Ebook websites, fraud charges, Devbill/DigitalAge/Pluto Page 3

Author	All Replies
pcdebb RIP dadkins Premium join:2000-12-03 Tampa, FL clubs:	reply to MGD Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto said by MGD : However, I am still set on you winning that lotto. MGD hey, i'm still ready to write that check for you
	to forum · permalink · · 2008-01-06 11:18:07 ·
pcdebb RIP dadkins Premium join:2000-12-03 Tampa, FL clubs:	reply to MGD said by MGD : I monitor several forums that victims are posting on, and there are several names currently unidentified. I will add SITE SERVICES to that list. Also might want to add "At Site Services" My bank told me the company is called "At Site Services" which we both agreed was such a catch-all name for about anything now-a-days. -- a time for change... \| 1st & 10 \| Ham is good
	to forum · permalink · · 2008-01-06 11:24:03 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	reply to MGD I am still amazed that after four plus years and several hundred consecutive fake template or e-book sites, that they have not raised some suspicion during merchant account enrollment at authorize.net / Cybersource. Or why the banking system has not taken preventative measures as a result of the long running high charge back correlation. Earlier this year the crime syndicate's R&D division coughed up a new theme. Currently well underway is a new "virtual" business model theme, website promotion and advertising. Again, in the convenient variable denomination between $2.95 and $6.95 a shot. A business model that does not exist in the real world, but who will know. There is definitive confirmation that the fraudulent funds from some of the entities in this division are/were wired to the exact same accounts in Bulgaria and Kyrgyzstan. First up is the already defunct fabri-tex.net 832-519-1980 a Texas registered LLC: Fabri-tex had a considerable amount of fraudulent charge reports including at least one news media story in a local Ohio newspaper, the Chillicothe Gazette Fabri-tex had a bogus domain registration via the crime syndicate's perennial favorite registration provider and hosting company Jaguar Technologies LLC. Domain name: fabri-tex.net Alan Moll (mollalan@yahoo.com) +1.4136834739 Fax: - 2726 Bissonnet St Houston, TX 77005 US Name Servers: ns1.hostdone.com ns2.hostdone.com Creation date: 12 Jul 2007 20:36:47 Expiration date: 12 Jul 2008 20:36:47 Also common to Jaguar is another identical site to fabri-tex: keleyempire.com AKA Kelly Empire Inc., 305-396-3076 »kelleyempire.com Registration Service Provided By: Jaguar Technologies LLC [kelleyempire.com IP 208.109.181.129] Domain name: kelleyempire.com Administrative Contact: - Ryan Faulkner (ryanfaulker@yahoo.com) +1.6099392568 Fax: - 1510 Drexel Ave Miami Beach, FL 33139 US Name Servers: ns43.domaincontrol.com ns44.domaincontrol.com Creation date: 23 Oct 2007 21:02:18 Expiration date: 23 Oct 2008 21:02:18 Both fabri-tex and kellyempire were also hidden from search engines: Which makes rounding up other sites in the pack difficult until there are numerous fraud reports that can be tracked. The price list should match fraud charge amounts: This group appears to be a higher volume lower charge run, which may have contributed to the early burn out of fabri-tex. The C&C hub and recruitment site for that group is emerald-bridge.com. The domain just expired a few days ago, and so far has not been renewed. Emerald Bridge Inc., claimed to be headquartered in Helsinki, Finland, though they had a bogus domain registration in the name of a real individual: Registration Service Provided By: Domain Cheap IP address 208.109.78.138 Administrative Contact: Emerald Bridge Inc David Shannon (david.shanon@yahoo.com) +1.2089770527 Fax: - 1328 East Lind Road Tucson, AZ 85719 US Name Servers: ns1.secureserver.net ns2.secureserver.net Creation date: 02 Jan 2007 20:44:55 Expiration date: 02 Jan 2008 20:44:55 Emerald Bridge Inc, repeatedly advertised in multiple locations for US or Canadian cybermules: In fact even though the domain has now expired they are still actively recruiting: Despite the novel theme, the website promotion group has not fared so well. One particular problem has been that several of the recruited mules have blown their cover. The criminals are even threatening to sue a cybermule !! breach of contract maybe !!! quote: ..."I'm certain that my identity has been stolen and I have been used to run a very large credit card scam. Now Emerald-Bridge is threatening me with legal action (via my e-mail, of course) and I'm out the $250 I spent to set up the business as well as another $250 to Authorize.net. ".... See: »www.ripoffreport.com/reports/0/2···9666.htm and the follow up: »www.ripoffreport.com/reports/0/2···m#272894 At least one individual is still confused: »www.ripoffreport.com/reports/0/2···2217.htm Note the