Identity thieves are out there, waiting to use your own computer to steal your identity from you. Fight back against cyber crime and don't let them take advantage of you. It's time to take your online security into your own hands. It is my hope that by sharing my own experiences with identity thieves and other online predators trying to get my information I will help someone else learn to spot such underhanded tactics before they are taken advantage of.






They are persistent, I’ll give them that



My accented little stalkers called me back up today regarding my domain name and that fax they want to send to me. This time the fellow still had an accent, but he had much much much better English skills than the last two had possessed. I could understand what he said… I just could not write quickly enough to keep up with what he was saying they had to send me the fax for and have a poor memory (Note to my readers - never get old. ::sigh::) Anyway, as for the call….

The fellow identified himself as Mark Robinson and said that he was from Domain Registry Support and had to send me a fax regarding my domain. (Not this one, and I am not disclosing the name of the one he called about.) I asked him exactly what it was that he had to send me, and he yammered off something about a notice on my domain. I was not satisfied with why someone with an accent I hesitate to pinpoint exactly (wasn’t German, English Spanish or Oriental though) would need to send me a fax. I asked him if it was because my domain was about to expire or something (remember, this is the one I know has a year before I need to renew it), and he said something about it being “A notification that could range from the expiration date to…” I missed what “to” was all about because he seemed to talk faster from the moment he said “notification”. I don’t think he wanted me to know what he was sending me. lol

I asked him what hosting company my domain was registered through - he did not have that information. I asked what one he was calling for, since he was sending me something regarding my site and he said something about being able to give me a 1-800 number and I of course said “Yeah, gimme that!” ::snicker:: He gave me a number saying I was to call them and “ask about the hosting company of my domain” (like I really have to ask someone else who my hosting company is?!?).

I took the number, 1-800-591-7398, to Google and asked them to find it for me. That brought up a page of assorted phone number matches and near matches. One match was for followmeonline.com:

followmeonline.com
Call Toll Free: 1-800-591-7398 … Domain name included 1 email address at your domain name 24-hour toll-free phone … 9.95 $2.99 1 / year (save 70%) Reserve …
followmeonline.com - 14k - Cached

Ah ha. Another little gem I found (who I will link to) is HyperOrg.com - Domain Registry Support. Check that out, it’s a blog entry on these same dudes and a long list of comments by people that have encountered them. Some have very good advice, I was particularly amused by the one who in 2006 said to tell the guys to call 202-456-2461 (contact number for the White House).

Anyway, as for the fellow that has been calling me. I went to the Big G then and asked Google what they knew about the phone number that Mark Robinson had given to me. Yup, them guys get around - and they have a bad reputation based on the complaints I have seen so far.

Time for a little more digging, just to make sure you avoid them, don’t you agree?

Numbers reported by people at 800Notes are: 800-223-9113 and 800-224-8606
One fellow offered up the additional comment of: “Based on tracking it looks like it’s coming from an area called Pinellas Park Florida for anyone out there investigating. No caller ID information” (guess that’d include me? huh? lol)

This sounds familiar: “05/05/08 10:50AM PST - Call from woman with Indian accent saying she needs to update our website domain information. I said we normally get emails for that. She said that thier email server is down for an anti-virus upgrade and asked for my fax number. I said we will just wait for thier server to come back online and get an email. I then hung up on her.
Caller ID: 800-224-8606″

That was the exact same response I got from the gal just the other day, only I baited her on to waste her time and delay her trying to call the next poor fellow on her list. There were 6 pages of complaints (I linked to page 5), so I’ll move on and leave you to read more if you want to follow the link.

Statistics I have got for the guys:

At the Followmeonline.com URL they want you to register your domain with them (which seems to be hard to get back away from them once you have done it), then they’ll also sell you:
“Add email…. add website… private domain registration for an extra $9 a year to keep your information private (For just $9 they’ll protect you from people like them!)… starter web page with basic information until you’re ready to upgrade to a full package (AKA: they’ll sell you one of them ad filled spammy ‘holding’ pages until you agree to pay for a full website)… domain locking to prevent domain being hijacked (Ain’t that called letting the fox guard the hen house?)…” and the list goes on.

Basically it can cost you a minimum of an arm to get your domain hosted by them, throw in an optional leg and they’ll make sure no one else can do to them what they just did.

I also looked at domainregistrysupport.com, but I did not spend any time looking deeper into the pages - I’m already satisfied these guys are nothing but a spammy scam company that should be trounced off the Internet, no need to waste more of my time. If they call you ask them how stupid they think you are and hang up on them - unless you want to have some fun, then by all means feel free to act the part of the kitty and keep the little mice on the phone. Just be careful and don’t let any real information slip out about you or your sites. I’m going to go find some breakfast now.









