Broadband Tech > Security > Scam and Phishbusters > Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

reply to MGD

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

reply to rusty1989

quote:

---

Many victims have something else in common: They say the cards that were charged for e-books also were recently used to pay for Equifax credit report-related products, such as a credit score or credit monitoring. Some of the consumers complained to Equifax. A company spokesperson has told consumers it is investigating.

The reports don’t necessarily mean Equifax was hacked, and some victims say they never purchased anything at Equifax.com.

'No connection to Equifax'
Equifax spokesman David Rubinger told MSNBC.com that the firm's security experts have researched the incident and have concluded that "there is no connection to Equifax." The firm’s internal security monitoring software shows no signs of any data thefts, he said.

Rubinger suggested that fraud victims’ connection to Equifax is a coincidence, and merely a function of the popularity of Equifax products. After many large data breaches, companies often offer consumers free Equifax credit monitoring products. With tens of millions of consumers signed up for such products, it’s possible that the connection between e-book victims and Equifax is purely casual.

Credit card fraud victims sometimes discuss common points of purchase to try to determine a possible source of leaked credit cards. But apparent connections can be misleading. As part of the card transaction process, credit card numbers are passed between several financial entities and card processing firms. Any one could be the culprit in a data leak. And a disgruntled or corrupt employee at any point in the chain could steal numbers and sell them for profit.

---

reply to MGD
I have some information that may be useful to help you guys out a bit. Several ports of mine were recently "attacked" as classified by Norton from the IP Address of 77.91.227.179, 80 at approx 9:30 PM . May 6th 2008
note: it attacked TCP port 65477

soo, I traced it:
-----------------------------------------------------

77.91.227.179 is from Russian Federation(RU) in region Eastern Europe

whois query for 77.91.227.179...

Results returned from whois.arin.net:

OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL

ReferralServer: whois://whois.ripe.net:43

NetRange: 77.0.0.0 - 77.255.255.255
CIDR: 77.0.0.0/8
NetName: 77-RIPE
NetHandle: NET-77-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: TINNIE.ARIN.NET
NameServer: NS.LACNIC.NET
NameServer: SUNIC.SUNET.SE
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at »www.ripe.net/whois
RegDate: 2006-08-29
Updated: 2006-09-07

# ARIN WHOIS database, last updated 2008-05-06 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

Results returned from whois.ripe.net:

% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See »www.ripe.net/db/copyright.html

% Information related to '77.91.227.176 - 77.91.227.191'

inetnum: 77.91.227.176 - 77.91.227.191
netname: NETPLACE
descr: NETPLACE
country: RU
admin-c: PM946-RIPE
tech-c: PM946-RIPE
status: ASSIGNED PA
mnt-by: RU-WEBALTA-MNT
changed: lexa@wahome.ru 20071207
source: RIPE

person: Pavel Malinkovich
address: Tevosyana 40a-89
address: Electrostal, Moscow Region
address: Russia
phone: +7.4959685374
abuse-mailbox: abuse@netplace.ru
nic-hdl: PM946-RIPE
changed: pavel@malinkovich.com 20071207
source: RIPE

% Information related to '77.91.224.0/21AS41947'

route: 77.91.224.0/21
descr: WEBALTA / Internet Search Company
descr: Moscow, Russia
origin: AS41947
mnt-by: RU-WEBALTA-MNT
mnt-routes: RU-WEBALTA-MNT
changed: support@webalta.ru 20070524
source: RIPE

------------------------------------------------

I hope this helps, and people are brought into custody. Please also note that the name Pawel/Pavel Malinkovich is the registrant.

Please forgive any negative mannorism's in this reply, im just trying to provide information to help. =P

if you have any questions, email me at
andy0mocham@aol.com

quote:

---

Webalta by Evgeny Yushchuk, Associate Professor and author of the Russian books: Internet Intelligence, How to make and promote a blog and Competitive Intelligence: marketing of risks and opportunities.

What features does Webalta offer?

Unfortunately it doesn’t have particularly unique qualities. It looks like a regular search engine but with a small index and absolutely no social web 2.0 resources. No blogs, no social networks, and almost no forums. No advanced search. No searching language operators description.

Specialists think that Webalta is just trying to copy the bigger search engines – like Google, Yahoo, Live or the biggest Russian search engine Yandex, but without success.

Only when Yandex closed the “link” operator for backlinks, did Webalta have a chance. It even promised web administrators that they would receive backlinks from Webalta. But in fact Webalta didn’t give the backlink service. A bit later Yandex returned some of this service for website owners.

Unique visitors per month: 20,476,264

What does Webalta offer?

Email with a maximum size for one email of 10 MB.

Photohosting (they call it Photoservice)

Recently there were only 3,107 photos and not one new one.

Catalogue (they call it Rating)

Just a catalogue. It is paid by SMS and costs about one dollar.

Dating Service (Men and women seeking to make acquaintances)

Recently there were only 3,542 accounts and only one user online!

In the beginning Webalta said they had plans to gain 20-30% of the market. Now they have 0.1% of search traffic. A lot of articles in blogs of independent specialists are under topics alike “Is Webalta dying or dead?”. Specialists say that Webalta closed it’s contest advertising programs and lost a lot of stuff.

