Broadband Tech > Security > Scam and Phishbusters > Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

reply to MGD

Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

Domain Name: DAYETRAFFIC.COM
   Registrar: ENOM, INC.
Registration Service Provided By: Jaguar Technologies LLC
.
dayetraffic.com IP= 69.72.161.58
.
Administrative Contact:
   -
   Gregory Lorsung (gregorylorsung@yahoo.com)
   +1.2067707408
   Fax: -
   15113 Marseille Ave
   Bellevue, NE 68123
   US
.
Status: Locked
.
Name Servers:
   ns100.whbdns.com
   ns101.whbdns.com
.
Creation date: 29 Nov 2007 20:02:02
Expiration date: 29 Nov 2008 20:02:02

Entity Name       SOS Account Number
DAYE TRAFFIC LLC     10104467
.
Principal Office Address
11808 GOLDEN BLVD.
BELLEVUE, NE
.
Registered Agent and Office Address
KEVIN L. DAYE
11808 GOLDEN BLVD.
BELLEVUE, NE 68123
.
Nature of Business     Entity Type
Not Available Domestic    L L C
.
Qualifying State: NE
.
Date Filed   Account Status
Nov 14 2007    Active
.
Corporation Position Name Address
Member
Name
KEVIN L DAYE
Address
11808 GOLDEN BLVD.
BELLEVUE, NE 68123

Kevin Daye
work
Job title: Owner
Company: Daye Traffic
11808 Golden Blvd
Bellevue, NE 68123-1369
phone number unavailable

quote:

---

Rating: 0 Roborobssidekick - 29 May 2008
Just to warn all of you, getting a new card does nothing. My step father was charged months ago a $4.95 fee from 205-332-1748 and I cancelled his card and got him a new one. Well, I was just checking his statement online and once again he was charged $2.95 from the number 402-408-6643 and this is AFTER I got him a new card. Just be ware..........
Caller: DAYE TRAF DAYETRAFFIC

---

quote:

---

Rating: 0 Michael Varick in Orlando - 6 Jun 2008
Hello Fellow Victims: I just got hit for $4.95 on my Bank of America card from Daye Traffic. Not the first time; I was hit from a "Wabbys" on March 5, for SAME Amount. I think they pick a small "cup of coffee" amount so it falls under most people's radar. It was a "hobby shop", too. So, why don't I cancel the card you ask? Well, I have over 30 autopays linked directly to the card. I will have to spend 2 full days finding out who they all are. Why does that matter? If I cancel the card and get a new number, and forget to notify even ONE of the companies on auto-pay, I can get hit with a huge NSF fee. I'll pay the $4.95 every three months. Sad.

---

quote:

---

dadof89 - 25 May 2008
Ditto for me. $4.95 on May 20th. I have had at least one of these a month for the last 5 mos. Different company every time, but amounts very similar. 4.95. 7.95, etc. Safe to say, small amounts that a lot of folks out there wouldn't even notice. Each time, a simple phone call to the credit card company reverses the charge but it is very frustrating that they don't go after these guys !!! these guys must be raking it in for all the folks who don't call it in

---

quote:

---

Joe - 24 May 2008
Just got my credit card statement with a fraudulent charge of $9.00 on it from "LINK SERVICES" out of California with the phone number of 866-473-8739. I also got one from "DAYE TRAFFIC LLC" with the phone number of 402-408-6643. I reported my credit card as stolen and will dispute the charges on Monday. I filed a complaint with the FTC: »rn.ftc.gov/pls/dod/wsolcq$.start···ODE=PU01

I'm from Connecticut. Where is everyone else from?
Caller ID: 866-473-8739
Caller: LINK SERVICES

---

reply to MGD
BENNUTECH.COM AKA BENNU TECHNOLOGIES LLC 973-944-3970 »bennutech.com

BENNUTECH.COM

Domain Name: BENNUTECH.COM
   Registrar: ENOM, INC.
Registration Service Provided By: Jaguar Technologies LLC
.
bennutech.com  IP= 68.178.254.121
.
Administrative Contact:
   -
   Ryan Larson (ryanjrlarson@yahoo.com)
   +1.5087496706
   Fax: -
   20 Marshall Street
   Irvington, NJ 07111
   US
.
Status: Locked
.
Name Servers:
   ns43.domaincontrol.com
   ns44.domaincontrol.com

Bennutech LLC

New Jersey Division of Corporations
.
Business Entity Name
BENNU TECHNOLOGIES LIMITED LIABILITY COMPANY
.
Filing Number Type
0400200510    LLC

