Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto

Author	All Replies
MGD Premium,MVM join:2002-07-31 kudos:9 2 edits	reply to MGD Re: Ebook websites, fraud charges, Devbill/DigitalAge/Pluto One of the most egregious type of events which has occurred numerous times during this fraud operation, is when a victim files a fraud complaint with their bank and it is subsequently denied. Their bank legally forces them to pay the organized Crime Syndicate. The FTC incorrectly states in its report that ~ 94% of the fraud charges went uncontested by consumers: said by Robert McMillan : ............... U.S. consumers footed most of the bill for the scam because, amazingly, about 94 percent of all charges went uncontested by the victims. According to the FTC, the fraudsters charged 1.35 million credit cards a total of $9.5 million, but only 78,724 of these fake charges were ever noticed. My research indicates that the real number is around 80%. The FTC may only be counting complaints filed with them, or numbers provided by the merchant provider. However, many more consumers do recognize the fraud charge, but are sometimes unable to overcome the variable responses from their institutions, and give up. The bank CSR responses range from perfect: quote: Dave O 15 Sep 2010 Just got my card statement with the charge (4.89) on it, called B of A and they reversed the charge immediately, also cancelled the card. Caller: vpnmonster.net . To painfully incompetent: quote: Constance v 24 Sep 2010 My card was charged $1.89 on 7/30/10 and $4.89 on 8/16/10. When I reported fraudulent charges to my credit union they sent me a letter saying that I had to cancel "recurring charges" with the company myself. TOTALLY NO SUPPORT FROM MY C/U Caller: vpnmonster.net Though only one of the above may end in successfully addressing the fraud, I count both as being instances where consumers / victims DID catch the fraud charge, irrespective of the outcomes. Though not malicious, an egregious case of bank incompetence in dealing with this fraud can be found in another of the organized Crime Syndicate's card fraud entities not previously reported on here: SCAM FRAUD DIGIQUALITY.BIZ 517-759-1231 aka DIGIQUALITY.ORG = FRAUD SCAM »DIGIQUALITY.ORG Same non existent free screen savers as the rest of the group: Do not even have any contact info posted: But if you can find them: you can apply for a refund: Though fraud charge reports go back to the end of 2009, the DIGIQUALITY.BIZ domain appears to have been registered on 08/03/2009: Domain Name: DIGIQUALITY.BIZ Domain ID: D33043405-BIZ Sponsoring Registrar: NETWORK SOLUTIONS INC. Sponsoring Registrar IANA ID: 2 Domain Status: clientTransferProhibited Registrant ID: 43817531V Registrant Name: Anderson Bill Registrant Address1: Registrant Address2: care of Network Solutions Registrant Address3: PO Box 447 Registrant City: Herndon Registrant State/Province: VA Registrant Postal Code: 20172 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.5707088780 Registrant Email: bz6gu2rg7uf@ networksolutionsprivateregistrati on.com Name Server: NS39.WORLDNIC.COM Name Server: NS40.WORLDNIC.COM Created by Registrar: NETWORK SOLUTIONS INC. Last Updated by Registrar: NETWORK SOLUTIONS INC. Domain Registration Date: Mon Aug 03 20:38:55 GMT 2009 Domain Expiration Date: Mon Aug 02 23:59:59 GMT 2010 The domain appears to have been revoked sometime around the end of May, 2010, and the card fraud laundering website was quickly replaced by DIGIQUALITY.ORG Domain ID:D158787470-LROR Domain Name:DIGIQUALITY.ORG Created On:05-Apr-2010 23:09:33 UTC Last Updated On:05-Jun-2010 03:47:39 UTC Expiration Date:05-Apr-2011 23:09:33 UTC Sponsoring Registrar:Active Registrar, Inc. (R1709-LROR) Status:CLIENT TRANSFER PROHIBITED Registrant ID:DI_11449402 Registrant Name:Whois Manager Registrant Organization:Whois Proof LLP Registrant Street1:PO Box 4120 Registrant Street2: Registrant Street3: Registrant City:Portland Registrant State/Province:OR Registrant Postal Code:97208-4120 Registrant Country:US Registrant Phone:+1.2024700599 Registrant Phone Ext.: Registrant FAX:+1.8663666681 Registrant FAX Ext.: Registrant Email: ms7195t91@whoisproof.com Name Server:NS2.DNSEXIT.COM Name Server:NS1.DNSEXIT.COM Name Server:NS3.DNSEXIT.COM Name Server:NS4.DNSEXIT.COM There were accumulations of victim fraud reports on numerous websites, included Sitejabber.com »www.sitejabber.com/reviews/www.d···lity.biz After numerous complaints were filed with a branch of the BBB, they could not pin point the cyber-mule: »www.bbb.org/toledo/business-revi···90051907 and some of the listed data is not accurate. However, the posted billing descriptor from several victims showed DIGIQUALITY.BIZ 517-759-1231 MI. Other posts of the fraud billing on a Wordpress blog narrowed the city down to OKEMOS, MICHIGAN: quote: Transaction date: 02/26/2010* Amount: $4.91 Merchant: DIGIQUALITY.BIZ -OKEMOS ,MI More on that excellent blog thread in a minute, which was started by a victim of the fraud in December of 2009, and eventually accumulated 146 posts from other victims through August of 2010. Information on that blog merged with data that I already had enabled the cyber-mule and the layered companies to be identified. The county business records had a DBA business filing from October of 2009 that matched to the billing entity: ======================== Date Start 10/19/09 Date End 10/23/09 File # D-0091650 DIGIQUALITY.BIZ D-0091650 Business Address DIGIQUALITY.BIZ 5053 MADISON AVE OKEMOS, MI 48805 Owner(s) Name SAINT MARIE PAPTRICK ======================== The correct spelling of the registered owner's name and thus the cyber-mule is PATRICK SAINT MARIE. Excellent detailed postings by a fraud charge victim on that wordpress blog fills in some crucial gaps in the data. This determined victim does every thing correctly, and reports the charge as fraudulent. Her bank issues a temporary credit and then unfortunately files a dispute notice to the OCS's merchant account. What happens next is one of the most egregious and shameful behavior by a Bank, JPM CHASE. When the cyber-mule / OCS receive the dispute notice, they print out the transaction record from the Authorize.net Cybersource account which showed the date time stamp and IP address of the fraud transaction. Upon receipt of this response to the charge back dispute notice, Chase promptly turns around and puts the charge back on the victim's account. Because it was a debit card, Chase removes the funds from the victim's account and forwards it to the organized Crime Syndicate's merchant bank account. There is no finer example of how this decade long OCS really "OWNS" the system. In the victim's own words: By: AS on April 21, 2010 at 1:42 am To the original poster – thank you for providing this information. It’s nice (I suppose) knowing that