We just discovered one yesterday He went to Verisign and got www.darmayandi.net and hosting from Dell with one stolen card check out his website - you get to see the typical kid hacker including an album of his trip to NYC
The same day he went to our site and using the same card failed 'cause we do CVV checking so that card got rejected so he used another stolen card where he had CVV number and registered www.darmayandi.com with success - then he used 3rd party DNS servers to redirect to his www.darmayandi.net We just got a chargeback for it from the real cc owner yesterday - so we are now pointing the www.darmayandi.com to FBI website where we have filed report of cc theft on this smartie - provided FBI with complete detail including the .com site, archived the .com site album in case they need it as evidence... have done this in past on our previous cases, did not see any resolution or know if these kids ever get prosecuted because they are out of country and probably know it but it beats doing nothing about it. This one was on 4/6 and we have missed the clue - we get BAD CARD email notification from our payment processor - there were 5 attempts of BAD card - 5 emails to us prior to the SUCCESS one - we pend all transactions due to rampant theft and usually catch all but one or two per month - cheers Genie ----- Original Message ----- From: "Jason" <[EMAIL PROTECTED]> To: "'Mark Petersen'" <[EMAIL PROTECTED]>; "'ezgoing8'" <[EMAIL PROTECTED]>; "'quicknet'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, May 28, 2002 5:03 AM Subject: RE: Domain Lock Downside > Heh....got another bunch from a group of gimps called ' ruddoc crewz" in > their org name...last week it was 'allianz crewz' > > I'd love to squish these little gimps.....hmmm... > > It really is too bad that Visa/MC/Amex don't care about stolen credit > cards being used.. I have a raft of them here.. :( > > Jason > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Mark Petersen > Sent: May 28, 2002 1:45 AM > To: ezgoing8; quicknet; [EMAIL PROTECTED] > Subject: Re: Domain Lock Downside > > Well yeah. That's what we thought. We had a few trying to do 10 year > domain > regs too. > 10 years? Like nobody is going to catch on in that length of time? Geez! > What a bunch of dummy's! > ;o) > > ----- Original Message ----- > From: "ezgoing8" <[EMAIL PROTECTED]> > To: "quicknet" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, May 27, 2002 11:00 PM > Subject: Re: Domain Lock Downside > > > > We had 37 fraudulent hosting sign ups in an 18 hour period last week. > All > > purchases were for annual hosting accounts. > > > > We had to disable our automatic account creation as our merchant > provider > > was accepting all the fraudulent credit cards. Fortunately only the > first > > four got through and were set up before we discovered what was > happening. > > And they did not get to use them, as we promptly suspended them while > we > > checked out the credit card information with the issuing banks and > then > the > > card holders if the information matched. > > > > I don't know how they thought they were going to have the use of a > hosting > > account for a full year. This is what first triggered our suspicions > to > > check the new sign ups as we do not receive many annual accounts. > Mostly > > monthly and quarterly. > > > > Quarterly I could understand, as they could hope that it would take > that > > long before we would be hit with the chargebacks and close the > accounts. > > But not annual. > > > > > > ----- Original Message ----- > > From: "quicknet" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, May 27, 2002 1:59 AM > > Subject: Re: Domain Lock Downside > > > > > > > What i want t to know is what in the world are they buying these > domains > > > for?. > > > What company names should we be watching for or even content of the > > sites?. > > > Is it just domains names or are the trying to purchase websites with > > them?. > > > > > > ----- Original Message ----- > > > From: "Jason" <[EMAIL PROTECTED]> > > > To: "'Mark Petersen'" <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > > > Sent: Monday, May 27, 2002 6:13 PM > > > Subject: RE: Domain Lock Downside > > > > > > > > > > Yeah so much for all these automated systems, when it all comes > down > to > > > > an eyeball.. :) > > > > > > > > We too have seen a 700% increase in business, and all of it > fraudulent > > > > sourcing from India.. Same crew, using the same 'org name'. One > > > > actually had the audacity to email us about 2 hours after > submitting > > > > order to ask us to 'please process the order' so they could upload > the > > > > site, etc. A $1000 USD transaction was definitely out of the > ordinary.. > > > > :) > > > > > > > > Funny... > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]] On Behalf Of Mark Petersen > > > > Sent: May 27, 2002 6:24 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: Domain Lock Downside > > > > > > > > Well, I don't know about a market upswing, but we sure have seen a > rash > > > > of > > > > bad / stolen card attempts come in from IP's tracing back to > > > > south east Asia over the past few days. So much so that we've > switched > > > > over > > > > to cueing everything and validating by hand for now until things > > > > settle down. What a pain in the rear! > > > > -Mark > > > > > > > > ----- Original Message ----- > > > > From: "SpyProductions - Lars Hindsley" > <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]> > > > > Sent: Monday, May 27, 2002 12:30 PM > > > > Subject: Domain Lock Downside > > > > > > > > > > > > > Gents, > > > > > > > > > > Locking domains is a PIA because end users can't modify squat > without > > > > > contacting us first. This is OK with the "dumb and happy's" but > we > > > > have > > > > > customers with 1000+ names in their profiles. > > > > > > > > > > It is like what goes up must come down. If you lock it, you > need to > > > > unlock > > > > > it. Changing DNS is undoable with locked domains, and that is a > sore > > > > spot > > > > > for most of our customers. > > > > > > > > > > I suppose my only option is to enable an option at registration > asking > > > > > customers, "Do you want your domain records locked?" > > > > > > > > > > Otherwise, if I'm all wet here tell me. > > > > > > > > > > Also, has anyone noticed a market upswing? We have seen an > increase > > > > of > > > > > domain name registrations recently and I can't help but think it > is > > > > this > > > > way > > > > > across the board. Nothing significant but it is noticeable. > The > > > > .com's > > > > are > > > > > by far the most popular of course but .us has been much more > steady > > > > and > > > > > strong than .biz and .info have ever been. Just thought I'd > share. > > > > I'm > > > > > talking March through May numbers. > > > > > > > > > > Regards, > > > > > Lars Hindsley > > > > > SpyProductions.com > > > > > Achieve Web Success > > > > > > > > > > > > > > > > > > > > > > > > > > > >