Bennutech BRC

  STATE OF NEW JERSEY
BUSINESS REGISTRATION CERTIFICATE
.
Taxpayer Name:  BENNU TECHNOLOGIES LIMITED LIABILITY COMPANY
 .
Trade Name:
.
Address:  40 TREMONT TERRACE
         IRVINGTON,   NJ   07111-3710
.
Certificate Number:  1362197
.
Effective Date:  October 15, 2007
.
.
For Office Use Only:
.
20080610014113933

Bennutech & Callidora LLCs

Callidora Designs BRC

  STATE OF NEW JERSEY
BUSINESS REGISTRATION CERTIFICATE
.
Taxpayer Name:  CALLIDORA DESIGNS LIMITED LIABILITY COMPANY
 .
Trade Name:
.
Address:  40 TREMONT TERRACE
         IRVINGTON,   NJ   07111-3710
.
Certificate Number:  1415900
.
Effective Date:  June 06, 2008
.
.
For Office Use Only:
.
20080611020948508

Found the freshly minted callidoria, related to the BENNUTECH.COM AKA BENNU TECHNOLOGIES LLC cyber-mule:

CALLIDORADESIGNS.NET AKA CALLIDORA DESIGNS LLC 973-735-2361 »callidoradesigns.net

contact

   Domain Name: CALLIDORADESIGNS.NET
   Registrar: ENOM, INC.
.
callidoradesigns.net IP = 72.167.206.99
.
Administrative Contact:
   Whois Privacy Protection Service, Inc.
   Whois Agent (qqypcyrh@whoisprivacyprotect.com)
   +1.4252740657
   Fax: +1.4256960234
   PMB 368, 14150 NE 20th St - F1
   C/O callidoradesigns.net
   Bellevue, WA 98007
   US

reply to MGD
That phone number - 973-944-3970 - is a Morristown, N.J. landline phone number. Irvington is a 908 area code.

reply to MGD

reply to MGD

reply to Whip412

reply to MGD
BENNUTECH.COM AKA BENNU TECHNOLOGIES LLC 973-944-3970 and
CALLIDORADESIGNS.NET AKA CALLIDORA DESIGNS LLC 973-735-2361
have ceased operations. Once informed that the business was set up exclusively for fraudulent card processing, the cyber-mule agreed to immediately block the crime syndicate's access to the suthorize.net merchant processing account, and online access to the business bank accounts. They also will stop the set up processing of the recent CALLIDORA DESIGNS LLC.

The cyber-mule was recruited from a response to their resume which was posted on careerbuilders.com. This is the fourth cyber-mule that was recruited via careerbuilders.com. Clearly the organized crime syndicate is actively trolling resumes posted on that site, as well as monster.com.

In this case the criminals presented themselves as a company from Helsinki, Finland called Oivabisnes Ltd and directed the potential employee to their website »oivabisnes.com

»www.oivabisnes.com/index02.php
Snapped 2008-06-13 04:36:53

»www.oivabisnes.com/setupguide.php
Snapped 2008-06-13 04:34:00

SALES AGENT AGREEMENT
This Sales Agent Agreement ("Agreement") is made and effective
BETWEEN:

»www.oivabisnes.com/uspartner.php
Snapped 2008-06-13 04:36:37

AND:
[Oivabisnes Ltd.](the "Principal"),
an IT business development company existing under the laws of Finland with its postal address:

Address:
Sturenkatu 21, PL 33,
00510 Helsinki,
Finland
Phone:
+358-(09)-2316-3724
Fax:
+1-(419)-932-7068

WHEREAS the Principal wishes to employ the services of the Agent with the duty of setting up a subsidiary for the Principal. This subsidiary will have the exclusive right to sell web design, product and property of the Principal;

WHEREAS the Agent undertakes to organize a subsidiary for the Principal that will sell web design, product and property of the Principal, in return for a commission.

It is agreed as follows:

1. TERM OF THE AGREEMENT
The term of this Agreement shall be a period of one year, commencing the date the Agreement is submitted, subject, however, to prior termination as provided in this Agreement. At the expiration date this Agreement shall be considered renewed for regular period of one year, provided neither party submits a notice of termination.