mention of myemeraldconnection.com, probably another site in the group. This potential cybermule who posted on 800notes.com fabri-tex thread, nailed it.: This is all just a minor bump in the road, the web advertising division is made up of multiple formats. A version 6.1 was already running in parallel: wameltraffic.com AKA Vanwamel enterpries 785-200-3339 »wameltraffic.com Revised increased pricing schedule: Mistake, someone forget to remove the templated reference to eBooks on the "web traffic" theme: quote: "For all issues related to the use and operation of an eBook purchased on our website and for all billing and technical questions please call 1-(785)-200-3339, or send email to support@wameltraffic.com" »wameltraffic.com/contacts.php wameltraffic.com AKA Vanwamel enterprises list their contact address asfollows: Vanwamel Enterprises Address 10750 Blackbird Rd, Emmett, Kansas, 66422 The domain is again registered via Jaguar: Registration Service Provided By: Jaguar Technologies LLC Domain name: wameltraffic.com [wameltraffic.com IP 66.152.162.116] Administrative Contact: - Michael Weinstein (michaelsweinstein@yahoo.com) +1.5016297617 Fax: - 26404 Saxon Rd Emmett, KS 66422 US Name Servers: ns1.hostdone.com ns2.hostdone.com Creation date: 27 Apr 2007 18:57:18 Expiration date: 27 Apr 2008 18:57:18 A hunt for the potential cyber mule leads to a LLC registration via a broker: Kansas Secretary of State Business Information Current Entity Name Business Entity ID Number VANWAMEL ENTERPRISE LLC 6171060 Current Mailing Address: 2101 SW 21st St., TOPEKA, KS 66604 Business Entity Type: DOM: LTD LIABILITY COMPANY Current Status: ACTIVE AND IN GOOD STANDING Date of Formation in Kansas: 04/19/2007 State of Organization: KS Resident Agent and Registered Office Resident Agent: NATIONAL REGISTERED AGENTS, INC. OF KS Registered Office: 2101 SW 21st St., TOPEKA, KS 66604 »www.registered-agent-listings.co···state=KS The "Agent" NRAI is a multi state service, and that Topeka address comes back as a Law Firm. . Digging further yields another identical 6.1 fraud site: . genesusinfoproducts.com AKA Genesus Information Products. 604-755-4265 »genesusinfoproducts.com Though the domain is registered to a New york address: Registration Service Provided By: Jaguar Technologies LLC Domain name: genesusinfoproducts.com [genesusinfoproducts.com IP 66.152.162.116] Administrative Contact: - Robert Planata (robertplanat@yahoo.com) +1.4322254991 Fax: - 7 Eldorado Ct Rochelle Park, NJ 07662 US Name Servers: ns1.hostdone.com ns2.hostdone.com Creation date: 18 May 2007 22:32:07 Expiration date: 18 May 2008 22:32:07 The contact address listed on the site is in Canada: Genesus Information Products. Address 1017 McLean Dr., Vancouver, British Columbia, V5L3N2 Phone: 1-(604)-755-4265 E-mail: support@genesusinfoproducts.com Though that is the first recent sighting of a Canadian address, there were several Canadian cybermules recruited during the Devbill / Digital Age 2005 -2006 run. In fact several of the recruiting adds list Canadian or US positions open. Still snooping around Vancouver looking to id the Genesus cybermule. Also located what appears to be the C&C hub predecessor for Emerald Bridge. A company called Regional Association of Business Development with a website of »r-a-b-d.com/index.php totally all bogus information. r-a-b-d.com lists an address of Lonnrotinkatu 14, 00120 Helsinki, FINLAND. Again, r-a-b-d.com was heavily involved in recruiting cybermules: The job order and description: »r-a-b-d.com/reseller_program.php Back in November of 2006 they were also seeking a HR person to assist in recruiting mules: Then showed up with an Alabama phone number: »www.nostops.org/dir/index.php?RE···subcat=0 The r-a-b-d.com domain was registered in March of 2005 for 3 years, to an existing individual in New Jersey: Registration Service Provided By: Jaguar Technologies LLC Domain name: r-a-b-d.com [r-a-b-d.com IP 69.73.181.159] Administrative Contact: - Christopher Lessard (lessardpher@yahoo.com) +1.5094634411 Fax: 14 Clinton Street Newton, NJ 07860 US Name Servers: ns.nocdirect.com ns2.nocdirect.com Creation date: 25 Mar 2005 16:05:24 Expiration date: 25 Mar 2008 16:05:24 There are several unique characteristics which link emerald-bridge.com and r-a-b-d.com together, including this one: MGD
	to forum · permalink · · 2008-01-07 03:55:41 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	reply to pcdebb said by pcdebb : ...Also might want to add "At Site Services" ..... Thanks, Yes,...that AT may be an abbreviation for something else. MGD
	to forum · permalink · · 2008-01-07 03:58:04 ·
CER	reply to MGD Here's another one to add to the growing list of fraudulent sites. www.mcawebtechnology.com. This company made an unauthorized debit to my checking account in the amount of $10.54. Fortunately, I caught it the day after it posted.