---

reply to Doctor Olds

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

quote:

---

"Latest info is that Certegy is most likely responsible. I read an article at the Saint Petersburg Times yesterday about this situation. In addition, I called a close friend of mine who works at Certegy and here is what happened. An employee/employees at Certegy wanted extra money and knowingly and/or illegally sold our credit card info to the crooks. Certegy processes credit cards for most banks,credit unions,etc. They used to be owned 100%(until a few years ago) by Equifax. Five of of the six top executives at Certegy were former execs at Equifax. Certegy has a very troubling history of major violations with regulators, class action attorneys, consumers, etc... Currently, they have nearly 600 complaints on file at the Better Business Bureau....When my bank and I called management at Certegy over this issue, we were stonewalled by management at Certegy... They showed bad faith!!! Certegy is worried about criminal actions because this may go all the way to the top. In addition, they act as if they are trying to shield themselves by stonewalling us because they fear civil liability (class actions,etc).... My bank called because they contract with Certegy to process our banks credit card transactions.......Kerry Rothschild"

---

quote:

---

Over a five-year period, the 54-year-old Largo man methodically stole confidential records on more than 8.4-million U.S. consumers, including 460,000 Floridians, authorities charged. Most of the records included credit card, debit card and/or bank account numbers. For his clandestine efforts, Sullivan was paid a total of $580,000.

---

quote:

---

In court papers and public statements, the company said the stolen records apparently were used solely to create mailing lists for marketers. There was no indication that they were used for identity theft or other fraud.

---

reply to MGD

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

reply to RegMemberFlyBy

quote:

---

»www.tampabay.com/news/business/a···4678.ece

Certegy Check Services notified millions of Americans last fall that a rogue employee had stolen and sold their personal financial information. Now the St. Petersburg company is preparing to unleash some more bad news: a proposed legal settlement that some critics say will do little to fight identity theft.

The preliminary deal between Certegy and class-action attorneys, currently under review by U.S. District Court Judge Steven D. Merryday in Tampa, would offer partial relief to some of the 8.4-million Americans — including 460,000 Floridians — whose data were methodically stolen over a five-year period. Among the benefits:

• Credit monitoring...
• Bank account monitoring....
• Identity-theft reimbursement....
• Heightened security....

---

quote:

---

»tampabay.bizjournals.com/tampaba···ry6.html
Certegy (NYSE: CEY) was founded in 2001 as a spinoff of Equifax, a provider of consumer and commercial credit information.

---

reply to christyj001

Go GEt'em! Gotta keep trying to knock'em down!

reply to MGD
don't know where mine came from but my bank account showed the charge before even clearing the account stopped it by calling the bank luckily they took care of it new card on way hope they can stop this company/person

Excellent, good catch !

Believe me, it will take considerable work to hunt these criminals down, put them behind bars, and throw away the key. It will happen eventually.

reply to MGD
Thank you for maintaining this thread.

I received a charge on my Amex statement from E NAT NATALIYA MAKOVCARMICHAEL CA / ELECTRONICS STORE for 18.87

I called to dispute it, but after reading this thread, called back and said I wished to declare it as a fraudulent charge. Amex immediately agreed to do so, canceled the card, and is sending me a new one.

I have a feeling that you have saved me further headaches.

Question: Have you noted any connections where someone had TWO cards hit simultaneously? The reason I ask is that today I noticed numerous small charges on my Mastercard, to different entities. This was clearly fraud. I had the card canceled and replaced. I can think of no way someone could have gotten TWO of my card numbers, short of looking in my wallet... I am assuming this is a coincidence.

reply to caa100

quote:

---

E NAT fraud charges hit my AMX card $12.24 Carmichael California

Submitted: 3/21/2008 3:03:17 PM

Kath
san francisco, California

I was hit again with fraud charges. I was previously hit with $4.95 and $2.95 on my visa debit card by Coastal Web Solutions (my credit union reversed the charges - I cancelled and reissued my card).

This time I was hit for $12.24 on my AMX by E NAT a fictitious on-line electronics store. I reported the fraud to AMX (they reversed the charges) and I cancelled and reissued the card.

---

MGD says:

quote:

---

This kind of repeated access to multiple unrelated card accounts of victims, clearly demonstrates how pervasive this syndicate's access to data is. What makes this more unique is that the AMEX and VISA/MC card processing systems are totally independent and unrelated. So where might that data be combined in a database.? Remember, dormant cards, and cards that were never used anywhere, get hit too.

---

reply to MGD

4/3/08 E NAT NATALIYA MAKOVCARMICHAEL CA $18.87
       ELECTRONICS STORE
 

4/16/08 AITDOMAINS 8772095184 NC                 $8.66
        Services  - Computer Network / Information
 
4/19/08 DOMAIN NAME REGISTRATI 425-8838860 WA   $19.95
        Services  - Computer Network / Information
 
4/23/08 DOMAIN SERV INT CHIPPENDALE AU           $8.99
        Services  - Computer Network / Information
 
4/26/08 FWBILLING.COM IJMUIDEN NL               $34.95
        Inbound Teleservices Merchants
 
4/28/08 FWBILLING.COM IJMUIDEN NL CREDIT      $ -34.95
        Inbound Teleservices Merchants
 

reply to MGD

reply to mae_aa419