2. DUTIES AND RESPONSIBILITIES OF THE AGENT
The Agent shall register any kind of business entity in local Incorporation Office and submit Incorporation Certificate to the Principal;
the Agent shall open business checking account in a bank exclusively for transacting with the Principal and bank merchant account for accepting customer payments. The Agent agrees to share with the Principal all information for both accounts and understands that he/she is not eligible to change, modify any account information without written notice to the Principal;
the Agent shall not do or permit anything to be done to prejudice the market image of the Principal’s product or the Principal itself;
as a condition of business relationship with the Principal, the Agent gives permission to the Principal to check his/her personal details (address information above). He/she understands that this background check will include, but not be limited to, verification of all information contained in this Agreement; Please, attach copy of ID with photo.
the Agent accepts employment with the Principal upon the terms set in this Agreement and agrees to devote time, energy and ability sufficient to the interests of the Principal, and to perform the Agent’s duties in an efficient, trustworthy and business-like manner. The Agent agrees to maintain timely and constant email communication with the Principal.

3. DUTIES AND RESPONSIBILITIES OF THE PRINCIPAL
The Principal shall create an authentic web store for the Agent and shall be responsible for performing all necessary maintenance work and resolving any kind of technical issues;
for the duration of the Agreement, the Principal shall do, at the Principal's cost, all marketing and customer care work for the Agent’s web store;
the Principle shall furnish the Agent with utmost guidance and exhaustive step-by-step instructions during entire period of cooperation;
the Principal shall not use the Agent’s personal and business information in any unauthorized or illegal manner, nor shall it share this information with any third party.

4. PROPRIATARY INFORMATION
Through the course of this Agreement with the Principal, the Agent may be involved in and shall contribute to the development of certain items that are proprietary to the Principal and may be exposed to certain information that is proprietary and of strategic and operational advantage of the Principal. These items may include items that are copyrightable, subject to trademark protection, trade secrets, confidential, subject to patent protection, or otherwise considered by the Principal to be proprietary in nature. They may include things such as business and marketing plans, strategic development plans, financial information, market studies, promotional plans, advertising, computer programs and source codes, databases and database engines, logos, web sites, system documentation, computer algorithms, data, enhancements and improvements, customer inquiries and complaints, modification reports, customer lists, and other information and materials that are of a strategic importance to the Principal. These items are all assets of the Principal and are protected under copyright law, trade secret law, patent law, trademark law, and a variety of other laws. Thus, the Agent shall not at any time or in any manner, either directly or indirectly, divulge, disclose or communicate to any person, firm, corporation, or other entity in any manner whatsoever any information concerning any matters affecting or relating to the business of the Principal, including but not limited to any of its customers, the prices it obtains at which it sells its products, or any other information concerning the business of the Principal, its manner of operation, its plans, processes, or other data. The Principal in its turn shall not use the Agent’s personal and business information in any unauthorized or illegal manner, nor shall it share this information with any third party for any reason.

All of the terms of Section 4 of this Agreement shall remain in full force and effect for the period of five years after the termination of this Agreement.

5. THE AGENT’S COMMISSION
The Principal shall pay the Agent, and the Agent shall accept from the Principal, in full payment for the Agent’s services under this Agreement, 10% commission on net profit from sales at the Agent’s web store. The Agent shall withdraw his/her commission from the business checking account strictly upon Principal’s instruction.

6. BONUSES AND BENEFITS
Payment of any bonuses shall be at the complete discretion of the Principal. No guarantee or representation that any bonuses will be paid has been made to the Agent. The Principal shall not provide any benefits plan to the Agent under this Agreement.

7. THE AGENT’S EXPENSES
As a result of business entity registration and opening business checking and merchant accounts the Agent will incur certain expenses. The Principal shall credit the Agent for the above expenses after the Agent presents an itemized account of expenditures with contact information of institutions to which the payments are to be made. The amount credited to the Agent for covering the expenses will be deducted by the Principal from the Agent’s business account as soon as the amount equal to the credited amount is profited from the venture.

8. PAYMENT OF TAXES
The Agent is only liable for the 10% commission that he/she draws from the venture as his/her personal income. The Principal is liable for the rest 90% of the revenues.

9. TERMINATION OF THE AGREEMENT
The Principal shall terminate this Agreement at its sole discretion with 10 days’ notice if not satisfied with the way the Agent fulfils the duties assigned under this Agreement. The Principal shall not be liable to the Agent for any losses or damages he/she may incur as a result of any such termination. Such termination shall not prejudice any remedy to which both parties may be entitled upon termination, either by law or under this Agreement. If the Agent wishes to terminate the present Agreement, he/she agrees to give the Principal a 10 days’ written notice of his/her intention to terminate. The Agent hereby agrees to the Principal’s recourse to reasonable security procedure within limits allowed by law to verify the Agent’s personal information. The identity verification may potentially entail a telephone call to the Agent for phone number and address confirmation. Should any piece of the personal information presented by the Agent be found counterfeited or criminal, the Principal shall terminate this Agreement immediately with written notification to the Agent.

