations within a reasonable radius of the identity theft victim. That process still requires the participation of a cyber-mule, besides on site faxing it also requires a body to show up in person and open a business bank and acquirer account somewhere.

The participation of domestic cyber-mules in faxing documents and applications in the names of other individuals on behalf of the Organized Crime Syndicate, in my opinion extends way past the believable pale of being duped. This third party process of obtaining merchant accounts with stolen identities did not have a high success rate, but has occurred in the past. The OCS is dynamic, in that it is constantly probing and testing the financial processing system for multiple failures in the vetting process and to develop new methods for circumventing the system.

MGD