I’m not the only one who has fallen victim to the scam. However, my situation has taken an interesting turn… I was charged $7.91 on 02/05/10. I called my bank, Chase, while the charge was still pending, and was told to contact the fraud department once the charge had cleared. I did so, and was immediately refunded the amount. Like most of you, I had to deal with the hassle of canceling my debit card as well. After that, it was an out-of-sight, out-of-mind situation, until today… I received a letter today from Chase informing me they that they were reversing the credit because the merchant provided them with information that I had authorized the charge. At least Chase was nice enough to provide me with copies of the documents they received from the so-called merchant. The information provided on these faxes collaborates a great deal of the information many of you have been generous enough to share. There are two specific items of interest: 1. A Chargeback Notification which was mailed from Chase/Merchant Services to the following address: Alternative Investments PO Box 73 Alternative Investments Okemos, MI I can only assume that “Alternative Investments” is the company responsible for Digiquality.biz. (And as of this time of this post, I cannot access Digiquality.biz because the website times-out). It also appears that this Chargeback Notification was faxed to Chase/Merchant Services from a Fedex Kinkos with the following phone number: 517-347-8658. A simple Google search returns the address of that Kinkos, also located in Okemos: Fedex Kinko’s Office & Print 2243 W Grand River Ave Okemos, MI, 48864-1650 2. Attached to this Chargeback Notification was a print out of my fraudulent transaction from Authorize.Net. This print out included my billing information – my first and last name, my address, and zip code. So, not only did DigiQuality.biz obtain my debit card information, but my name and address as well. Based upon their website, Authorize.Net appears to be a legitimate company. Depending upon the outcome of my conversation with my bank tomorrow, I might contact Authorize.Net so that they know they are doing business with a company that is defrauding innocent individuals. At this point, it’s not about the money; it’s the principle of the issue. Contact info for Authorize.Net: >http://www.authorize.net/support/ Authorize.Net’s BBB listing: >http://www.bbb.org/utah/business-reviews/credit-card-processing-companies/authorizenet-a-cybersource-solution-in-american-fork-ut-2009493 Many of you have mentioned Amazon as the source of our information, and I’m inclined to believe that this is the case in my situation. My debit card was on file with Amazon, although rarely used. Also, I commonly use a nickname as opposed to my legal name. My nickname is on file with Amazon, and Amazon by default uses my nickname for my billing address. In all other transactions where I am prompted to provide my billing address, I use my legal name. Amazon is the only instance where my nickname is used as opposed to my legal name. Anyways, I hope this information can be of help to someone else who is dealing with this irritating situation. Best of luck to you, and I’ll be checking back often… Ref:»inforodeo.wordpress.com/2009/12/···y-theft/ What a complete and utter travesty by CHASE. Kudos to the victim though for posting such a detailed account and treasure trove of information. Of course the fact that processing services for this fraud operation were provided by AUTHORIZE.NET / CYBERSOURCE now owned by VISA should not be a surprise to any regular reader. AUTHORIZE.NET / CYBERSOURCE / VISA, are merely maintaining their almost decade long 100% perfect record of supplying crucial support services to what is now probably thousands of fraudulent merchant accounts used to extort a cyber fraud tax from consumers. Not lost is the irony that VISA is also the brander and controlling entity of over half of all credit / debit cards provided to consumers, and regulates the processing of charges. VISA's cash register rings twice for every fraudulent charge perpetrated against consumers by the the Organized Crime Syndicate. It will also ring a third time for a chargeback. There is no incentive to stop the fraud, short of damming publicity, a class action lawsuit for malfeasance, or federal criminal charges, or Government / Congressional intervention. The first thing that we can tell from her detailed information is that the cyber-mule PATRICK SAINT MARIE used an existing LLC of his, in order to obtain the merchant account: ======================= Alternative Investments PO Box 73 Alternative Investments Okemos, MI ======================= You frequently see the OCS mention in many of the posted mule recruiting documents that an existing owned LLC or Corp can be used, and is preferable. You may have also read where I frequently state that almost ALL the merchant fraud accounts have serious vetting deficiencies and contain several red flag violations that should have denied them merchant processing services. The most blatant and significant of those is that ALTERNATIVE INVESTMENTS LLC has not been in good standing since 2-15-2007, as it has not filed the required annual reports: ======================= ALTERNATIVE INVESTMENTS LLC ID Num: B2905F Name: ALTERNATIVE INVESTMENTS LLC Type: Domestic Limited Liability Company Resident Agent: PATRICK G SAINT MARIE Registered Office Address: 16553 LAFLEUR DR EAST LANSING MI 48823 Mailing/Office Address: Formation/Qualification Date:2-18-2003 Jurisdiction of Origin: MICHIGAN Managed by: Members Status: ACTIVE, BUT NOT IN GOOD STANDING AS OF 2-15-2007 Date: Present ======================= In fact, other than the original filing in 2003 for ALTERNATIVE INVESTMENTS LLC: only one annual report has been filed since, in 2004: Running this set up configuration through my vetting rules, red flags once for an out of current status LLC. PATRICK G SAINT MARIE opens a merchant under "ALTERNATIVE INVESTMENTS LLC" which is flagged as failing to meet the good standing Michigan state requirements. PATRICK G SAINT MARIE subsequently registers a DBA name of DIGIQUALITY.BIZ # D-0091650 which becomes the operating entity. He then uses the merchant account obtained under "ALTERNATIVE INVESTMENTS LLC" to process credit card charges on a website domain DIGIQUALITY.BIZ. That domain registration, though cloaked, is registered to an individual named Bill Anderson, major red flag #2, and most likely carded. Not only is the second red flag an MGD violation trigger, it also violates the Card Associations rules as well: quote: "Card Associations require that we have documents to prove that the website through which any sales are processed is owned and operated by the business with which the merchant account is associated. Therefore, please ensure