	to forum · permalink · 2008-01-07 12:14:25 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	said by CER : Here's another one to add to the growing list of fraudulent sites. www.mcawebtechnology.com. This company made an unauthorized debit to my checking account in the amount of $10.54. Fortunately, I caught it the day after it posted. Thanks for the heads up. mcawebtechnology.com AKA M.C.A. 623-742-3769 »www.google.com/search?hl=en&q=mc···e+Search »www.google.com/search?hl=en&q=62···G=Search mcawebtechnology.com is most likely fronted by the same cybermule as mcatemplates.com - 623-444-2173 M.C.A. listed in an earlier post. It also follows the recent trend of cybermules fronting multiple sites. I have not yet been able to identify the specific Arizona Corporation attached to these. There are many filings that are close, however, the M.C. could also be an abbreviation. It is in that AZ database somewhere. The domain registration for mcawebtechnology.com is a clone of the 25 Sep 2007 mcatemplates.com registration: Registration Service Provided By: NameCheap.com Domain name: mcawebtechnology.com [mcawebtechnology.com IP 66.152.162.116] Registrant Contact: MCA steve rogan (steve_rogan004@yahoo.com) +1.8016971813 Fax: +1.8016971813 8912 E. Pinnacle Pear Ro #174 Scottsdale, AZ 85255 US Name Servers: ns1.hostdone.com ns2.hostdone.com Creation date: 20 Nov 2007 00:31:46 Expiration date: 20 Nov 2008 00:31:46 MGD
	to forum · permalink · · 2008-01-07 15:23:30 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL 3 edits	reply to MGD . VALLJRSX, VALL-JRSX, VIN DESIGN, VIN-DESIGN, PARADISE WEB, PARADISEWEB, E NAT, I have been working on this group since the first reports of Vin Design started coming in early December. There are now a flood of recent reports on Chris Jupin's blog, where victim's report being hit with consecutive charges each month from the above names. This division appears to have been set up to specifically target compromised American Express card accounts. I am interested in finding anyone who has any charges from this group on a non AE card. Here are excerpts from the blog so you can see the one two three hit in consecutive billings, when the card was not cancelled and replaced. Based on this input rate, there must be thousands of ongoing charges: quote: ------------------------------------------------------- 12/09...."I was hit with a $9.59 charge from VIN Designs so I just called my credit card company disputed the charge,"..... ------------------------------------------------------- 12/15...."I just noticed a charge of 9.45 on my AMEX from VIN Design.".... ------------------------------------------------------- 12/10..."I found an $11.87 charge from VIN Designs on my AMEX bill. The disturbing part is that when I called AMEX to dispute the charge, they told me that they have a standing agreement with VIN Designs.".... ------------------------------------------------------- 12/31..."I reported earlier that I cancelled my amex card and filed a fraud report for a charge of $9.59 from VIN Designs. That charge was successfully removed, but on my final amex bill on that card I found another charge for $9.59 from VALLJRSX VALL-JRSX of West Sacramento, Ca - also listed, like VIN Designs, as direct mktg internet"...... ------------------------------------------------------- 01/01...."I noticed unauthorized charges as recently as December 29 from the same operation out of Plumas Lake CA. The first was under VIN Design in November and then the latest was the same address but now under the name Paradise Web. Another suspicious transaction appeared under VALLJRSX out of Sacramento"...... ------------------------------------------------------- 01/03...."I was a victim of both ViN Design and VALLJRSX in the past two months. Amex refunded the Transactions."....... ------------------------------------------------------- 01/03...."I received my American Express bill today with a $11.95 charge on it from this company. When I googled VALLJRSX,"...... ------------------------------------------------------- 01/03....."I just did a search for Paradise Web and found this site - I too have had 3 unauthorized charges lately on my AmEx - VIN DESIGN, VALL-JRSX, and now Paradise Web. I am surprised that AmEx is still authorizing these charges and not rejecting them automatically.".... ------------------------------------------------------- 01/04...."I have been a victim, too .. 10/22/07 $11.87 - E NAT NATALIYA MAKOVCARMICHAEL CA ELECTRONICS STORE 12/05/07 $11.95 - PARADISE WEB PARADISPLUMAS LAKE CA DIRECT MKTG INTERNET 12/26/07 $ 9.45 - VALLJRSX VALL-JRSX WEST SACRAMENTO CA DIRECT MKTG INTERNET All 3 times, I called American Express and they refunded the charges without delay. After the 3rd one, I asked for a new credit card w/ a new number".... ------------------------------------------------------- 01/04...."I first noticed a 12/11/07 charge on my AmEx card from Paradise Web out of Plumas Lake, CA for $9.59 a few days ago. It was for an internet download. I had not made any internet download purchases, and neither had any one else in the family. I then checked my AmEx account and noticed a 1/1/08 charge by VALLJRSX out of West Sacrmento, CA for $12.24, also for "internet Downloads"...... ------------------------------------------------------- 01/04....."Same thing happened on my Amex card in November and December. November was $11.87 from VIN DESIGN VIN-DESIGPLUMAS LAKE CA and December was $9.59 from VALLJRSX VALL-JRSX WEST SACRAMENTO CA." ------------------------------------------------------- 01/04...."I too was hit with the same 3 charges and AMEX could not give me a phone number for these companies, yet they reversed the charges." ------------------------------------------------------- 01/04..."I too had several bogus charges on my account from the following companies between Nov 07-Jan 08: $12.38 VALLJRSX VALL-JRSX WEST SACRAMENTO CA $11.95 PARADISE WEB PARADISPLUMAS LAKE CA $12.38 E NAT NATALIYA MAKOVCARMICHAEL CA" ------------------------------------------------------- 01/04..."I just find fraudulant activity on my account. $12.38 VALLJRSX VALL-JRSX WEST SACRAMENTO CA - Jan 4.2008 $13.95 E NAT NATALIYA MAKOVCARMICHAEL CA - Nov 18. 