Difference between revisions of "Flash Mob 15 Target Details"

From aa419
Jump to: navigation, search
Line 233: Line 233:
 
http://db.aa419.org/fakebanksview.php?key=10180
 
http://db.aa419.org/fakebanksview.php?key=10180
  
* Evidence
+
* Claims to be Verisign partner. But the Verisign logo on the site is not clickable.
* Evidence
+
* Insecure [http://www.realfastshoping.com/login.asp login] and [http://www.realfastshoping.com/register.asp registration] - No SSL certificate.
* Evidence
+
* Hmmm - i want to call the company but [http://www.realfastshoping.com/contactus.asp where is the phone number] ?! Anyways i will just go visit the company .... hmmmm - no address listed on the site ...?!!

Revision as of 20:56, 17 November 2006

What are these sites?

These are fakers that web hosts haven't bothered to take down. They're happy to let fraud run free on their servers, despite overwhelming evidence that these companies aren't real. Take a look over some of these sites for yourself... given the facts, would YOU want to do business with them?


everbrighttrust.com

Everbright Trust Finance & Security and Delivery Services

IP: 218.66.104.248 => Chinanet => abuse@fjdcb.fz.fj.cn
The first complaint about this site was sent on 29 May 2006!

http://db.aa419.org/fakebanksview.php?key=7552

  • No legitimate bank would ever use insecure logins.
  • This "bank" is not registered with the Chinese authorities, which is absolute proof (if it were needed) of its fake, criminal nature.

alexanderattorneys.org

Alexander Attorneys

194.106.33.35 => server0001.freedom2surf.net => Freedom To Surf Ltd => abuse@freedom2surf.net,abuse@nildram.net, abuse@pipex.net
The first complaint about this fake barrister was sent 13 July 2006.

http://db.aa419.org/fakebanksview.php?key=8344

  • The Home and Members pages sport a photo labeled "Advocate," which is actually of J. Whyatt Mondesire, president of the Philadelphia chapter of the NAACP, as can be verified at http://www.naacpnet.org/.
  • The e-mail address for the company -- alexander-attorneys@lawyer.com -- is a free account.

diplomaticcargovoyage.com

Diplomatic Cargo Voyage Services Inc.

66.29.40.210 => ns1.macfonse.com => Net Access Corporation => abuse@nac.net
The first complaint about this fake barrister was sent 19 September 2006.

http://db.aa419.org/fakebanksview.php?key=9375

  • This site claims to be "an independent offshore financial reconciliatory agency" -- whatever that is. There is no such thing in the real world.
  • There is no such thing as a private diplomatic courier firm anyway.
  • The phone number for their French branch resolves to a mobile phone, and the Asian branch (which has no address listed) offers a satellite phone number.

globalcredituk.com

Global Credit Bank Online aka Global Credit Bank and Trust Company

61.151.239.39 => Chinanet => abuse@public.xz.js.cn, abuse@pub.xz.jsinfo.net
The first complaint about this site was sent 5 June 2006.

http://db.aa419.org/fakebanksview.php?key=6448

  • globalcredituk claims to be in the United Kingdom, but the faker forgot to remove the words Bloomington, Illinois from the copied text on the fake site!

langalbertchambers.com

Nkosijabu & Chambers Association "Legal Services Shop"

218.66.104.248 => Chinanet => abuse@jsinfo.net, spam@jsinfo.net, abuse@fjdcb.fz.fj.cn
The first complaint about this site was sent 13 July 2006.

http://aa419.org/fake-banks/fakebanksview.php?key=7576

  • Evidence
  • Evidence
  • Evidence

lavegardesecurity.net

Lavegarde Security Company

84.246.225.130 => Hosting ELB Multimedia => netissime.com => dave@netissime.com, direction@netissime.com, pb@netissime.com
The first complaint about this site was sent 3 September 2006.

http://db.aa419.org/fakebanksview.php?key=9080

  • Their listed telephone number is a mobile. If they've got an office, why can't they use a landline?
  • Googling the company's name brings up no references to the site as a legitimate business, but it does find that the site is blacklisted for being involved in 419 fraud.
  • The text includes such poetically bad items as: "Today, we serve a global world and go to more places than ever before," yet nobody except anti-spam blacklisters have ever heard of them.

transglobefins.com

Transglobe Finance Security and Delivery International

61.151.239.151 => Chinanet => anti-spam@ns.chinanet.cn.net???
The first complaint about this site was sent 1 July 2006.