that the domain name registration (the "WHOIS") for your URL is updated to show the "Registrant" matching. We must be able to view the updated "WHOIS" at your domain registrar's website prior to setting your account "live"". . Great rule !! not always enforced, and more importantly, do not tell the criminals to "make it match", which they can easily do after first registering it carded to an identity theft victim. Flag and refuse the account because it was not registered to the applicant in the first place. Giving them the opportunity to "make it match" later is asinine. My original red flag is never removed when the domain changes, as that can be easily forged, the failure is because the original registration did not match, thus an obvious indicator of fraud. [The act itself of applying for merchant processing services for a domain not registered to the applicant, is in itself a fraudulent application. There has to be documented contact between the original registrant and the merchant provider qualifying any subsequent change. Moreover, there must be a 30, 60, and 90 day recheck that the domain remains registered and non cloaked to the original applicant. In many cases the OCS will temporarily change the domain reg to the cyber-mule applicant, then change it to hide the mule after the merchant account is set up. Over the course of this multi year fraud operation the most prevalent red flag and fraud indicator, has been the fact that the merchant account domain was registered to a carded victim and not the applicant in over 90% of the card fraud laundering cases. As previously documented, during undercover communications with the OCS in 2008, this anomaly was presented to the criminals as a reason why a merchant account was difficult to obtain. The OCS replied that it should not matter as "they know" that the system does not check for this match. ] So in the case of this determined victim of the fraud, CHASE BANK, forces the victim to pay the fraud charge to the criminals because they blatantly accept a print out status from AUTHORIZE.NET as being prima facia evidence that the card holder actually consummated a transaction. CHASE is in clear violation of multiple federal banking rules including REG E which requires them to conduct a good faith investigation of a consumer fraud complaint. Not only did CHASE not meet those requirements, they just rubber stamped the Crime Syndicate's AUTHORIZE.NET transaction submission. Now of course CHASE never did really "investigate" the complaint as required by law. The amount in dispute was too small to make it past a level 1 incompetent clerical evaluation. Not only is the website DIGIQUALITY.BIZ now DIGIQUALITY.ORG is NOT capable of processing an externally submitted purchase. I have previously documented exactly how the Organized Crime Syndicate batch processes fraud charges using a script originating from IP addresses in Eastern Europe, which then connect through a bot proxy network of thousands of compromised US computers. Previous interceptions of card processing data originating from the OCS's network in eastern Europe document the processing of stolen card data via a botnet of US hijacked computers: [An example of a running OCS script, pumping card data via random US bot net IPs into a hidden php file stashed on the fake website, emulating purchases]: The Authorize.net submission which Chase used to establish that the victim is responsible for the charges is nothing more than which hijacked US computer was used as a proxy to inject that specific charge card data into Authorize.net's card processing network. The documented IP does not even meet the minimal legal requirement of establishing a connection to the real card holder. In a "normal" investigation they would need to establish that the IP address was connected to the card holder at the time of the transaction via ISP records. However, because of the amount, no one has any intention of fulfilling their legal obligation, thus the victim is forced by Chase to pay the criminals. They OCS repeatedly laughs all the way to the bank when picking up their millions a year extracted from consumers with the crucial and repeated decade long assistance from the financial system. A process which the FTC apparently calls in their report, the abusing of "loopholes" in the system by criminals. "Loopholes" they are not, massive open gateways in which huge fraud trucks can be repeatedly driven through unfettered is what they really are. As usual there are always reports from victims who never used the card online for a card not present CNP transaction. In theory, the victims card number and correct name and address, required for a CNP, should not have existed in any database outside of the issuing bank or where the card was printed at: quote: Anybody every get a fraudulent charge on their bank account from digiquality.biz? I did it is only $1.91 but I researched it and found its a scam. it supposed to be a website where you buy screensavers. I called the bank and they said it was done with my debit card. I dont know how they did it-- I never buy anyhting online. so beware. 5 months ago (Tiebreaker) Additional Details my card is never used by anyone else- I only use it at the grocery store or walmart. my husband has his own There are other victim reports of interest in that 9 month 148 entry worpress blog which began in December of 2009: »inforodeo.wordpress.com/2009/12/···y-theft/ such as: quote: =========================================== The US Navy Supply Command at Pearl Harbor just got hit for $4.91. We contacted the bank and reported it to the Fraud Unit. We have closed our account and requested a new one. Thank you everyone for confirming this fraud. =========================================== Thank you for your investigation on this scam. I too had a charge for $4.91 on 2/8/10. I called my credit union about the charge and got additional information and then googled digiquality.biz which gave me the info I needed from this wonderful blog. I called their number and got a recording of a very thickly accented Asian woman that said they couldn’t come to the phone and to leave a message. I then called back my credit union and got a different very uncooperative customer no service rep. She wasn’t interested in checking this blog for info on how this scam works and said since it was less than $10 there wasn’t anything they could do. That set me off! I asked for a supervisor and she said I got wrong info and I simply need to stop in at one of their branches and fill out a fraud report. They then would credit back the $4.91 if the fraud checks out. I will be doing that tomorrow. Thankfully, my credit union just issued new debit cards and the charge was from the old debit card that has been closed. If you are being stonewalled by your bank