2007" ------------------------------------------------------- 01/06...."Last July I ordered a free credit report from Equifax, and paid a few bucks (with my Amex card!) to see my FICO score. Then I got these charges on my Amex account: 01/02/08, $12.38 PARADISE WEB PARADISPLUMAS LAKE CA 12/14/07, $12.38 VALLJRSX VALL-JRSX WEST SACRAMENTO CA 11/11/07, $9.59 VIN DESIGN VIN-DESIGPLUMAS LAKE CA".... ------------------------------------------------------- 01/06...."I've also been charged by these two companies thru my American Express Card. AMEX is now investigating. VALLJRSX VALL-JRSX WEST SACRAMENTO CA PARADISE WEB PARADISPLUMAS LAKE CA"...... ------------------------------------------------------- 01/07...."I've also found a $11.95 charge on my credit card from VIN Design, Plumas Lake, CA. Called American Express and opened a fraud investigation.".... ------------------------------------------------------- 01/08 ......"I just found a charge on my recent 12/2007 amex statement of $12.38 from VIN DESIGN VIN-DESIGPLUMAS LAKE CA, DIERECT MKTG INTERNET. Googled it, found this site. Went back and checked past statements, found another bogus charge in OCT 2007 for $12.24 from VALLJRSX VALL-JRSX WEST SACRAMENTO, COMPUTER NETWORK/INFO"...... ------------------------------------------------------- Based on the modus operandi, there is a good chance that this is the "AE" division of the syndicate. I am following up this post with some of the details of what has been uncovered so far. As you might expect they are all linked together. MGD
	to forum · permalink · · 2008-01-07 16:04:30 ·
scam victim @algx.net	reply to MGD BESTDIGIMARTDOTCOM 330-8717932 OH -hit me for a $4.95 charge. I reported it as fraud and my bank cancelled my card and sent me a new one and refunded my money. They also said since the charge was so low they probably wont investigate it further. With attitudes like that these parasites will never be caught.
	to forum · permalink · 2008-01-07 17:36:34 ·
pcdebb RIP dadkins Premium join:2000-12-03 Tampa, FL clubs:	reply to MGD that's an unfortunate crock. seeing as it is so low, it would probably cost more in time and labor to investigate something that small. however I dont think it should be brushed under the rug. alot of times the small one is the precurser to the big one.. -- a time for change... \| 1st & 10 \| Ham is good
	to forum · permalink · · 2008-01-07 17:40:59 ·
garys_2k join:2004-05-07 Farmington, MI ·Future Nine Corpor.. ·Vonage	The problem, of course, and the reason this scam can survive so easily for so long and take the millions it does, is that every one of these withdrawals is too small to be "worth the trouble." In totality it's huge but nobody but MGD has ever seen that totality. No feds, a few state AGs (including mine in Michigan) have put their toes in the edge of the scam pond but haven't figured out how large it is. Only MGD has seen the entire thing -- I hope he can get the right FBI team onto it as breaking this thing open could be a career enhancer for whoever breaks it open.
	to forum · permalink · · 2008-01-07 20:31:46 ·
Not A Mule @sbcglobal.net	reply to MGD Almost a Cyber Mule!!! We were considering doing this program with Atala Desgins today...and then I saw all these postings. We had been in contact with them prior to the holidays and it seemed like a good source of revenue....however, not now. The contact we have been in touch with at the company is gundars_kristopans@ataladesigns.com also, it lists the following person as the president of the company on the employee agreement:Aleksandrs Feigmanis, President
	to forum · permalink · 2008-01-08 12:33:13 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL 1 edit	said by Not A Mule : We were considering doing this program with Atala Desgins today...and then I saw all these postings. ........ Outstanding !!. One of several goals in going public about this criminal enterprise is to try and cut off the constant supply of cybermules. Congratulations on your due diligence in researching who they really are. No doubt they are recruiting under multiple domain names, many of which have yet to be uncovered. However, the theme and procedures will be the same. Getting the word out that no such legitimate business model exists in the real world is vital. Also, prompting Cybersource / authorize.net (the syndicate's preferred merchant account provider) to institute additional vetting procedures. There are multiple unique criteria which can easily be applied to screen out these fraudulent set ups. In addition, generating much needed attention to focus on the endless source or sources of the card account data is vital. Following the extended money laundering trail to the end, in order to pinpoint the executive members of the criminal enterprise is imperative. Consumers and victims should be adamant that it is not acceptable for the financial industry to tolerate organized crime feeding from the trough of the billions of dollars a year that are willingly writing off to fraud. MGD
	to forum · permalink · · 2008-01-08 14:17:56 ·
K Patterson Premium,MVM join:2006-03-12 Columbus, OH	reply to Not A Mule Aleksandrs Feigmanis is a well-known and respected genealogist from Riga, Latvia. Almost certainly identity theft.
