removed
Crisis Management Squad
Premium,VIP
join:2002-02-08
Houston, TX
clubs: | reply to kamm
Re: Notify the right people
You're a few days late, but OK, thanks for sharing. |
|
kamm
join:2001-02-14
Brooklyn, NY
 ·T-Mobile US
| reply to removed
said by removed  :said by gatzdon :Anyone feel like constructing a brief summary with appropriate links and sending it to all the right people in the scammer's town, like the churches, store owners, government officials, local police, local groups and organizations, etc... We may get lucky and people who personally know the scammer will find out. People that the scammer wouldn't want to know like family. Phishing is a huge industry in Eastern Europe, especially Romania. Only in the non-EU part. |
|
gatzdon
join:2002-10-25
Lake Zurich, IL
| reply to MGD
When the police are corrupt
All you have left is to embarass the scammer.
I know this will never happen, but it would be funny if when local merchants find out, they put a picture of the scammer up in their store stating that they only accept cash from this individual. (analogous to the bad check list by the register).
--
$100 placed at 7 percent interest compounded quarterlyfor 200 years will increase to more than $100,000,000 --by which time it will be worth nothing.- Lazarus Long |
|
pleekmo
Triptoe Through The Tulips
Premium
join:2001-09-14
Manchester, CT
clubs:
| reply to removed
Re: Notify the right people
said by removed :All you'd do by alerting churches, store owners, and so on is having more people beg him for money and try to be his friends. Ah... But this might irritate him even more than possible illumination by legal authorities. There's nothing a low-life hates more than having to share his/her/its loot. And just think of it: someone may become p***ed off that Borica is not sharing his/her/its loot properly like a low-life should and perhaps arrange for a more forceful redistribution of wealth.
--
HCN: Because you deserve a rest!
Free Omelas! |
|
removed
Crisis Management Squad
Premium,VIP
join:2002-02-08
Houston, TX
clubs:
| reply to gatzdon
said by gatzdon :Anyone feel like constructing a brief summary with appropriate links and sending it to all the right people in the scammer's town, like the churches, store owners, government officials, local police, local groups and organizations, etc... We may get lucky and people who personally know the scammer will find out. People that the scammer wouldn't want to know like family. Phishing is a huge industry in Eastern Europe, especially Romania. The police certainly try to crack down on it, but it is still very much of a problem. Corruption plays a big part in it as well.
All you'd do by alerting churches, store owners, and so on is having more people beg him for money and try to be his friends. 
As for family - they definitely know. Mom and dad tend to put 2 and 2 together when Junior is bringing in $5k a week.
--
irc.removed.us - #dslr | DSLR Phishtracker | Morning Glory Comics | Email: removed@dslr.net | Phone: 718-606-4100 |
|
s0tet
join:2005-06-08 |  reply to scott1527
Re: Ebay Phisher, Meet and Greet !!
great thread. I have enjoyed reading all of this. Keep up the fight.
Amazing, a criminal would have such personal info about himself online, but I am sure there are others like him. Sheesh. |
|
scott1527
Premium
join:2003-01-19 | reply to MGD
i sent an email to
police@politiaromana.ro
support@politiaromana.ro
none bounced back so i assume they have recieved my email :P |
|
Tzale
Proud Libertarian Conservative
Premium
join:2004-01-06
Sweden
 ·Verizon FIOS
 ·Optimum Online
| reply to gatzdon
Re: Notify the right people
said by gatzdon :Anyone feel like constructing a brief summary with appropriate links and sending it to all the right people in the scammer's town, like the churches, store owners, government officials, local police, local groups and organizations, etc... We may get lucky and people who personally know the scammer will find out. People that the scammer wouldn't want to know like family. I've got free VOIP calls. Guess I'll be making one soon!
--
»www.stop-us-military-aid-to-israel.net/
FACTS NOT PROPAGANDA |
|
gatzdon
join:2002-10-25
Lake Zurich, IL
| reply to MGD
Anyone feel like constructing a brief summary with appropriate links and sending it to all the right people in the scammer's town, like the churches, store owners, government officials, local police, local groups and organizations, etc... We may get lucky and people who personally know the scammer will find out. People that the scammer wouldn't want to know like family.