or credit union don’t let them get away with it. Ask for a supervisor or talk with the CFO’s office. It’s bad enough being ripped off without having your financial institution being an accessory to the fraud. Persevere my friends! ================================= This is a great site. I got hit with $4.91 (and an international transaction fee!) this month. I queried it with the bank, who were great and are investigating it. After looking at your site I cancelled my card. I reckon a lot of people won’t even notice this small charge on their credit card statements. Hope they can catch the lousy so and sos. ================================= Last night got an email from Bank of America that my husband’s debit card had been used to make a purchase at digiquality.biz for $4.91. I track all CC charges via email alert – even the $1 charges. He only uses the card at Wal-mart, Wal-Greens, US Post Office, at the pump at gas stations, and at times at fast food where he swipes the card himself. Sometimes the clerk swipes but always right in front of him where he can view the transaction. Never has it been used on the internet or phone. He always uses it as a CC & never enter the PIN. Wonder how they got his debit card number. This card is only about 3 mo old. Transaction date: 02/26/2010* Amount: $4.91 Merchant: DIGIQUALITY.BIZ -OKEMOS ,MI Immediately canceled card and called bank this AM to dispute charge. Told them BofA was mentioned in this Blog & problem has been going on for months. Asked why these thieves were still being allowed to do business. They said they’d investigate. Our new plan is to carry enough cash or alternate CC. If the transaction does not go through where we swipe ourselves, we pay a different way. We’re not handing a card to anyone any more. =============================== “2/25/2010, Miscellaneous Transaction, DIGIMARK.BIZ 517-759-1231 MI, $4.91? What disturbs me the most, is that this card is really new… I let the ATM chew up the old one a few months ago. Nearly all of my purchases since were in person, not online. I’ve literally only bought a song online with the card since then, and that from Amazon, who should be trusted. (right?) I had a paypall charge, too, but Paypal goes directly through the bank account without using the debit card. If these scammers were using paypal info, wouldn’t it come across as a transfer, rather than a debit deduction? I’m going in to my credit union today to deliver a signed statement and pick up a new card, and I’ll see if I can learn anything more about the charge. I suspect either JC was right, above, when he suggested a security breach in a retail store, OR these people are just trying numbers at random and seeing what they get. If the latter is the case, what’s to stop them from randomly hitting the card I’m about to go pick up? In any case, lets hope they can be stopped soon. This has definitely gone on too long! Signed, Paranoid and Annoyed ================================== Mine happened a couple of days after I donated to a political organization. First there was a $5 charge to a candidate in Florida I’ve never heard of but that charge did not go through as they did not have my correct info – just the card # The man in Florida said someone was using the name “Bill Gates” to make the charges. Next there was a $10 from Skype that never went through and finally the $4.91 charge from .Biz that did go through so I finally cancelled my card. I do have an Amazon account but none of my info is stored there. Also have Pay Pal but it is rarely used. I agree with reporting the BBB – it’s definitely a start! Grrr… there’s no telling who has our numbers with the amount of outsourcing America does plus people right here who are rip off artists! That’s a world of thievery! ====================== I also got hit with a $4.91 debit charge on my debit card from Michigan. Three days later a $29.90 hit from a phonesandcalls.com both scams. I will talk to the bank tomorrow. Thanks for the good information on this website ========================= This victim report is interesting, they first post this on March 13th to the blog: quote: By: Paula on March 13, 2010 3/09/10 my debit card was used for a $4.91 purchase from digiquality.biz Rarely use this card online. While I have paypal and amazon, it’s not linked to this card. I may have purchased embroidery designs, that makes 3 of us who mentioned that. I checked the BBB.org and they don’t show any complaints for this company. I was notified by my bank of this charge. So they must be aware of the company. Of course the card was canceled. Paula returns two months later and posts this: quote: By: Paula on May 12, 2010 at 2:37 pm I had my credit card number stolen and posted back in March. I wanted to say that I received a letter from an embroidery design merchant that said they were a victim of a theft of sensitive data information and they had contacted the FBI. Internet hackers were able to steal credit card info back to Feb. The letter said it is similar to several large scale attacks affecting 75,000 computer systems at 2,500 companies. The company says it no longer stores personal information in it’s database and it is now handled by a third party company. I think the lesson is to make sure the company you deal with online does not store your information in it’s computer. I am now going to ask companies if they do before I purchase, so that if the company gets hacked my information isn’t stored there. Paula One very irritated victim posts the ARN for the fraud charge: quote: ====================================== Fucking stupid American Banking system. Why it’s happens to people.I saw the charges today 7.91.It means that in this country i can’t believe to anybody. Stupid people use banking system and i have the account in Bank of America, i was thinking that this is the best bank, but everything is bullshit. CHECKCARD 0502 DIGIQUALITY.ORG 517-759-1231 MI 24110390123286178700307 ========================================== »inforodeo.wordpress.com/2009/12/···comments That ARN data appears to point to HARRIS TRUST AND SAVINGS BANK aka Harris N.A. USA Chicago Illinois »www.harrisbank.com as being the acquirer bank where the business account is located. However, there does not appear to be any bank branches anywhere in Michigan, nevermind in Okemos, Mi., where the mule appears to be located. Wikipedia states: Harris Bank is an American bank based in Chicago, Illinois. The bank founded by Norman Wait Harris, is primarily located in the Midwest, and is owned by the Toronto-based Bank of Montreal. Today the bank holding company is formally named Harris Bankcorp, Inc. So at this point the actual acquirer bank for ALTERNATIVE INVESTMENTS LLC aka DIGIQUALITY.ORG 517-759-1231 FKA DIGIQUALITY.BIZ needs further confirmation. MGD