	to forum · permalink · · 2008-01-08 15:35:53 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	said by K Patterson : Aleksandrs Feigmanis is a well-known and respected genealogist from Riga, Latvia....... Interesting that you bring that famous names up. One of the traits of this crime syndicate throughout the years, has been the use of well known names. Particularly in domain registrations, where they repeatedly used readily searchable names of famous Russians and other former Soviet Bloc residents. In fact, the holding domain C&C for many of the 2003 thru 2005 template farm sites that accompanied the Digital Age charges "Devbill.com" AKA "Developer Billing Company", was registered to an "Ivan Maximov": Circa 2004 quote: Domain name: devbill.com IP 66.98.206.27 Registrant Contact: Developer Billing Company Ivan Maximov (ivanmaxximov@yahoo.com) (509) 352-7566 Fax: none 666 FIFTH AVE NEW YORK, 10103 US Name Servers: NS1.DEVBILL.COM 66.98.206.27 NS2.DEVBILL.COM 66.98.206.27 Creation date: 26 Nov 2003 12:00:27 Expiration date: 26 Nov 2005 12:00:27 And there are many other examples of that same pattern. There are other common traits as well when you look at the big picture over the years. However, since many are used to to ID them I will refrain from listing. They are now setting up alternate bank wire drops in Western Europe, particulary Germany. MGD
	to forum · permalink · · 2008-01-08 15:59:58 ·
Scammed Princess @verizon.net	reply to MGD Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto Thank you a million times over for what you are doing. I had two cards hit. Both from Sensate Technology. The banks idea of investigating is to merely issue a new card and have you fill out a few forms. Very disappointing. I wanted to ask a question because now you have me worried. I had to renew my Spysweeper from Webroot recently and they use Cybersource to process the cards. Does this mean the syndicate is going to get my card again probably? I was trying to avoid Digital River and FreeMerchant so I called in my order instead of using Spysweeper's website (they show that they use Digital). The guy told me not to worry because they process renewals through Cybersource (he also admitted that Webroot/Spysweeper has been trying to get out of their contract with Digital for a while now so that's why they have the other processor in place). I went ahead and gave him my card to process my renewal and now see Cybersource's name in here. Oh God please tell me that I m not going to go through this again. Are merchants that use Cybersource unsafe? This is becoming a nightmare. Also how is it that the FBI hasn't been on this? I don't get that at all. Obviously they can see what's going on and must have received many reports. Do you know if anything is even being done? Are we all there is here? I don't understand why the police have not broken down the doors to some of these mules let alone all of them? Does it do any good to even go to our Attorney General?
	to forum · permalink · 2008-01-08 19:34:21 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	said by Scammed Princess : Thank you a million times over for what you are doing.... You are most welcome. ...I had two cards hit. Both from Sensate Technology. .. Two cards !! I can certainly understand your frustration. That is not uncommon with this criminal enterprise. Complaints of victims reporting multiple card accounts hit are somewhat routine. If you don't mind, can you tell me if the cards were issued by the same bank?. Were they both credit cards?. If you could post the relative dates of the charges to each card and the name of the issuing bank I would appreciate it. No personal info, just card issuer and date hit. .......I had to renew my Spysweeper from Webroot recently and they use Cybersource to process the cards. Does this mean the syndicate is going to get my card again probably? I was trying to avoid Digital River and FreeMerchant .. No it does not necessarily mean that you will be hit again on the new cards. It has happened, though reports are rare. My reference above to Cybersource is that the criminals have merchant billing accounts set up with them to process the fraud charges. In fact their preference is to use authorize.net, now a division of Cybersource. Ironically, they also have bank accounts set up at the same banks that some victims have their cards from. In some cases a fraudulent charge is processed from a victim's account, and transferred to another account at the same institution. Despite the frequent reports that point to Equifax, Digital River, as a common prior transaction of victims, it is my opinion that the source of data is not at that level. Also, the fact that two of your cards were hit somewhat simultaneously would tend to support that your account data was retrieved from some type of master database. In the past two plus years there have been groups of victims on numerous forums, that have pointed to PayPal, Amazon, and other vendors, that were common to them. One can argue that the syndicate has penetrated multiple sources at the vendor level. However, the totality of the data does not point in that direction. ... and now see Cybersource's name in here. Oh God please tell me that I m not going to go through this again. Are merchants that use Cybersource unsafe? .... No, they are not unsafe, no more unsafe than the system at large is, in my opinion. I personally would not have any issue with using my credit card there as it stands now. I rarely expose my debit card to the system anywhere, I like to keep that account data out of circulation as much as possible. I prefer the ability to have a second opportunity to review transactions before actually paying for them. Versus having to chase after a potential fraud issue where the money has already been removed from my account. The banks monitor credit card transactions with a much higher level of scrutiny, because it is their assets that are exposed. The primary burden shifts to the account holder for debit transactions. When a debit transaction is presented, as long as there is money in the account, it will be paid. That policy is just my personal preference, based on the way I see the entire industry operate. ...This is becoming a nightmare. .... Indeed it is, and it is routinely happening to thousands of people a month, and has been for a considerable time. Forget the amount issue for a moment. Look at what each victim has to go through, the time they have to spend addressing it, calls to their banks etc., paperwork. The hassle of waiting for a new card or cards to be issued. Then all the additional work if the have any auto billing accounts set up on the cards. ...Also how is it that the FBI hasn't been on this? I don't get that at all. ......... Do you know if anything is even being done? .......... At this time, I do not want to comment much on that aspect. This criminal enterprise has always monitored the "chatter", and adjusted accordingly. However, I can tell you that Law Enforcement are reviewing the issue. ...Does it do any good to even go to our Attorney General?..... Yes, ... focus at the Federal level, wouldn't hurt either to email your Congressperson. Make noise, at the very least file a complaint with IC3 »www.ic3.gov/ They may not address each complaint individually, however, it is a central point where the volume will be evident, and is an appropriate venue. Unfortunately, it becomes a Law Enforcement issue, and the burden shifts to them as a result of data security failures within the financial system. One more issue worth addressing, I see multiple reports of victims complaining that they subscribed to various identity protection packages, and were still hit with fraudulent charges. It is important to point out that there are no protection services that one can subscribe to, that prevents fraudulent charges to debit or credit cards from happening. If the transaction does not trigger a hold, reversal, or flag, at the bank, then the next person to see it will be you. If there is literature that proclaims that they can, then it is misleading. Then only service that these packages can address, is alerting you if someone attempts to obtain credit in your name. For that, in addition to your name and address, a criminal will need to have your date of birth and social security number. That type of fraud is just one specific segment of the entire market. You can also monitor that yourself by reviewing your credit reports regularly. It would bother me to see victims pay additional funds, assuming that it will protect them from this specific crime. MGD
	to forum · permalink · · 2008-01-09 00:45:27 ·
Lizz Premium join:2002-10-22 Fullerton, CA	It would bother me to see victims pay additional funds, assuming that it will protect them from this specific crime. PC World had a article about one of these services, a free one (mint.com). Somehow allowing a "service," free or paid, to monitor all my financial accounts does not give me the warm fuzzies but exactly the opposite. Just lots of information all in one place for a bad guy to hack into. And if the service is free, where are they getting the $$ to operate?