--
$100 placed at 7 percent interest compounded quarterlyfor 200 years will increase to more than $100,000,000 --by which time it will be worth nothing.- Lazarus Long |
|
peter_m
Premium
join:2005-07-13
Canada, QC | reply to kamm
Re: Ebay Phisher, Meet and Greet !!
That doesn't stop everyone else from signing up and making it harder for these criminals. What are all the other nations doing about it? |
|
E_V
Premium
join:2000-09-29
Vancouver, BC
clubs:
| reply to wcweaver
said by wcweaver :I passed this information to the head of thr Romanian National Police at the Southeast European Cooperative Initative, SECI Center in Bucharest, Romania. Obviously everyone's goal is to wipe out scammers, and if that happens, awesome. By turning up the heat and letting them know eyes are everywhere, watching keystrokes, tracking them relentlessly I am content knowing that in the interim where they thought they had a free ride they are now (if they have any brains at all) beginning to perspire.
After all....
August 21 2006 Romanian police arrested 23 people in the southern city of Pitesti as part of a clampdown on internet scam rings operating in the eastern European country. The arrested individuals are among a group of 63 suspects wanted for questioning over allegations they ripped off in excess of $120,000 from 120 foreign marks. FBI and US officials assisted in the investigation that culminated in the recent arrests, local police said on Saturday. If convicted, the suspects face up to 15 years imprisonment for ID theft offences. » www.theregister.co.uk/2006/08/21···ampdown/October 28 2005 London - Three Romanian fraudsters have been jailed on Friday in London for their part in a worldwide fraud scam carried out via Internet auction house eBay, which netted at least £300 000 (about R35,7-million). » www.int.iol.co.za/index.php?set_···0793B265May 18 2006 A group of financial fraudsters stealing money from US citizens’ accounts has been arrested in Moscow. The criminals were stealing money through ATMs. Spokespeople for US police addressed to the Moscow Interior Affairs Department for Struggle Against Economic Crimes several months ago. US officials said that someone was regularly stealing money from credit cards belonging to US citizens. The money, the officials said, was cashed from Moscow ATMs. They added that the credit card holders had never visited Russia before. » english.pravda.ru/hotspots/crime···t_card-0  |
|
wcweaver
Premium
join:2002-02-22
Fort Myers, FL
clubs:
 ·Future Nine Corpor..
·Comcast
 ·Embarq
| reply to MGD
I passed this information to the head of thr Romanian National Police at the Southeast European Cooperative Initative, SECI Center in Bucharest, Romania. I don't know if they will do anything but who knows. Hopefully they will turn up the heat on Mr Andra.
SECI website »www.secicenter.org/ |
|
kamm
join:2001-02-14
Brooklyn, NY
·T-Mobile US
| reply to MGD
This guys is obviously a career criminal - no job, no interest of having a job and it's most likely also a satisfying "work" for him.
I've immigrated from Mid-EU, I have seen guys like this all over the place around early 90s, even I was offered huge money by gangs to help them in computer crimes (I'm engineer too) which I always immediately refused. (As, of course, online shopping haven't existed yet back then, offers usually meant something bigger - and more crazier - 'gig'...)
Now that region - now part of EU - is well ahead of Romania, so no wonder this kind of "profession" moved into 'more secure' areas (= less police influence expected) eastward, mostly to the Balkan and Romania, Ukraine etc. |
|
MxxCon
join:1999-11-19
Brooklyn, NY
clubs:
| reply to MGD
let's give more fame/shame to this scammer? 