	to forum · permalink · 2010-10-10 01:40:46 ·
MGD Premium,MVM join:2002-07-31 kudos:9 1 edit	Part 2 of 2: SCAM FRAUD = MEETTHEICONS.COM 952-955-4871 = FRAUD SCAM »meettheicons.com Snapped 2010-10-18 23:05:39 ICANN Registrar: ACTIVE REGISTRAR, INC. Registration Service Provided By: Active-Domain LLC Domain Name: MEETTHEICONS.COM Expiry Date: 23-Apr-2011 Creation Date: 23-Apr-2010 Name servers: ns1.ipage.com ns2.ipage.com Registrant Name: Whois Manager Registrant Company: Whois Proof LLP Registrant Email Address: Registrant Address: PO Box 4120 Registrant City: Portland Registrant State/Region/Province: OR Registrant Postal Code: 97208-4120 Registrant Country: US Registrant Tel No: +1.2024700599 Registrant Fax No: +1.8663666681 Name servers: ns1.active-dns.com ns2.active-dns.com »meettheicons.com/contact_us Snapped 2010-10-18 23:05:21 =========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: 952-955-4871 Email: support@meettheicons.com Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! Contact Form ========================== IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-04-24 New -none- 67.228.37.8 2010-04-24 Not Resolvable 67.228.37.8 -none- 2010-04-28 New -none- 66.96.147.113 2010-10-04 Change 66.96.147.113 207.148.254.83 »meettheicons.com/about_us Snapped 2010-10-18 23:05:59 From ~ 04/28/2010 until 10/4/2010 meettheicons.com was hosted on IP 66.96.147.113 Since shadowing it has ============================================= IP Location: United States Burlington The Endurance International Group Inc Resolve Host: 113.147.96.66.static.eigbox.net IP Address: 66.96.147.113 Reverse IP: 2,825 other sites hosted on this server. Server Type: Apache IP Address: 66.96.147.113 IP Location: - Massachusetts - Burlington - The Endurance International Group Inc Domain Status: Registered And Active Website ============================================= Since shadowing it has now recently moved to a dedicated IP on thar same host 207.148.254.83 Resolve Host: 83.254.148.207.static.yourhostingaccount.com That may be indicative that it has now been assigned to a cyber-mule and has recently obtained a merchant account. I suspect that the other multi use IP did not have dedicated SSL available. Watch for reported fraud charging in about 30 to 60 days. Could not have sales, besides no operating shopping cart, no one knows it is there: [imaging failed] »meettheicons.com/robots.txt Snapped 2010-11-03 18:51:57 . SCAM FRAUD = A-PLUS-ICONS.COM 252-377-4462 = FRAUD SCAM Added archived image as a-plus-icons.com appears to be offline currently »a-plus-icons.com Snapped 2010-11-03 18:52:59 ICANN Registrar: ACTIVE REGISTRAR, INC. Registration Service Provided By: Active-Domain LLC Domain Name: A-PLUS-ICONS.COM Expiry Date: 23-Apr-2011 Creation Date: 23-Apr-2010 Name servers: ns1.dnsexit.com ns2.dnsexit.com ns3.dnsexit.com ns4.dnsexit.com Registrant Name: Whois Manager Registrant Company: Whois Proof LLP Registrant Email Address: Registrant Address: PO Box 4120 Registrant City: Portland Registrant State/Region/Province: OR Registrant Postal Code: 97208-4120 Registrant Country: US Registrant Tel No: +1.2024700599 Registrant Fax No: +1.8663666681 »a-plus-icons.com/contact_us Snapped 2010-11-03 18:52:46 =========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: 252-377-4462 Email: support@a-plus-icons.com a-plus-icons.com Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! ========================== IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-04-24 New -none- 67.214.175.68 »a-plus-icons.com/about_us Snapped 2010-11-03 18:52:10 . . SCAM FRAUD = ICON-MONSTER.COM 810-678-9694 = FRAUD SCAM »icon-monster.com Snapped 2010-11-03 08:00:29 2010-09-14 said by EBMOM3 : JUST A HEADS UP THAT ANOTHER NAME THESE PEOPLE ARE USING IS ICON-MONSTER.COM. A FAKE WEBSITE CLAIMING TO SELL "ICONS". I GOT THE 7.42 CHARGE ON MY DEBIT-VISA LAST WEEK AND IMMEDIATELY CANCELED MY CARD. HOPEFULLY THE SAME DOESN'T HAPPEN WITH THE REPLACEMENT. THIS JUST PLAIN SUCKS. THE SAME EVENING THE CHARGE SHOWED UP, I DID USE PAYPAL, AND MY STUDENT LOAN PAYMENT WENT THROUGH (ONLINE). I'M GUESSING IT'S ON PAYPAL'S END, BUT WHO REALLY KNOWS. WHAT I DON'T GET IS THAT THERE IS SO MUCH INFORMATION HERE IN REGARDS TO THIS WHOLE FRAUD ORGANIZATION, THAT THERE CAN'T BE ANYTHING DONE ABOUT IT. »[Credit Card Fraud] BEWARE*Fruadulant charges from ICON-MONSTE Registration Service Provided By: Active-Domain LLC Domain Name: ICON-MONSTER.COM Expiry Date: 16-Jun-2011 Creation Date: 16-Jun-2010 Name servers: ns1.webprole.com ns2.webprole.com Registrant Name: Whois Manager Registrant Company: Whois Proof LLP Registrant Email Address: Registrant Address: PO Box 4120 Registrant City: Portland Registrant State/Region/Province: OR Registrant Postal Code: 97208-4120 Registrant Country: US Registrant Tel No: +1.2024700599 Registrant Fax No: +1.8663666681 Name servers: ns1.active-dns.com ns2.active-dns.com »icon-monster.com/contact_us Snapped 2010-10-18 23:22:14 =========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: (810) 678-9694 Email: support@icon-monster.com Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! Contact Form ========================== IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-06-17 New -none- 67.228.37.8 2010-06-19 Change 67.228.37.8 174.132.168.254 2010-07-03 Change 174.132.168.254 174.132.168.244 »icon-monster.com/about_us Snapped 2010-10-18 23:21:57 Server Type: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 IP Address: 174.132.168.244 IP Location: - Texas - Dallas - Theplanet.com Internet Services Inc Response Code: 200 Domain Status: Registered And Active Website [reverse DNS - f4.a8.84ae.static.theplanet.com] . . SCAM FRAUD = ICON-O-MATIC.ORG 262-891-4869 = FRAUD SCAM »icon-o-matic.org Snapped 2010-11-03 07:59:44 Domain ID:D159972929-LROR Domain Name:ICON-O-MATIC.ORG Created On:24-Aug-2010 11:06:10 UTC Last Updated On:05-Sep-2010 12:40:21 UTC Expiration Date:24-Aug-2011 11:06:10 UTC Sponsoring Registrar: Active Registrar, Inc. (R1709-LROR) Status:TRANSFER PROHIBITED Registrant ID:ACTR1009056783 Registrant Name:Whois Manager Registrant Organization:Whois Proof LLP Registrant Street1:PO Box 4120 Registrant Street2: Registrant Street3: Registrant City:Portland Registrant State/Province:OR Registrant Postal Code:97208-4120 Registrant Country:US Registrant Phone:+1.2024700599 Registrant Phone Ext.: Registrant FAX:+1.8663666681 Registrant FAX Ext.: Name Server:NS51.1AND1.COM Name Server:NS52.1AND1.COM »icon-o-matic.org/contact_us Snapped 2010-10-18 23:21:40 =========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: (262) 891-4869 Email: support@icon-o-matic.org Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! Contact Form ========================== Not too difficult to figure out what the fraud charge amount is going to be, in this case $7.85, $4.85, $1.85 »icon-o-matic.org/products/description/32 Snapped 2010-10-18 23:32:15 »icon-o-matic.org/products/description/22 Snapped 2010-10-18 23:31:58 The OCS always randomizes the amount so that searches of the actual fraud amount do not bring up multiple instances of the fraud under various names. Remember, a primary goal is to prevent anyone from recognizing the full extent of the massive fraud operation. The most current example of the successful tactic is the FTC action which only unearhthed a very small portion of the operation. The FTC was even fooled into thinking that they have seriously disrupted an ongoing fraud. A conclusion no different than many of the previous investigative incidents, e.g. "Pluto Data" & "Digital Age" etc. IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-08-25 New -none- 67.228.37.8 2010-09-04 Change 67.228.37.8 74.208.237.116 »icon-o-matic.org/about_us Snapped 2010-10-18 23:19:58 IP Address: 74.208.237.116 IP Location: - Pennsylvania - Wayne - 1&1 Internet Inc Response Code: 200 Domain Status: Registered And Active Website . . SCAM FRAUD = DESIREEFFECT.ORG 360-203-3909 = FRAUD SCAM »desireeffect.org Snapped 2010-10-18 23:42:41 Domain ID:D159275469-LROR Domain Name:DESIREEFFECT.ORG Created On:26-May-2010 18:14:56 UTC Last Updated On:26-Jul-2010 03:49:07 UTC Expiration Date:26-May-2011 18:14:56 UTC Sponsoring Registrar:DomainPeople, Inc. (R30-LROR) Status:CLIENT TRANSFER PROHIBITED Registrant ID:fe4be1089bed0c06 Registrant Name:WhoisProtector desireeffect.org Registrant Organization:WhoisProtector Inc. Registrant Street1:100 N Riverside, Suite 800 Registrant Street2: Registrant Street3: Registrant City:Chicago Registrant State/Province:IL Registrant Postal Code:60606 Registrant Country:US Registrant Phone:+1.3129947654 ========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: (360) 203-3909 Email: support@desireeffect.org Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! Contact Form ========================== »desireeffect.org/contact_us Snapped 2010-11-03 07:59:30 IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-05-27 New -none- 207.150.212.131 Resolve Host: 113.147.96.66.static.eigbox.net Server Type: Apache/Nginx/Varnish IP Address: 66.96.147.113 IP Location: - Massachusetts - Burlington - The Endurance International Group Inc Domain Status: Registered And Active Website »desireeffect.org/about_us Snapped 2010-11-03 07:59:15 . . SCAM FRAUD = WONDERFULICONS.COM 707-682-5738** = FRAUD SCAM »wonderfulicons.com Snapped 2010-10-19 00:09:00 ========================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: 707-682-5738 Email: support@wonderfulicons.com Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! ========================== »wonderfulicons.com/contact_us Snapped 2010-10-19 00:08:42 Registration Service Provided By: Active-Domain LLC Domain Name: WONDERFULICONS.COM Expiry Date: 31-May-2011 Creation Date: 31-May-2010 Name servers: ns1.eleven2.com ns2.eleven2.com Registrant Name: Whois Manager Registrant Company: Whois Proof LLP Registrant Email Address: cd2zp0dlq6@whoisproof.com Registrant Address: PO Box 4120 Registrant City: Portland Registrant State//www.active-domain.com /Region/Province: OR Registrant Postal Code: 97208-4120 Registrant Country: US Registrant Tel No: +1.2024700599 Registrant Fax No: +1.8663666681 »wonderfulicons.com/about_us Snapped 2010-10-19 00:20:31 IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-06-03 New -none- 174.136.32.19 2010-06-12 Change 174.136.32.19 174.136.32.156 . MGD
	to forum · permalink · 2010-10-19 01:32:59 ·
MGD Premium,MVM join:2002-07-31 kudos:9 3 edits	This OCS fraud group rounded out with the last of the pack which deserves another post. Over the last half decade plus of this crime syndicate's card fraud laundering operation, you can weave a forensic evidence thread that connects all of the groups together. Sometimes there are multiple and significant connections, other times it may be just one crumb. In this case it was SCAM FRAUD = WONDERFULICONS.COM 707-682-5738 = FRAUD SCAM which reached back in history and connected this run to another OCS 2008 fraud operation group »wonderfulicons.com Snapped 2010-10-19 00:09:00 As listed in the prior post WONDERFULICONS.COM's hosting history: wonderfulicons.com IP Address History Event Date Action Pre-Action IP Post-Action IP 2010-06-03 New -none- 174.136.32.19 2010-06-12 Change 174.136.32.19 174.136.32.156 The OCS's dedicated server on IP 174.136.32.156 also hosted another fraud domain EXTRASCREENSAVER.COM which never made it to prime time: Extrascreensaver.com IP Address History Event Date Action Pre-Action IP Post-Action IP 2009-09-24 New -none- 205.178.145.65 2010-07-21 Change 205.178.145.65 174.136.32.156 2010-09-13 Change 174.136.32.156 68.178.232.99 Though now parked at GoDaddy, it is the domain registration of EXTRASCREENSAVER.COM which ties this fresh group back to prolific fraud domains active from late 2008 through most of 2009: Not only was this Florida victim's identity and card data used for the September 2009 registration of Extrascreensaver.com: =========================== Registrant: Catren Safarjalani 2005 Brandon Crossing Gooble Apt 203 Brandon, Florida 33571 United States Domain Name: EXTRASCREENSAVER.COM Created on: 09-Sep-09 Expires on: 09-Sep-10 Last Updated on: 09-Sep-09 Administrative Contact: Safarjalani, Catren Csmail888@gmail.com 2005 Brandon Crossing Gooble Apt 203 Brandon, Florida 33571 United States 18504178537 Fax -- =========================== It was also used a year earlier to register and cloak the October 2008 domain registration of the prolific 2008 - 2009 fraud charging operation of EASTCOASTMOBILESTYLE.BIZ =========================== Domain Name: EASTCOASTMOBILESTYLE.BIZ Domain ID: D27495449-BIZ Sponsoring Registrar: MELBOURNE IT LTD Sponsoring Registrar IANA ID: 13 Domain Status: clientTransferProhibited Registrant ID: A122332135397149 Registrant Name: Catren Safarjalani Registrant Organization: Private Registration US Registrant Address1: P O Box 99800 Registrant City: EmeryVille Registrant State/Province: CA Registrant Postal Code: 94662 Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.5105952002 Registrant Email: contact@myprivateregistration.com Billing Contact ID: A122332135397147 Name Server: YNS1.YAHOO.COM Name Server: YNS2.YAHOO.COM Created by Registrar: MELBOURNE IT LTD Domain Registration Date: Mon Oct 06 19:34:21 GMT 2008 Domain Expiration Date: Mon Oct 05 23:59:59 GMT 2009 =========================== »EASTCOASTMOBILESTYLE.BIZ Snapped 2009-03-20 03:50:38 »eastcoastmobilestyle.biz/contacts.php Snapped 2009-03-20 03:50:20 »eastcoastmobilestyle.biz/robots.txt Snapped 2009-03-20 03:50:03 The prolific card fraud operation of EASTCOASTMOBILESTYLE.BIZ gained global attention for processing fraud charges on card