Domain name theft is a serious issue



Well, some people seem to try twice. Or at least their group tries twice. I got another phone call this morning, from some gal with the same accent as the guy that called me before, concerning the same domain name. The gal said that she wanted to send me a fax concerning the domain - She said that she was from “Domain Registry Support” and her name was “Tammi” (think that was name she gave, she evaded confirming when I tried to confirm what it sounded like).

Hmmmm.. Domain Registry Support is a rather vague nam, don’t you think? Particularly when the domain in question is registered in the United States and that is the second call I have received about it from people with definite foreign accents who are obviously trying to speak English as their second language. I’m elevating this from “possible scam” to “Oh yeah, these guys are fishing for something”.

As with the first call, I was asked if I had a fax. This time I quickly said that I don’t have one here, but I can see about getting a fax delivered to some place like Mail Boxes Etc. and pick the fax up there. She seemed uncertain but agreed she could call me back for the number of the place to send the fax to. It is soooooooo tempting to call the local Internet Scam dudes at my local police department - but since I am currently living with someone else and don’t know if the cops would need to be coming here or not, I am hesitant to subject the folks I live with to having to deal with the possibility of having police stomping through their house. If I was living in my own place — ohhhh yeah, I’d have been on the phone to my local PD the moment I hung up asking to speak to their Internet Crimes Division.

But, I really don’t expect her to call back anyway. I mean, hell, they’ve tried to snare me twice, they have to be getting the idea by now that even though I have a tasty looking domain sitting there - I’m not about to fall easily for some scammer trying to highjack my domain name out from under me.

Something I have learne, however, is that this is a more widespread problem than I had realized.

One site that caught my attention was Getting a stolen domain back (www.preventdomaintheft.com), a blog kept by Bjørn Kassøe Andersen of www.direction.dk. When Direction.dk’s .com domain (www.direction.com) was targeted by domain thieves, Andersen fought back. Find out why they fought back at the blog linked to above.

While I have not found any that are as famous as the sex.com, there are far more domain name thefts occurring than I would have guessed - and it is very easy for thieves to do. The story of sex.com can be found in a good article at eweek.com titled The Story of Sex.com, or check out Wikipedia’s entry for sex.com.

The scary part is, how easily so many of these thefts could have been prevented. One case highlighted in the 2003 TechWorld article titled “How to steal a domain name in easy stages“, the thief stole the domain DVDMovies.com after they created an obviously false driver’s license which they presented as verification that the domain was being transfered. Thankfully Arnold Jones, the owner of DVDMovies.com was able to sort it out and now has his real driver’s license on file with orders for none of his domains to be transfered without a perfect match on the license.

One other site that caught my attention today was www.DomainTheft.org, a site with the sole purpose of giving people a place to report domain name thefts. DomainTheft.org also brought another angle of this problem to my attention - credit card chargeback. This is where the thief buys the domain name from you legally on a domain name seller’s forum, then after they have it in their name - they chargeback their credit card to get the money they paid for the domain back - keeping control of the domain. DomainTheft.org has a list of recently stolen domain names, as well as reports on the identities of known scammers on popular domain name forums.

My best advice? Be careful and don’t give anyone any information about your domain. I know no one has to get anything on my domain, so I’m not about to fall for this scam these folks are trying to sneak past me. I hope you never fall for one either, but I’ll promise to have information here to help you get your identity (including your domain name) back if the worst should happen. And it can happen, even eBay guards against their valuable domain being highjacked and very recently PC Magazine covered the news that Pakistan launched an attack on YouTube.









TrojanToWorm Toolkit



As if we needed any more reason not to open .exe files there is a new one reported by the PandaLabs Blog this past Tuesday. PandaLabs Blog has reported a Trojan to Worm program that seems to have been created in Spain. The program gives even laymen wanna-be malware programmers an easy user interface to turn any executable file into a worm.

The TrojanToWorm Toolkit seems to be an effort by some malware programmer to make the creation of malware easily accessible to anyone with a few minutes and devious intentions. The TrojanToWorm Toolkit even lets the malware creator tell the malware to not infect PenDrives connected during specific user sessions or connected with specific names.

According to SC Magazine experts say that the T2W Toolkit seems to be a ploy to keep the heat off of more sophisticated hackers, but they fail to say who the “experts” are. I assume they are referring to the PandaLabs security personnel, one of which they mention having spoken to in the article.

I’ve learned new lingo as I look into the story of the T2w Toolkit, stuff such as script kiddies to describe n00b hackers that want to be hackers when they grow up. The T2W Toolkit is apparently believed to be aimed at letting them have fun in the World Wide Web sandbox while the more experienced hackers creep in under the radar and hack data.

One tidbit I got from the SC Magazine article that I am uncertain I’ll put to the test is that identity theft malware is beyond the abilities of script kiddies.   I don’t think I’ll risk the little rug rats not being able to figure out something devious.  They obviously have nothing better to do with their time than cause mayhem, so why trust that they can’t find ways to steal identities as well?

I’ll keep watching for more information on this T2W Toolkit stuff and update the blog as I get more information.