»digg.com/security/Meet_a_Romania···_Scammer
--
[Sig removed by Administrator: Signature can not exceed 20GB] |
|
kamm
join:2001-02-14
Brooklyn, NY
·T-Mobile US
| reply to Doctor Olds
said by Doctor Olds :It's a shame there is not an International Computer Crimes Agency with Worldwide jurisdiction. I agree although it would be just as impossible to have the US to be a signee as on the The Hague - we would claim with our usual pathetic hypocrisy that 'everybody is subject except Americans, sorry.' |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| reply to MGD
It's a shame there is not an International Computer Crimes Agency with Worldwide jurisdiction. She would wet her panties if the Police picked her up at her apartment and took her in shackles to be extradited that same hour to the US for trial, conviction, sentencing and immediate Prison time. Then in 10 or 20 years, send her back to Romania on a slow China boat.
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time? |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| reply to MGD
A few more snippets of logs from Mr "come and get me" Alba's hacking work on the phish hosting machine in Iran. It appears that he first made a home there over two weeks ago.:
89.136.119.91 - - [16/Aug/2006:23:03:02 +0330] "GET / HTTP/1.1" 406 2690
89.136.119.91 - - [16/Aug/2006:23:03:12 +0330] "GET /index.html.cz HTTP/1.1" 200 1634
89.136.119.91 - - [16/Aug/2006:23:03:13 +0330] "GET /apache_pb.gif HTTP/1.1" 200 2326
89.136.119.91 - - [16/Aug/2006:23:03:15 +0330] "GET / HTTP/1.1" 406 2690
89.136.119.91 - - [16/Aug/2006:23:15:25 +0330] "GET /index.php HTTP/1.1" 200 22
89.136.119.91 - - [16/Aug/2006:23:42:09 +0330] "GET /index.php HTTP/1.1" 200 22
89.136.119.91 - - [16/Aug/2006:23:45:56 +0330] "GET / HTTP/1.1" 200 16
89.136.119.91 - - [16/Aug/2006:23:46:01 +0330] "GET / HTTP/1.1" 200 16
89.136.119.91 - - [16/Aug/2006:23:54:40 +0330] "GET / HTTP/1.1" 200 536
89.136.119.91 - - [16/Aug/2006:23:54:43 +0330] "GET /sysdll.php HTTP/1.1" 200 7539
89.136.119.91 - - [16/Aug/2006:23:54:44 +0330] "GET /sline.gif HTTP/1.1" 404 281
89.136.119.91 - - [16/Aug/2006:23:54:45 +0330] "GET /pdown.gif HTTP/1.1" 404 281
89.136.119.91 - - [16/Aug/2006:23:54:45 +0330] "GET /login.php HTTP/1.1" 200 13382
89.136.119.91 - - [16/Aug/2006:23:54:45 +0330] "GET /go1.gif HTTP/1.1" 404 279
89.136.119.91 - - [16/Aug/2006:23:54:46 +0330] "GET /hide.htm HTTP/1.1" 404 280
89.136.119.91 - - [16/Aug/2006:23:54:46 +0330] "GET /addr.gif HTTP/1.1" 404 280
89.136.119.91 - - [16/Aug/2006:23:54:46 +0330] "GET /ress.gif HTTP/1.1" 404 280
89.136.119.91 - - [16/Aug/2006:23:54:46 +0330] "GET /ie2.gif HTTP/1.1" 404 279
89.136.119.91 - - [16/Aug/2006:23:54:47 +0330] "GET /logoEbay_150x40.gif HTTP/1.1" 200 954
89.136.119.91 - - [16/Aug/2006:23:54:47 +0330] "GET /or_60x23.gif HTTP/1.1" 200 261
89.136.119.91 - - [16/Aug/2006:23:54:48 +0330] "GET /logoVeriSign_100x65.gif HTTP/1.1" 200 1835
89.136.119.91 - - [16/Aug/2006:23:54:49 +0330] "GET /pdownclick.gif HTTP/1.1" 404 286
89.136.119.91 - - [16/Aug/2006:23:54:55 +0330] "POST /contact.php HTTP/1.1" 302 14753
89.136.119.91 - - [16/Aug/2006:23:56:47 +0330] "GET / HTTP/1.1" 304 -
Aslo a sample from the error logs:
[Wed Aug 16 23:00:15 2006] [crit] (2)No such file or directory: make_sock: could not bind to port 80
[Wed Aug 16 23:03:02 2006] [error] [client 89.136.119.91] no acceptable variant: d:/mssql/binn/lol/apache/htdocs/index.html
[Wed Aug 16 23:03:15 2006] [error] [client 89.136.119.91] no acceptable variant: d:/mssql/binn/lol/apache/htdocs/index.html
[Wed Aug 16 23:54:44 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/sline.gif
[Wed Aug 16 23:54:45 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/pdown.gif
[Wed Aug 16 23:54:45 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/go1.gif
[Wed Aug 16 23:54:46 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/hide.htm
[Wed Aug 16 23:54:46 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/addr.gif
[Wed Aug 16 23:54:46 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/ress.gif
[Wed Aug 16 23:54:46 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/ie2.gif
[Wed Aug 16 23:54:49 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/pdownclick.gif
[Wed Aug 16 23:56:52 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/hide.htm
[Wed Aug 16 23:56:53 2006] [error] [client 89.136.119.91] File does not exist: d:/mssql/binn/lol/apache/htdocs/pdownclick.gif
Of course no criminal fraudster even one at Mr "come and get me" Alba's two digit IQ level, would not test their phish to make sure that the victim's user id, password and card data was being collected:
quote:
-----------------------------------
Thu Aug 31, 2006 4:30 pm
Login: uasuags@yahoo.com
Password: peleu
CC Number: 4111111111111111
MONTH: 03
YEAR: 2009
CVV2: 123
PIN: 1234
89.136.119.91
-----------------------------------
Fri Sep 01, 2006 10:14 am
Login: ddfdf@ajdfhdhksj.com
Password: asdfsdfsd
CC Number: 4111111111111111
MONTH: 01
YEAR: 2006
CVV2: 123
PIN: 0650
89.136.119.91
-----------------------------------
Sat Sep 02, 2006 3:56 pm
Login: asugasguag@Yahoo.co
Password: mnihiashaihs
CC Number: 4111111111111111
MONTH: 02
YEAR: 2008
CVV2: 111
PIN: 0000
172.158.63.45
-----------------------------------
Sat Sep 02, 2006 10:30 pm
Login: test@test.com
Password: test
CC Number: 4111111111111111
MONTH: 01
YEAR: 2006
CVV2: 000
PIN: 4321
89.136.119.91
-----------------------------------
Except for the one test from an AOL IP, "Alba" performed the complete operation from IP 89.136.119.91. He hacked into the server, set up both an Ebay and PayPal phish, made several attempts to complete a 100,000 phish spam mailing all from the comfort of his Romanian IP.
He posts his criminal resume online, posts pictures of himself, posts his Date of Birth, full address, telephone number, his email address, AIM, Yahoo IM, and ICQ info. When "outed", with the jaevos of a bull and the brain of a flea he says "Come and get me". However, after taking stock of his current situation he promptly changes his gender and begins his disguise.
Having any second thoughts there... Mr Miss "come and get me" Borcila Alba ???
MGD |
|
garys_2k
join:2004-05-07
Farmington, MI | reply to MGD
Awesome work! Let's hope he spends some time in prison. |
|
simpfan742
People Call Me Andrew.
Premium
join:2003-05-18
Belmar, NJ | reply to MGD
Beautiful work! I really enjoyed reading this. Funny, too.
--
My Gallery |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| reply to MGD
said by MGD :Since this story has came to light,"Andra" has been busy over the past 24 hours !! It now appears that after this posting the Romanian criminal Mr. Borcila Andra may be a little shy about his full time occupation of criminal phishing and credit card and identity fraud. I will agree however, that Mr. Borcila Andra is not in any danger of winning the "Smartest Criminal of the year" award !. That's too damn funny. Excellent!! Scared the male out of him and she lost her jewels.....
Keep up the Great Work!!!
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time? |
|
