Browsed by
Author: Derek

Alert: fastweedonline.com: What you might need to know

Alert: fastweedonline.com: What you might need to know

Domain fastweedonline.com  is currently registered with ICANN accredited registrar Namesilo: Domain Name: fastweedonline.com Registry Domain ID: 1944472965_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.namesilo.com Registrar URL: https://www.namesilo.com/ Updated Date: 2017-05-10 Creation Date: 2015-07-04 Registrar Registration Expiration Date: 2020-07-04 Registrar: NameSilo, LLC Registrar IANA ID: 1479 Registrar Abuse Contact Email: abuse@namesilo.com Registrar Abuse Contact Phone: +1.4805240066 Status: clientTransferProhibited This domain is shielded via Namesilo’s associated PrivacyGuardian.org proxy service. Registrant Name: Domain Administrator Registrant Organization: See PrivacyGuardian.org Registrant Street: 1928 E. Highland Ave. Ste F104…

Read More Read More

Understanding the Cameroonian Pet Scam

Understanding the Cameroonian Pet Scam

In a previous article we mentioned that not much is known about the Cameroonian Pet Scam or this type of fraud emanating from West Africa. We mentioned the pet scam, the weed scam and stolen credit card details. This article quickly looks at one scammer found that will illustrate this type of cyber-crime.

A Tale of Two Fraud Facilitators: Ladette and Guy

A Tale of Two Fraud Facilitators: Ladette and Guy

The question has often been asked: How large are the scammers nests? In the previous post, From Benin: A Loan Scam Syndicate, we explored a syndicate operating from Benin, defrauding consumers mainly in Europe, the United Kingdom and Canada, having over 300 domains. To show this is not an isolated incident and that domain fraud abusing fake domain registration details is rife, we will now look at two identified facilitators in Nigeria working in concert. First a female was identified…

Read More Read More

From Benin: A Loan Scam Syndicate

From Benin: A Loan Scam Syndicate

In November 2016,  the On-line ADR Center of the Czech Arbitration Court (CAC) made a UDRP ruling on the domain CREDIT-BOURSORAMABANQUE.COM, where this domain was found to be violating Bourorama SA’s rights. Ref: http://udrp.adr.eu/adr/decisions/decision.php?dispute_id=101308. In the notable portions in this judgment, we find the following: Factual Background FACTS ASSERTED BY THE COMPLAINANT AND NOT CONTESTED BY THE RESPONDENT: The Complainant, BOURSORAMA S.A., is a French company founded in 1995 and is active in online brokerage, the provision of financial information…

Read More Read More

Whoisguard: A proxy for crime targeting the USA from the USA?

Whoisguard: A proxy for crime targeting the USA from the USA?

 Background: A domain proxy is a system whereby a domain owner, the registrant,  hides his or her details for a domain registration behind a registrar or reseller’s proxy. The proxy owner substitutes his own details for those of the registrant, the domain owner. This is a great shield for legitimate users wishing to protect their privacy, but also attracts malicious registrants using fake registration details.

Web.com – wrong excuse

Web.com – wrong excuse

Web.com and Consumer Harm This blog post will illustrate what happens when Network Solutions is made aware of serious issues on their service. Network Solutions is a leading US based registrar, a member of the Web.com Group, Inc. For any abuse issues with their service, they insist the abuse form at https://abuse.web.com/ be completed. Also for fake domain registration details. So what happens if this route is followed? The domain and the scam Let’s first consider the malicious domain hyperchems.com…

Read More Read More

Introducing WHOIS flaky factor

Introducing WHOIS flaky factor

AA419 has introduced a new toy for internet researchers. Background When looking up the registration details (WHOIS) for a domain, in the thin domain gTLD model, we are reliant on registrars to supply these services. Essentially the access should be freely available and meet the following specifications as per ICANN Registrars and registries [PDF, 649 KB] are obligated to provide access to WHOIS data through registration data publication services. It must be publicly available in a specific format and on…

Read More Read More

aa419 DDoS Aug 2013 Breakdown; AFRINIC

aa419 DDoS Aug 2013 Breakdown; AFRINIC

This post forms part of “aa419 DDoS Aug 2013 Breakdown” split for ease of reading Here are statistics for bots from the AFRINIC region, broken down by Country code, ASN, IP address

aa419 DDoS Aug 2013 Breakdown; APNIC

aa419 DDoS Aug 2013 Breakdown; APNIC

This post forms part of “aa419 DDoS Aug 2013 Breakdown” split for ease of reading Here are statistics for bots from the APNIC region, broken down by Country code, ASN, IP address.

aa419 DDoS Aug 2013 Breakdown; ARIN

aa419 DDoS Aug 2013 Breakdown; ARIN

This post forms part of “aa419 DDoS Aug 2013 Breakdown” split for ease of reading Here are statistics for bots from the ARIN region, broken down by Country code, ASN, IP address.