Domain Registraton Scam – Bad Actors from China

Be careful out there. I just got this email the other day, and while it looked dodgy from the outset, I thought I’d follow it down the rabbit hole to see where it went.

Dear sir or madam,

We are a registrar for domain names authorized by Chinese government. Today, we received an application from Daoc International ltd applying to register [domain] as their brand name and some top-level domain names(.CN .HK etc). After our initail checking, We found the main body of domain names is same as yours.

We are handling the application and we need to confirm whether or not you authorize them to register them? Let me know your positon ASAP so as to solve it promptly. Looking forward to your reply.

Best regards,
Elvin Lee
Tel:+86-551- 6349 1191
Fax:+86-551- 6349 1192
Address:No.413,Changjiang Road,Hefei City,Anhui Province

OK. So I simply responded and said, “These domains are not authorized, thank you.”

Next up:

Notice: regarding this case, we did not receive any of your reply until now. Concerning the mentioned brand name please confirm whether you need to register by yourselves? If need, please let us know in time, we can send an application form to you. If you think the registration of that company or the use of the brand name will not bring any negative effect to your company, i suggest you can give up the brand name, then we will accept that company application unconditionally. Further questions please contact me in time.

Followed the same day by this:

Notice: hi, i am Elvin Lee. We had discussed the case about disputing your company’s brand name. You have never registered the brand name, the dispute period will come soon. If your company does not register the brand name, we will start aforesaid company registration within 2 workdays. That company will become the legal owner of the brand name in the world. We had notified you, so we are not responsible for any dispute question about your intellectual property right and trademark after they succeed in registration. If you have any questions, pls contact us within 2 workdays.

Basically telling me I’ll lose worldwide rights to my domain name if I don’t quickly take action, or alternatively, I should abandon my own domain so that they can legally register it with other companies.

Lastly, today:

Thanks for your confirmation. As soon as receiving the application of that company, we checked and found [domain] is your company’s using name. We are concerned that your name might be affected negatively by their applications, this is why we informed you. Following brand name and domain names are applied by that company:
Brand name:
[domain]
Domain names:
[domain].asia
[domain].cn
[domain].com.cn
[domain].com.hk
[domain].com.tw
[domain].hk
[domain].in
[domain].net.cn
[domain].org.cn
[domain].tw
[domain].co.in

You know that the domain names registration is open in the world, that company also has the right to apply for the available domain names. You only have the preferential rights to register them.

At present, we haven’t passed their application, we need your opinion. If your company consider these names of importance to your company’s business or interest, i suggest that your company register these names first so as to avoid confusion or speculation. Of course, If you don’t think their application will affect your company in the future, you can give up these names so that we can finish registering for them. Please give me your company’s decision as soon as possible.
Uh, no. While I have no doubt that there are many good and honest Chinese businesses, this is not one of them – in fact, falls under the rubric of “morals of a honey badger.”
Above and beyond the standard advice, “Never deal with spammers,” I’d add that you be extraordinarily careful when unsolicited business proposals come from China – in other words, be doubly vigilant.
The Old Wolf has spoken.

An especially convincing Phishing scam

Here’s the email that came to me yesterday:

Image1

  1. Notice that it appears to come from “Paypal.com,”  However, the original sender was 23.249.163.109 (if even that’s not spoofed) which is in Buffalo, NY rather than PayPal’s headquarters which is in California.
  2. Second, the message is an image rather than text. That’s a red flag right there. The images link back to:

These are definitely nothing linked to PayPal. So we know even without any further examination that we are dealing with a phishing scam.

The image itself, if you click on it, will lead you to a long URL which actually contains the email address that their phishing email was sent to. If you click on these links, they know who you are.

http://redirect.paypal.com.0.session…..=MyEmailAddress@comcast.net

Image2

So notice that when you get to the phishing website, they already have your email address. This is what makes the scam more credible – they’re not asking for your PayPal ID, because they are counting on the fact that you use your same email address as your PayPal address, and they already have that.

If you foolishly enter your password, the first thing you’ll see is this bit of misdirection:

Image3

But that’s just a clever bit of misdirection. So you try again, and this is what you get next:

Image4

Which soon passes to:

Image5

And off to the races we go.

REMEMBER: Banks or PayPal or other financial institutions will NEVER ask you to verify information like this via email. All such requests are SCAMS.

When I check out websites like this (don’t try this at home – you could also be picking up a lot of malware if you’re not properly protected), I usually enter really insulting phrases for names, cities, and so forth. It’s a small thing, but it’s really the only way I can get under the skins of these criminals.

Image6

That billing address is nothing I would ever want to repeat in polite company – but notice that the scammers are trying to make their victim think they already have a credit card on file, and you’re just supposed to verify it.

Image7

So again I give them some bogus information that could never be used as a real card or be used to hurt anyone else.

Image8

The last screen will redirect the victim, once they have handed over their sensitive information to thieves, to the real PayPal website. Notice however – nothing else on the page works. All the other links are non-existent.

This scam is well-contrived enough that I fear any number of people will be taken in.

The most important thing to remember is that, as I said before, PayPal will NEVER ask you to give up sensitive financial information like this through an email message.