	to forum · permalink · · 2008-01-09 02:40:15 ·
Scammed Princess @verizon.net	reply to MGD Thank you so much for all of that. I really appreciate it. Here is how I got hit twice. I've done lots of shopping online over the years with the same companies and have never had a problem. One day I placed an order with a small candy company in Washington state that is hosted by Freemerchant.Com. About a week later I suddenly received a charge from Sensate Technology for $10.65 to my Washington Mutual Visa. I knew instantly that something wasn't right. The amount was very strange and I knew I had not ordered anything from a company by that name. I am also a savvy shopper and know better than to click on banners etc. I don't even use online coupons much for fear of them having some hidden agenda attached so it was surprising to see this charge. They listed a phone number next to the transaction and I called. I knew instantly that this was a scam. I just had a really strong vibe about this after listening to that recording. This feeling intensified when I put their telephone number into the various free reverse phone directories online only to find that it came up as an unlisted land line in Ventura California (why would a legitimate company have an unlisted phone number that is never answered live). I googled and there was not one thing on this company...nothing. Not a word at the time. I felt all alone at first. I thought wow ...why aren't there other people talking about this somewhere (now that's changed thanks to us talking about it in another place so their name started to show up and more people have come forward with their stories). I contacted my bank and they wrote it off as fraud (not a disputed charge). They said they were refunding the amount and sending me fraud affidavits. They said they were going to investigate (I've learned since that they do almost nothing). It was really bothering me not knowing where the breach occurred. I couldn't make the connection of what I had done different at first. Here is where the plot thickened for me personally. While awaiting my new card from Washington Mutual, I placed another order from that same candy company in Washington state with my BOFA Visa which had not been used in almost two years. There had been no activity on it for a really long time. It was basically out of commission but there as a back up for emergencies. We had a bunch of birthdays and stuff coming up so I ordered from them again not thinking about them as being the conduit at all. They seemed so harmless. Little mom and pop candy company in business for years. Exactly a week after placing that order (and it being the ONLY ORDER PLACED ON THIS OTHER CARD IN TWO YEARS), I suddenly got hit with the same $10.65 charge from Sensate Technology on a completely different card now! I was able to make a direct connection at this point....the candy company (otherwise it would certainly be a heck of a coincidence). I looked and saw that the candy company was hosted by a company called FreeMerchant.Com now owned by Digital River. I had to call BOFA and deal with the whole nightmare again. They also had me fill out fraud forms and wrote it off as fraud. In the meantime to back track a little. I was so angry and frustrated that I left several phone messages for Sensate Technology telling them I was contacting the attorney general, the police and anyone that would listen. Still no response. I left several e-mails for them and finally I get that bizarre form letter where they said that I must be a victim of fraud and someone must have gotten my credit card number and that they have refunded me the $10.65. To my horror my bank (Washington Mutual) considered the case closed at that point! They said that because they gave back the money there was nothing more that could be done! So I guess I can walk into a bank, steal money and than get worried because I might get caught, return it and all is forgiven? Very disappointed in the banks. When they hit my BOFA I did not call them (learned my lesson). I called Digital River and spoke to a woman there who was very friendly at first and actually called me back a few times (that is until someone must have said don't call me back again or talk to me again because of liability probably). She admitted that after doing a little investigating, some of their customers were in fact complaining and calling saying that their customers (us) were calling to say they were all getting strange small charges on their credit cards after placing orders through various sites that FreeMerchant hosts. I got hit on 10/17/07 at first (here is what it looked like on my online statement) Sensate Technology 805-275-2235 Ca Transaction Date: 10/17/07 Posting Date: 10/18/07 Amount: $10.65. Than I was hit again on my BOFA 11/02/07. From what I understand many are still being hit as late as last week and quite a few sharing the common denominator that we all bought off a site that used FreeMerchant as their host (not all but most). I was elated to see what you've done here. I honestly believe that every person who has been hit needs to make a copy of this thread and send it along with their fraud affidavits. You've done the work for them here! You have basically handed law enforcement their case. I think that's what bothers me is that this should not be going on when they can come here and clearly see what's going on. In any event that's what happened to me. I posted my findings in another place and suddenly people were swarming that thread and google picked it up which was wonderful. At least people don't feel alone and have some understanding of what's happened to them and why. You should seriously get a medal here. You have brilliantly outlined in great detail exactly what is going on here! God bless you! Wish I could give you a hug for everything you've done!