10. MODIFICATION OF THE AGREEMENT
Any modification of this Agreement or additional obligation assumed by either party in connection with this Agreement shall be binding only if evidenced in written amendment signed by each party or an authorized representative of each party.

11. ACKNOWLEDGEMENT
The Agent has carefully read and considered all provisions of this Agreement and agrees that all of the conditions set above are fair and reasonably required to protect the Principal's interests.

Jan Tillmonen
US Partners Director,
Oivabisnes Ltd.

   Domain Name: OIVABISNES.COM
   Registrar: ENOM, INC.
.
oivabisnes.com = IP 66.152.162.116
.
Administrative Contact:
   -
   Robert Coronel (rbrtcoronel@yahoo.com)
   +1.9152001458
   Fax: -
   2437 W Greenleaf Ave
   Chicago, IL 60645
   US
.
Status: Locked
.
Name Servers:
   ns1.hostdone.com
   ns2.hostdone.com
.
Creation date: 25 Apr 2007 21:26:42
Expiration date: 25 Apr 2009 21:26:00

»www.r-a-b-d.com
Snapped 2008-06-13 05:14:11

reply to moike

While it is bad they are hitting those sites, it is great to know the victims as a group are hurting them. They apparently have no other means to steal (and are too lazy/stupid to do honest work) so when they get taken out early and cut off to their ill gotten gains they childishly go to the botnets to try to stop the money bleed the victims and investigators have started. I love it. It means they are feeling the pain. I hope they can't make their payments and lose some of their unearned luxuries. Hopefully their new lifestyle will be a cold, damp, dark 9 by 6 by 12 Cell with a huge and unruly roommate when law enforcement finally gets them and they are extradited to spend life behind bars.

Regards,

Doctor Olds
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

reply to MGD
From the post above where a victim reported a fraud charge from "Wabby's" in addition to the DAYETRAFFIC.COM AKA Daye Traffic LLC 402-408-6643:

quote:

---

Rating: 0 Michael Varick in Orlando - 6 Jun 2008
Hello Fellow Victims: I just got hit for $4.95 on my Bank of America card from Daye Traffic. Not the first time; I was hit from a "Wabbys" on March 5, for SAME Amount.........

---

quote:

---

Andrey - 15 Mar 2008
found the same thing today with my account!
got charged on 03/13/2008 for 4.95 from WABBY'S 413-303-1965 MA.
cancelled my card just a few minutes ago as this was the second unauthorized transaction for the last 6 month. The first one happened in October from EST COMPANY 866-347-0931 FL, got my money back just recently. I wonder if there is any connection between these two companies...
Caller ID: 413-303-1965
Caller: WABBY'S

---

Domain Name: WABBYTRAFFIC.COM
   Registrar: ENOM, INC.
.
Registration Service Provided By: Jaguar Technologies LLC
.
wabbytraffic.com = IP 66.152.162.116
.
Administrative Contact:
   -
   George Chadwell (georgechadwell@yahoo.com)
   +1.4257408509
   Fax: -
   5 South Hampshire Street
   Easthampton, MA 01027
   US
.

Status: Locked

Name Servers:
   ns1.hostdone.com
   ns2.hostdone.com

Creation date: 17 Oct 2007 22:13:46
Expiration date: 17 Oct 2008 22:13:46

ea banks report fraudulent overseas withdrawals
At TCU, nearly 100 accounts affected; activity traced to Russia, Ukraine, Nigeria, other countries.

By TOM MOOR
Tribune Staff Writer

SOUTH BEND — At least dozens of area residents had money fraudulently withdrawn from their accounts over the weekend at locations overseas, local bank officials reported Monday.

At Teachers Credit Union, 97 members have been affected, said Paul Marsh, senior vice president for sales and marketing.

Marsh said the withdrawals — some of which have been for more than $1,000 — were all “pin-based transactions” made on debit cards at ATM machines in several countries, including Russia, Ukraine and Nigeria.

Marsh said he is not sure how the information is being obtained, but said all the withdrawals were made over the weekend.