victims from Australia to South Africa to South America, to Hungary, the UK, France and Switzerland, and many other countries: »Ebook websites, fraud charges, Devbill/DigitalAge/Pluto The prolific fraud charging not only generated numerous pages of search results on Google:»www.google.com/search?hl=en&sour···ILESTYLE it even gained the attention of a journalist in Switzerland, Desiree Pompes, who wrote about a Swiss victim of the EASTCOASTMOBILESTYLE fraud charge, translated snip: »Ebook websites, fraud charges, Devbill/DigitalAge/Pluto You can take a needle, then thread the links from the latest Digiquality.org to the dozen Icon website frauds at the production factory, then back to the 2008 EASTCOASTMOBILESTYLE and its prolific CHEAPESTTHEMES.COM sister: »cheapestthemes.com Snapped 2009-03-07 00:55:52 ... which managed to generate its own warning page in mid 2009 on the Ocean City, MD, police dept. website: »ocpdmdinfo.blogspot.com/2009/07/···est.html Despite the Organized Crime Syndicate's renewed and vigorous efforts to disperse the operation and make it appear like minor unrelated cluster frauds, they still leave a connecting trail which continues to expose a massive multi-million dollar global organized fraud operation. MGD
	to forum · permalink · 2010-10-19 04:03:12 ·
codeslave join:2010-11-11 Fitzwilliam, NH	reply to MGD I have a similar domain name (iconomatic.com) as to one of the sites being used in this fraud (icon-o-matic.org), so I've been getting a lot of mail recently from people asking about mysterious unauthorized charges on their accounts. Is there any way I can get this domain name removed? I'm now directing people to contact that other site or better yet, their credit card company, but I'd rather have the other site shut down if possible. Thanks!
	to forum · permalink · 2010-11-11 11:59:58 ·
Whip join:2009-01-23 Califon, NJ	said by codeslave: I have a similar domain name (iconomatic.com) as to one of the sites being used in this fraud (icon-o-matic.org), so I've been getting a lot of mail recently from people asking about mysterious unauthorized charges on their accounts. Is there any way I can get this domain name removed? I'm now directing people to contact that other site or better yet, their credit card company, but I'd rather have the other site shut down if possible. Thanks! Actually, you could be key in getting it shut down by telling everyone to file a fraudulent charge complaint to their card issuer and correct them on the website to reference. This would get the chargebacks started.
	to forum · permalink · 2010-11-11 19:34:45 ·

Doctor Olds I Need A Remedy For What's Ailing Me. Premium,VIP join:2001-04-19 1970 442 W30 kudos:18	reply to codeslave said by codeslave: I have a similar domain name (iconomatic.com) as to one of the sites being used in this fraud (icon-o-matic.org), so I've been getting a lot of mail recently from people asking about mysterious unauthorized charges on their accounts. Is there any way I can get this domain name removed? I'm now directing people to contact that other site or better yet, their credit card company, but I'd rather have the other site shut down if possible. Thanks! You should write up a small summary page on your site (also to use to refer email inquiries to) and tell them to not contact the other web site at all and to instead file a fraud complaint with their Credit Card Provider and also to report the fraud to the Internet Crime Complaint Center (IC3) \| File a Complaint Page at the same time. That first action will generate a large number of charge backs to quickly kill the merchant account that is currently funneling the stolen charges overseas into the criminals hands while the second action will help show the authorities how large the problem truly is today. If you would create a summary page as described that would be greatly effective against these criminals and it would be appreciated by all here that try to fight these criminals and the mules they trick into being party to the long running fraud. -- What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?
	to forum · permalink · 2010-11-11 20:39:57 ·
MGD Premium,MVM join:2002-07-31 kudos:9 1 edit	reply to codeslave said by codeslave: I have a similar domain name (iconomatic.com) as to one of the sites being used in this fraud (icon-o-matic.org), so I've been getting a lot of mail recently from people asking about mysterious unauthorized charges on their accounts. Is there any way I can get this domain name removed? I'm now directing people to contact that other site or better yet, their credit card company, but I'd rather have the other site shut down if possible. Thanks! While you can alert victims who contact you that the the actual fraud website is SCAM FRAUD = ICON-O-MATIC.ORG 262-891-4869 = FRAUD SCAM »icon-o-matic.org. Rather than instruct fraud victims to contact the criminals,victims should report the charge as FRAUDULENT and cancel and replace their card. I recently posted an additional alert on 800notes.com »800notes.com/Phone.aspx/1-262-891-4869 Getting the fraud website ICON-O-MATIC.ORG 262-891-4869 shut down may be difficult to do. Success in the past at closing them has been spotty at best. At times everyone from GoDaddy, to JaguarPC, et all, have refused to pull the plug. More importantly, shutting the website down will not stop that specific card fraud operation from processing charges under that name, and thus is unlikely to stop victims from contacting you in error. While it may not be of any consolation to you, fraud victims contacting the wrong entity in error has been going on for over 5 years. In 2005, Digital Age Products digitalageproducts.com was inundated with hundreds of consumer complaints over the Digital Age fraud charges. So much so that the legitimate and unrelated digitalageproducts.com created a consumer alert and warning page, which was reposted on our forum: »Re: Digital Age Fraud Victims * READ THIS FIRST Since then many legitimate website owners have been mistakenly identified by victims who believed that the charges were originating from similar named entities. it has been a recurring problem over the years. In fact, right now while you have been fielding consumer complaints about the rogue ICON-O-MATIC.ORG fraud charges, so too has another legitimate website caught up in the "ICON" confusion and mis-identification. Apparently the legitimate fashion website Iconique.com has also been on the receiving end of consumer complaints over the card fraud laundering charges processed from the fraudulent TheIconique.com »TheIconique.com and have posted several warnings, including one on twitter and also on their main page: said by iconique.com : ICONIQUE > STYLE & FASHION > FASHION & TRENDS NEWS WARNING: MALICIOUS PAYMENTS! We received various emails from people who have been charged on their credit cards or paypal accounts by a website called TheIconique.com The online fashion magazine ICONIQUE.com is UNRELATED to THEICONIQUE.com which seems to be an icons website based in New York. If you received any charges or paypal notices, please report this asap to Paypal or your bank. We reported these issues to Paypal as well, but we are mere victims of a mixup in domain names. Please inform us if you have been charged by this party! »www.iconique.com/flash/fashionnews.php And: said by twitter.com/iconiquemag : Iconique.com is UNRELATED to theiconique.com / if you received any charges or paypal notices, please report this asap to Paypal or your bank 5:20 PM Nov 3rd via web The most effective, and only way to stop the misdirected complaints is to identify and have the associated merchant account for ICON-O-MATIC.ORG shut down, and the related business bank account and remaining assets frozen. In that respect I have obtained the line item billing descriptor from a victim of a recent ICON-O-MATIC.ORG fraud charge: ---------------------- 11/XX/10 CHECK CRD PURCHASE 11/XX ICON-O-MATIC 262-891-4869 WI $1.85 ---------------------- Multiple victim reports now confirm that the area code of the "contact us" number for this latest group genre will match to the state where the cyber-mule, merchant account and acquirer bank is located. In the case of ICON-O-MATIC we now know that to be located in Wisconsin. Furthermore, the Acquirer Reference Number (ARN) for a recent transaction shows that the Bank Identification Number (BIN) is 443105. Unfortunately, and an unusual scenario, all the BIN databases that I have access to do not have a designated assignment for a BIN 443105. Thus the bank, presumably located in Wisconsin, where the business acquirer and merchant account are located, and from where the bulk fraud proceeds are collected at and then laundered out of the country from, remains an unusual mystery. At least for now, until the banking institution behind BIN # 443105 can be identified. With respect to identifying the potential US based cyber-mule a search of the Wisconsin Division of Corporations database for the word "ICON" »www.wdfi.org/apps/CorpSearch/Res···e&q=ICON does not produce any definitive hits, though one or two are worth reviewing. However, the actual LLC/Corp may have a totally unrelated name to the domain, and may not even contain the word "ICON". The fact that your legitimate domain iconomatic.com is receiving victim complaints for the card fraud laundering at ICON-O-MATIC.ORG and the legitimate Iconique.com is receiving victim complaints for the card fraud laundering at THEICONIQUE.COM is a testament that this Organized Crime Syndicate is now fully embedded inside the financial system.The recent published list of fraud operating entities especially those posted by nobounds and moike almost appear dormant. However behind the scenes they are pumping massive amounts of hijacked card data through the card processing system. Yet only minor amounts of sporadic complaint data makes it to the surface. The recent list on the last few pages represents only a fraction of the hundreds of card fraud laundering websites that this OCS has currently active. In fact a check of the 99,041 domains that were registered on 8/24/2010, the same day as icon-o-matic.org, and selecting only those that begin with "ICON" produces this list: A check of all 99k domains for 08/24 that contain "ICON" anywhere in the string would produce a larger list, however this restricted selection already produces another previously unreported sister card fraud laundering entity: SCAM FRAUD = Icon Sets aka ICON-SETS.ORG 786-871-6077 = FRAUD SCAM »icon-sets.org Snapped 2010-11-14 02:25:24 =============================== Have questions? Get in touch with us! For all issues related to use and operation of product purchased on our website and for all billing and technical support, please give us a call or email. Our contact details Phone: 786-871-6077 Email: support@icon-sets.org Contact our support team easily You can send us a message directly from this page using the form below and we'll try to answer you shortly. We are eager to help you! Contact Form =============================== »icon-sets.org/contact_us Snapped 2010-11-14 02:25:10 Domain ID:D159972936-LROR Domain Name:ICON-SETS.ORG Created On:24-Aug-2010 11:07:03 UTC Last Updated On:13-Nov-2010 09:01:39 UTC Expiration Date:24-Aug-2011 11:07:03 UTC Sponsoring Registrar:Active Registrar, Inc. (R1709-LROR) Status:OK Registrant ID:ACTR1011132197 Registrant Name:Whois Manager Registrant Organization:Whois Proof LLP Registrant Street1:PO Box 4120 Registrant Street2: Registrant Street3: Registrant City:Portland Registrant State/Province:OR Registrant Postal Code:97208-4120 Registrant Country:US Registrant Phone:+1.2024700599 Registrant Phone Ext.: Registrant FAX:+1.8663666681 Registrant FAX Ext.: Name Server:NS15.WORLDNIC.COM Name Server:NS16.WORLDNIC.COM Server Type:Apache/2.2.14 (Unix) FrontPage/5.0.2.2635 IP Address:206.188.192.187 IP Location: - Virginia - Herndon - Network Solutions Llc Response Code:200 Domain Status:Registered And Active Website You can certainly try and have the hosting of the card fraud laundering domain ICON-O-MATIC.ORG 262-891-4869** terminated however the effect may be only minimal in terms of the complaint volume as they may move the hosting elsewhere. Or if the domain registration is revoked then .us .info .net and .biz are all available. Plus none of the options are likely to prevent the merchant account from continuing to process fraud charges. As Whip and Doctor Olds stated, directing the victims who contact you to report the charges as fraudulent to their institutions will increase the chargeback ratio and may trigger the merchant account to be flagged and ultimately be suspended. MGD
	to forum · permalink · 2010-11-14 02:51:52 ·
MGD Premium,MVM join:2002-07-31 kudos:9	reply to codeslave said by codeslave: I have a similar domain name (iconomatic.com) as to one of the sites being used in this fraud (icon-o-matic.org), so I've been getting a lot of mail recently from people asking about mysterious unauthorized charges on their accounts. Is there any way I can get this domain name removed? I'm now directing people to contact that other site or better yet, their credit card company, but I'd rather have the other site shut down if possible. Thanks! Kudos for placing an alert of your site ribbon-o-matic.com »www.ribbon-o-matic.com about the car fraud laundering site ICON-O-MATIC.ORG Hopefully it will stop victims from incorrectly associating your site with the fraudulent one. MGD
	to forum · permalink · 2010-11-27 14:30:08 ·

Broadband Tech > Security > Scam and Phishbusters > Ebook websites, fraud charges, Devbill/DigitalAge/Pluto