http://db.aa419.org/fakebanksview.php?key=7728

  • This one purports to be an "international lottery agency," even though there is no such thing.
  • They have no telephone number, and the only address is a post office box in Hong Kong.

asianetbank.com

Asia Bank

218.30.114.152 => CHINANET IDC center China Telecom => bjnic@bjtelecom.net, ctsummary@special.abuse.net, postmaster@bjtelecom.net, jiadn@bjtelecom.net, anti-spam@ns.chinanet.cn.net (from whois @ whois.abuse.com for bjtelecom.net)
The first complaint about this site was sent 6 November 2006.

http://db.aa419.org/fakebanksview.php?key=6242

  • They do not even say in which country they are located in, which is ploy to avoid being checked against a regulator's list of registered banks.

ics-expressdeliveries.co.uk

International Courier Systems

83.170.64.73 => ultra9.uk2.net => UK2.NET => ripe@uk2.net, abuse@uk2.net
The first complaint about this site was sent 1 November 2006.

http://db.aa419.org/fakebanksview.php?key=10068

  • Does this look familiar? It should; it's a clone of skyexpressdelivery.co.uk -- another fake courier hosted by the same company. The two also share the same putative address.
  • The fakers stole most of their text from this legitimate courier's Web site: http://www.orbital-express.co.uk/ -- adding a fake package tracking system to the stolen content.

bohaitrust.com

Bohai Trust Finance & Security Delivery Services

61.145.116.173 => dns.cnmsn.net => Chinanet => ???
The first complaint about this site was sent 14 June 2006.

http://db.aa419.org/fakebanksview.php?key=7899

  • Not registered with the Chinese banking authorities.This is the most damning evidence of all, and proves absolutely that this "bank" is fake.

skyexpressdelivery.co.uk

Sky Express Couriers

83.170.64.74 => ultra1.uk2.net => UK2.NET => ripe@uk2.net, abuse@uk2.net
The first complaint about this site was sent 3 November 2006.

http://db.aa419.org/fakebanksview.php?key=10220

  • Does this look familiar? It should; it's a clone of ics-expressdeliveries.co.uk -- another fake courier hosted by the same company. The two also share the same putative address.
  • The fakers stole most of their text from this legitimate courier's Web site: http://www.orbital-express.co.uk/ -- adding a fake package tracking system to the stolen content.

robo.org.uk

Incombank PLC

83.170.64.71 => ultra1.uk2.net => UK2.NET => ripe@uk2.net, abuse@uk2.net
The first complaint about this site was sent 11 November 2006.

http://db.aa419.org/fakebanksview.php?key=10392

  • While the main page, http://www.robo.org.uk/, appears to be empty, there is content hidden at http://www.robo.org.uk/default/ -- a feeble attempt to hide the site from regulators and scam-fighters. Naturally, real financial institutions do not hide their Web sites from customers.
  • world.gif

(Logo from the fake site. The north-south rotation, like the "bank," bears no relation to the real world)

rdut-online.com

Royal Dutch Finance Ltd.

205.209.113.214 => Host Department LLC => abuse@worldispnetwork.com, abuse@hostdepartment.com
The first complaint about this site was sent 17 October 2006.

http://db.aa419.org/fakebanksview.php?key=9871

  • This site claims to offer both "haulage" and banking. Companies in the real world don't offer this bizarre combination of services. Only in the world where trunkboxes filled with the millions left by ex-dictators do such companies exist.
  • Their telephone number resolves to a cell phone.

atlantcargo.com

AtlantCargo

66.29.87.186 => ns7.myhostnet.net => Net Access Corporation => abuse@nac.net
The first complaint about this site was sent 17 October 2006.

http://db.aa419.org/fakebanksview.php?key=9876

  • The phone number resolves to Hamburg, DE not Berlin as they state on the site.
  • The company claims to have been in business since 1997, but the site is registered october 4th 2006
  • A large part of the text is copied from elsewhere

realfastshoping.com

Real Fast Escrow

207.155.252.97, 207.155.252.219, 207.155.252.14, 207.155.248.14 => XO Communications => abuse@xo.com
The first complaint about this site was sent 30 October 2006.

http://db.aa419.org/fakebanksview.php?key=10180

  • Claims to be Verisign partner. But the Verisign logo on the site is not clickable.
  • Insecure login and registration - No SSL certificate.
  • Hmmm - i want to call the company but where is the phone number ?! Anyways i will just go visit the company .... hmmmm - no address listed on the site ...?!!