Be careful out there, and protect your loved ones.

The Old Wolf has spoken.

If they’re willing to spam you, think twice. No, think three times.

Spam is one of the plagues of the 21st century. Despite feeble efforts of government regulatory bodies (think CAN-SPAM act, which resulted in an increase of spam), spammers continue their tactics. In the second quarter of 2013, per Kaspersky, spam comprised 70.7% of all email sent globally.

All you have to do is look at the kind of things caught by your spam filters to get an idea of the reputability of companies who are willing to spam you – porn, get-rich-quick offers, penis/breast enlargement, Canadian pharmacies (typically run by
Russian crime syndicates), diploma mills, real-estate swindles, wrinkle creams, hair-regrowers, insurance fraud, worthless supplements, cable/satellite/internet/TV scams, weight loss “miracle pills,”… the list goes on and on.

The trouble is – spam is profitable. People answer ads, buy products that they don’t need and that don’t work, and spammers make money.

Granny-Grandma-Internet-old-people

But there’s a reason that spam is also called “junk email” – and that’s because almost everything offered to you by spammers is just that – junk. It’s worthless, and probably worse than worthless – it could end up costing you lots of money and frustration. You would think this goes without saying, but obviously it doesn’t.

Let’s look at an example, arrived freshly steaming in my junk folder today:

CHW

First off, the mail consists of an image, which makes it hard for spam filters to tag it. Anyone who works hard to defeat built-in and ISP protections against spam probably has the ethics of a honey badger.

This particular ad touts a “home warranty service,” which is really nothing more than a pre-paid service contract on home appliances and infrastructure. But what does the Better Business Bureau have to say about CHW?

Government Actions

New Jersey Division of Consumer Affairs Complaint
Date of Action: 7/28/2014
The following describes a pending government action that has been formally brought by a government agency but has not yet been resolved. We are providing a summary of the governments allegations, which have not yet been proven.

On July 28, 2014, the New Jersey Division of Consumer Affairs filed a Complaint in Superior Court in Middlesex County against CHW Group, Inc., d/b/a “Choice Home Warranty,” an Edison-based company that allegedly induced consumers to buy “comprehensive” coverage for crucial home systems and appliances, and then denied consumers’ claims for repair or replacement through the use of deceptive tactics. As a result, consumers who paid hundreds of dollars for CHW’s “home warranties” – which are actually residential service contracts – were forced to pay out-of-pocket for air conditioning, refrigerator, or other repairs that allegedly should have been covered under their “warranties” with CHW.

As set forth in the State’s complaint, filed by the Division of Law on behalf of the Division of Consumer Affairs:

CHW and its principals often denied claims based on consumers’ supposed failure to properly maintain their covered home systems or appliances. The defendants also often denied claims based on supposed pre-existing defects. The company denied claims even when technicians declared that the covered home systems or appliances had been properly maintained, and/or had failed for reasons not related to poor maintenance or pre-existing problems.

As a way of denying claims, the defendants on many occasions demanded that the consumers provide years’ worth of records to prove they performed regular maintenance on the covered items. These denials were issued despite the fact that CHW’s residential service contract does not state that the company can demand maintenance records from consumers.

Additionally, when consumers requested specific explanations for their denial of claims in writing, CHW on many occasions failed or refused to provide written explanations.

CHW also promised consumers that if covered items could not be repaired, the company would replace them. However, when consumers needed to replace covered items, the company often required consumers to accept cash “buy-outs.” These “buy-outs” were hundreds of dollars less than the consumers’ cost to replace the items.

CHW also repeatedly failed to deliver on its promises for prompt service. In several cases this was because the company failed to pay its contracted technicians.

CHW’s residential service contract states that, upon receiving a request for service, the company will contact a local technician within two days during normal business hours and four days on weekends and holidays. However, CHW did not have contracted technicians in some areas. Consumers in those areas had to find their own technicians, then pay the technicians directly and seek reimbursement from CHW. On other occasions, contractors sent to consumers’ homes by CHW turned out to be unlicensed and/or uninsured.

The State’s Complaint ultimately requests that the Court, among other things, find that the defendants violated the Consumer Fraud Act and Advertising Regulations; order defendants to pay consumer restitution; declare CHW’s residential service contracts with consumers to be null and void; and impose civil penalties.

For more details go to:
http://nj.gov/oag/newsreleases14/pr20140728a.html

In response to these charges, the business provided the following statement:

“We are disappointed that the State has chosen to file this lawsuit. We unequivocally dispute the allegations, intend to vigorously defend against them, and are confident that we will ultimately prevail. Choice Home Warranty has fielded thousands of warranty claims from our customers, resulting in claims payments of tens of millions of dollars. In fact, many of the complaints referred to by the Attorney General’s office, were resolved long ago, to the satisfaction of the consumer.”

This particular suit is ongoing, and allegations have not been proven… but the number of complaints, roughly 300 per year, is probably a pretty good indication that not all is well. I return again to the simple fact that this company is willing to advertise via spam, always a huge red flag in my book.