	to forum · permalink · 2008-01-09 03:09:31 ·
Doctor Olds I Need A Remedy For What's Ailing Me. Premium,VIP join:2001-04-19 1970 442 W30 clubs:	said by Scammed Princess : Thank you so much for all of that. I really appreciate it. [snip] One day I placed an order with a small candy company in Washington state that is hosted by Freemerchant.Com. About a week later I suddenly received a charge from Sensate Technology for $10.65 to my Washington Mutual Visa. I knew instantly that something wasn't right. [snip] I don't even use online coupons much for fear of them having some hidden agenda attached so it was surprising to see this charge. They listed a phone number next to the transaction and I called. [snip] It was really bothering me not knowing where the breach occurred. I couldn't make the connection of what I had done different at first. Here is where the plot thickened for me personally. While awaiting my new card from Washington Mutual, I placed another order from that same candy company in Washington state with my BOFA Visa which had not been used in almost two years. There had been no activity on it for a really long time. It was basically out of commission but there as a back up for emergencies. We had a bunch of birthdays and stuff coming up so I ordered from them again not thinking about them as being the conduit at all. They seemed so harmless. Little mom and pop candy company in business for years. Exactly a week after placing that order (and it being the ONLY ORDER PLACED ON THIS OTHER CARD IN TWO YEARS), I suddenly got hit with the same $10.65 charge from Sensate Technology on a completely different card now! I was able to make a direct connection at this point....the candy company (otherwise it would certainly be a heck of a coincidence). I get the feeling from reading your post that you do not understand what MGD has posted in this topic multiple times. Your use of the cards at the Online Candy Store had nothing to do with the later Fraudulent Charges. Your info (and that of hundreds of thousands of other peoples) is being taken in bulk from a data leak/data breach/security leak much further up the chain at a different level and now it is going to really bother you that your assumption is incorrect. I know you think you have it all figured out and you think that you have determined the Candy Store purchases are connected to the later charged Fraudulent charges, but that isn't the case at all. If you re-read this entire topic you will see that what you think has happened is the opposite of what MGD's investigation has found out to be actually true. Regards, Doctor Olds -- What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?
	to forum · permalink · · 2008-01-09 07:35:52 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL 3 edits	reply to MGD Re: VALL-JRSX,, VIN-DESIGN, E NAT, PARADISE WEB VALLJRSX, VALL-JRSX, VIN DESIGN, VIN-DESIGN, PARADISE WEB, PARADISEWEB, E NAT, There are two focus points for this group. One is a hosting server at IP 64.202.102.8, and the other is a collection of individuals who may know each other, and who reside in either Sacramento and/or Yuba counties in California. That server has been under observation for over two weeks. There are at least 18 domains that are hosted on that IP. All 18 have not yet been identified, though several have. From that group the following domains of interest were selected for additional scrutiny: 1) vr-s.com . 2) ez-booksonline.com . 3) ibook-space.com . 4) ibookstfs.com . 5) ebooks-tfw.com . 6) best-ebooks4you.com . 7) az-bookspace.com Some of these sites are works in progress. Several changes were observed being made during the past 10 days. I am having difficulty reaching the individuals that appear to be fronting some of the operations. Phone numbers have changed, and where I was able to make contact the people answering the phone did not appear to speak English that well, only Russian. I am urgently trying to find out the domain name of their contacts, and where the money is going. Two crucial pieces of information needed to establish a connection to this syndicate. The first related website is a mobile games download site: »vr-s.com and contains the following info: vr-s.com VirtualMobile-Store, 900 simon terrace way, WEST SACRAMENTO,95605, USA 916-617-8005 (a division of VALL-JRSX ) That domain is registered as follows: vr-s.com Registrant: vlad mironyuk 4840 buffwood way sacramento, California 96841 United States . Registered through: GoDaddy.com, Inc. Domain Name: VR-S.COM Created on: 13-Jul-07 Expires on: 13-Jul-09 Last Updated on: 13-Jul-07 . Administrative Contact: mironyuk, vlad vladsdesign@hotmail.com 4840 buffwood way sacramento, California 96841 United States (916) 308-3108 . Domain servers in listed order: NS57.DOMAINCONTROL.COM NS58.DOMAINCONTROL.COM Digging deeper produced a Sacramento County Fictitious Business name registration for a Vlad's Design under the name Vladimir Mironyuk: Sacramento County Fictitious Business Name File Number: 0703444 Abandoned Date: Filing Date: 03/23/2007 Expiration Date: 03/23/2012 Ownership Type: Individual Status: Active Number of Business Names on this filing: 1 Number of Owners on this filing: 1 Business Name(s): VLAD'S DESIGN Owner