“Right now we’re looking into how they’re doing it,” Marsh said. “We think some of them are happening when a merchant is involved at the point of sale. Somehow they’re collecting the information, and it could be a number of possibilities.” He said it was not the result of an internal breach.

Marsh is not sure if the number of people affected will increase but said reports “diminished throughout the day.” “We’re working with our members to take care of the situation,” he said.

Similar reports have been made at Notre Dame Federal Credit Union. At least 10 members there reported fraudulent withdrawals made since Saturday, said Deidre Davis, vice president of marketing and business development.

Davis said there’s been “some sort of data breach and fraudulent withdrawals” in Ukraine, Russia and Spain.

“It looks like they’re coming from debit and ATM cards, but we’re not exactly sure at this point,” she said.

“We’ve received enough calls to take a look at it,” Davis added. “We’ve blocked it so our cards cannot be used in these three countries right now. We’re taking a proactive stance so we don’t see anymore.”

At least three local people have also reported unauthorized withdrawals from their KeyBank accounts, although it is unclear if that bank has been affected by this particular fraud.

Meanwhile, Marsh said the amount of money being withdrawn from the TCU accounts varies.

In one of the police reports filed, a woman told police $106.82 had been withdrawn from her Visa debit card at a location in Novosivirsk, Russia. A local man told police $1,300 had been taken from his ATM card in the same Russian town. And another person had eight withdrawals on his card from the town, including four for $400 or more.

“Our detectives are being assigned to the cases and are working with the banks,” said Sgt. Bill Redman, a St. Joseph County police spokesman.

Staff writer Tom Moor: tmoor@sbtinfo.com (574) 235-6187

My bank was breached by a hacker or someone. Records were taken from the bank which then issued all customers new debit cards.

My bank is not included in the thefts listed above, which happened this weekend.

reply to MGD

reply to MGD
Here is a very interesting item. My Master Card was hit by IPS for $9.80 with a transaction date of 06/02 and a posted date of 06/02. What is so interesting about that you say? Well, that is the very next day after I signed up for credit monitoring with Equifax.

Related? Could be but the kicker is I did not use my credit card to sign up. I got a one year free deal because the HR department of the company I work for lost a lap top with personal information on lots of employees. I did not provide any credit card information to Equifax.

Kind of makes you hummmm......

reply to MGD
A Little more info and a few questions.

The charge to my husband's card is one that is not used online EVER. Mine, however, is used mainly online. Yet both were snagged.

Also, has their been any investigation of the Hosting Company »www.jaguarpc.com/ as both WABBYS and DAYE TRAFFIC were hosted by them? Have they been contacted? I know the syndicate sets up the website, so obviously similar templates would be more often then not on the same host, but have they been contacted in regards to all of this?

On the DAYE TRAFFIC we have the information from whois as:

Gregory Lorsung ()
+1.2067707408
Fax: -
15113 Marseille Ave
Bellevue, NE 68123
US

That is all well and good, but the phone number is a Seattle WA number.

(206) 770-7408
Type: Land Line
Provider: Qwest Corporation
Location: Seattle, WA

Funny that the nearest large city to Seattle is Bellevue, WA. Fitting that the towns are the same name.

What ever happened to arealhome?

I have to say THANK YOU for all the work you have done. I did not know this site was here before yesterday. I did a lot of research on my own, but had no idea what to do with it other than reporting to the IC3. I appreciate all the work you have done. If I can be of any assistance please let me know.

reply to HitTwice

I have sent this information to the local news consumer watches. I have not heard anything back from them, except one that asked if I was filing into that class action suit against Certegy and if my identity had been stolen from that. I told them I did not know of a class action lawsuit and that I was not part of the case. I heard nothing after that.

As for the class action suit against Certegy, I am not sure if I am going to enter it yet. Yes our information is with Certegy (due to a series of checks that were writen after my box of new checks was stolen from the mailbox) but I am not sure I agree with the lawsuit or not.

reply to MGD
They are refining their tactics. We received a request for web forum membership from "IBDIZ.COM" with the following signature added to the new member's profile:

support @ ibtemplates.com
support @ IBDIZ.COM

A google search shows that this "sig" is added to posts made to random web forums with an invitation to "contact me." More googling of the above led me here.

Thanks,

Indeed they are, I will make a post shortly that will explain what they are up to. !! hang tight.

reply to MGD

The Crime Syndicate's UK fraud operation uncovered !

Infobite fraud jobs on Trovit

Cannydesign.com

bbctemplates.com

Hiding the fraud reports

Altering search rankings