Have a look at a gripe posted at complaintsboard.com on 3/20/15, yesterday as of this writing:

Every time I called, they sent someone out. I paid the $45, only to find out a repair wasn’t covered. Then, my washing machine was acting up. Replacing the mother boards was more than what the machine was worth. They opted to send me a check for $300. That was a month ago – currently, no check. I then had another claim, and again, it wasn’t covered. So I told them that since they don’t cover items for my home, I wanted to cancel. I received a call last week stating that since I cancelled, they wouldn’t send the $300 check. I told that person that I filed the Washing Machine claim over a month ago, and that check should have already been issued and mailed. He hung up on me. So, I have been emailing CHW about the status of my account and check and received nothing. Then, just now, I called CHW customer service and asked who the President and CEO is, and they put me on hold and never came back on the phone. I want to file a formal complaint. Make sure to have my account closed and have that $300 check which I am entitled to. Horrible, horrible bait and switch and God awful Customer Service.

Here’s one from Ripoff Report:

Our A/C compressor stopped working. It is 17 years old (we bought the home less than 6 months ago) and choice thinks it should last 18 years. They call it “premature failure” which is not due to normal wear and tear, so they denied the claim. They advertise that they will cover your appliances no matter how old. Don’t believe it! Their exclusions are general enough that they can deny any claim.

So you pay to sign up, you pay $45.00 for a service call, and often you are told that the repair isn’t covered… this echoes the kind of allegations leveled by the New Jersey Division of Consumer Affairs. And when you try to get a complaint resolved and get the kind of “customer service” related above, you know you are dealing with a company that doesn’t give a rat’s south-40.

Before you even consider dealing with a company that spams you, no matter how appealing the offer may look, do some research.

In the interest of full disclosure, and the Internet being what it is, the presence of a complaint anywhere does not guarantee that a company is malfeasant or dishonest. But as you are doing your research, look for patterns. If there seems to be an abundance of complaints across multiple sites, you might want to look elsewhere. Also, the BBB is in business to make money, and companies can purchase accreditation with them, so being accredited with the BBB is also not a guarantee of ethicality.

As always, please watch over your loved ones – especially the elderly and vulnerable. Educate them to stay away from spam offers if they have access to email.

The Old Wolf has spoken.

Congratulation from Samsung. Uh, No.

In yesterday’s email:

SAMSUNG UK HQ

SAMSUNG Office (Paddington), London,

United Kingdom.
London, W6 9PE.
Company No: 4620511
FROM THE DESK OF SAMSUNG 2014 PROMOTIONAL AWARD.
Dear Email Owner,
This is to officially inform you that your E-mail have been verified and pronounced as the lucky winner of 500,000.00 GBP, in the 2014 Award By (SAMSUNG Draw Promotion UK) wishes to congratulate you over your Email Address success in this financial bailout plan. Your Email Address emerged as one of the ten final recipients of a Cash

Please Contact Us.  {samsung.claimoff_uk@outlook.com}

1. Full Name’s:
2. Sex:
3. Country:
4. State/City:
5. Contact Address:
6. Mobile/Tel Number:
7. Marital Status:
8. Occupation:
9. Date/Age:

The grammar and spelling is enough to make this a dead giveaway as a Nigerian scam. If you get this email, or one like it, throw it directly in the trash. If you respond, you’ll be hit up for as much money in fees and taxes and transfer agents and bribes as you are willing to shell out. As for what you’ll get?

n827576771_677258_6298

And that’s the sum total of the transaction. Be careful out there.

The Old Wolf has Spoken.

Forskolin – It sounds vaguely indecent.

junk

Just got this in my spam box today. It appears that Dr. Oz has now moved from hawking garcinia cambogia to this new garbage, Forskolin. The name sounds thoroughly unsavory for reasons I won’t go into here.

I found a great post over at Science Based Medicine that says many of the things I’d normally post here, so I’ll just refer you to that article, and other posts on the same website are worth reading as well. One good quote I will extract – all of these weight-loss nostrums

“…fit the same pattern: a small grain of plausibility, inadequate research, exaggerated claims, and commercial exploitation. There are always testimonials from people who lost weight, probably because their will to believe in the product encouraged them to try harder to eat less and exercise. But enthusiasms and fads don’t last. A year later, the same people are likely to be on a new bandwagon for a different product. Dr. Oz will never lack for new ideas to bolster his ratings. Enthusiasm for easy solutions and for the next new hope will never flag as long as humans remain human.”

In short, it’s all bulldust. But as network marketers will tell you, health and wellness is a trillion-dollar industry, and everyone is trying to get a slice of that pie. As one associate put it, that business is big enough that it would be sufficient to lick the knife that cut the pie. The sad part is, the pie is a lie. Most of what is hawked and marketed has little or no value. As I mentioned over here, if you want to release weight, eat less, eat better, and exercise more.

As a final note, a couple of rules of thumb regarding spam messages like the one above.

  1. It’s a scam. Legitimate businesses don’t advertise using spam
  2. Never click the link that says “unsubscribe.” You’ve just confirmed to these unethical dipweeds that your email address is real and active. It will be sold to other scumbags, and your level of spam will increase.

Be careful out there.

The Old Wolf has spoken.