Name(s): MIRONYUK, VLADIMIR There is also commercial phone listing: Vlad's Design (916) 628-8389 \| 4840 Buffwood Way Sacramento, CA Business Categories: Catalog & Mail-Order Houses The zip code 96841 in the domain reg is incorrect, it should be 95841. The following public data is also available: Nikolay & Vladimir Mironyuk home 4840 Buffwood Way Sacramento, CA 95841-2217 . . Vladimir Mironyuk work Job title: Owner Company: Vlad's Design 4840 Buffwood Way Sacramento, CA 95841-2217 . The Website VR-S.com states that it is a division of VALL-JRSX, and lists an address of 900 simon terrace way, WEST SACRAMENTO,95605, USA A check of both California State, and county business records finds a FBN record for VALL-JRSX: Sacramento Couny Fictitious Business Name File Number: 0703682 Filing Date: 03/28/2007 Expiration Date: 03/28/2012 Ownership Type: Individual Status: Active Number of Business Names on this filing: 1 Number of Owners on this filing: 1 Business Name(s): VALL-JRSX-DESIGNER Owner Name(s): SHIKHANTSOV, VALENTIN Note that both FBNs' were filed within a few days of each other. There are public record listings for a Valentin Shikhantsov including: Valentin Shikhantsov 900 Simon Ter, Apt 88 West Sacramento, CA 95605-1917 . Job title: Owner Company: Vall Jrsx Designer Portions of the site are a direct copy of the UK site, "Chillingo" with minor name alterations quote: Copyright c 2005 Powered by VR-S.COM VirtualMobile-STORE (a division of VALL-JRSX ) If you want to know exactly what personal information we hold about you, you can obtain it. If it transpires that the information held is inaccurate, we will make the necessary amendments and confirm to you that these have been made. Please write to [VirtualMobile-Store 900 simon terrace way, WEST SACRAMENTO,95605, USA +1 916-617-8005] enclosing a cheque for the administration fee of 15 made payable to VALL-JRSX under the terms of the Data Protection Act. The Data Protection Act of 1998 is a UK law. They forgot to remove the name: quote: Currencies Chillingo sets the price of each of the products in US Dollars (and converted to the local exchange rate equivalent based on the exchange rate of the day), and the amount you pay in GBP is calculated by your credit card handling company at the time of purchase. . . Next up is: ibookstfs.com 800-517-4127 »ibookstfs.com Though one of the pages has contact information of: ibookstfw online Store 15340 ne 14 av North Miami Beach, FL, 33162 Email: orders@ibookstfs.com Phone number: (786) 506-6708 The domain however is registered to: IBOOKSTFS.COM Registrant: vladimir okhotskiy 1076 lost trail dr. plumas lake, California 95961 United States . Registered through: GoDaddy.com, Inc. Domain Name: IBOOKSTFS.COM Created on: 27-Jul-07 Expires on: 27-Jul-08 Last Updated on: 27-Jul-07 . Administrative Contact: okhotskiy, vladimir vin-design@hotmail.com 1076 lost trail dr. plumas lake, California 95961 United States (916) 459-5222 Domain servers in listed order: NS51.DOMAINCONTROL.COM NS52.DOMAINCONTROL.COM Besides the email contact being vin-design@hotmail.com one of the pages also contains this: quote: Right of access to your information: If you want to know exactly what personal information we hold about you, you can obtain it. If it transpires that the information held is inaccurate, we will make the necessary amendments and confirm to you that these have been made. Please write to IBOOKSTFS [(800)517-4127] enclosing a cheque for the administration fee of 15 made payable to VIN-DESIGN under the terms of the Data Protection Act. Policy Changes Copyright © 2007 VIN - DESIGN Powered by vin-design A search of California records finds a state corporate LLC filing: LP/LLC VIN DESIGN LLC Number: 200735210176 Date Filed: 12/18/2007 Status: active Jurisdiction: CALIFORNIA Address 2934 LERWICH RD SACRAMENTO, CA 95821 Agent for Service of Process VLADIMIR N OKHOTSKIY 2934 LERWICH RD SACRAMENTO, CA 95821 An initial search of California public records does not produce any hits on the name VLADIMIR OKHOTSKIY. However a reverse search of that address produces a listing for: Anna I Okhotskaya 2934 Lerwick Rd Sacramento, CA 95821-1825 and a second listing for that name at: Anna I Okhotskaya 2318 Church Ave Sacramento, CA 95821 Going back to the address used for the domain registration for Vladimir Okhotskiy of: 1076 lost trail dr. Plumas lake, which is in Yuba County, Ca. A check of that address yields some very interesting clues: Dennis Timofeyev work 1076 Lost Trail Dr Plumas Lake, CA 95961-9123 phone number unavailable . Listing Details Job title: Owner Company: Paradise Web -----------> NOTE . Dennis & Vyacheslav Timofeyev 1076 Lost Trail Dr Plumas Lake, CA 95961-9123 . Running that last name through Sacramento Fictitious Business Name registrations yields: Business Name Owner Name File Number Filing Date PARADISE LAWN CARE TIMOFEYEV , TATYANA 0500931 01/24/2005 PARADISE LAWN CARE TIMOFEYEV , VLADIMIR 0500931 01/24/2005 PARADISE LANDSCAPING TIMOFEYEV , VYACHESLAV 0402866 3/09/2004 That may be where the name Paradise in "Paradise Web" came from. More to follow, MGD
	to forum · permalink · · 2008-01-09 14:47:38 ·


Thursday, 26-Nov 16:47:18	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF