sphere2
11-08-2002, 05:04 PM
Hey I just got my latest copy of scam busters. Since some of this stuff affects website owners and people who own domains I thought I would post this here. Hope no one minds.
____________________________________________________
Another Domain Name Registration Scam
If you own a domain name, you should be on the lookout for
this one. You may well be deluged.
You may or may not be aware that your name, address, and
contact information are available for your domain name using a
special Web service called WHOIS. That's how unscrupulous
scammers are compiling large databases of domain name
owners... and trying to sell them something they don't need.
Here's what happened to us:
We got a fax filled with legalese that looked like we were in
violation of someone's intellectual property. (Actually, by
now we've gotten a dozen of them since we own quite a few
domain names!)
It is dated today and gave us a deadline of tomorrow. It's
VERY legalistic, using terms like "bad faith, "in accordance
with the United States Legal Code," etc.
At the bottom, it says:
"Note: YOU MAY DISREGARD THIS NOTICE. IF YOU DISREGARD THIS
NOTICE OR FAIL TO REPLY BY THE DEADLINE INDICATED ABOVE"
(describes very obscure consequences)
When you read this carefully, it says that we can register the
.NET version of one of our domain names. After all, otherwise
there might be confusion if someone else registers it...
This scam is also going on new and unproven top-level domains
like .BIZ. Remember that .COM is the domain name extension
everyone thinks of first -- who's going to type in
www.yourdomain.biz?
Unfortunately, we're sure a LOT of people will register
useless domain names based on this junk.
Folks, if you get any correspondence that's not from the
company you registered your domain name with, or even if you
can't figure out the legalese in any domain name
correspondence, contact your own Registrar.
For more information on this scam, see:
==> http://www.carr-ferrell.com/pubs/html/dotbiznotice.html
for a law firm's take on it, and
==> http://www.ftc.gov/bcp/conline/pubs/alerts/domainalrt.htm
for the FTC's page on domain name registration scams.
~~~
Yahoo! Warns of Identity Theft
Another group of enterprising fraud artists is doing its best
to separate Yahoo! users from their money.
In a bulk mailing to Yahoo! customers who pay for certain
added features, the fraud artists posed as Yahoo! and asked
the customers to send in personal and credit card information.
Unfortunately, some of the customers were duped.
Bravo to Yahoo! for sending out a warning email within 24
hours of the fraudulent one.
For more information, and some common sense security tips, see:
==>
http://www.techtv.com/news/security/story/0,24195,3404115,00.html
If you're a Yahoo! Mail user and you suspect an email is
fraudulent, use this form to report it:
==> http://add.yahoo.com/fast/help/us/mail/cgi_abuse
~~~
Identity Fraud Warning for Online Retailers
If you're running an online store, pay attention to this one.
We received an email order last week from a 'demo' account
with a .mn extension. The sender informed us that "In order to
pay it I need to get your detailed bank info where I'm going
to wire the money."
We suspect this is a scam to get our bank information. Here
are the red flags you should look out for:
1. The account name is 'demo' and does not match the name of
the alleged person ordering the product.
2. The .mn top-level domain is for Mongolia. You should always
beware of accepting international orders from countries who
may not have the same stringent regulations we do.
To find out which domain extension corresponds to which
country, see:
==> http://www.norid.no/domenenavnbaser/domreg.html
We will never give bank info to get paid for an order.
For eight steps Web merchants can use to minimize credit card
fraud, see:
==> http://www.scambusters.org/CreditCardFraud.html
____________________________________________________
Another Domain Name Registration Scam
If you own a domain name, you should be on the lookout for
this one. You may well be deluged.
You may or may not be aware that your name, address, and
contact information are available for your domain name using a
special Web service called WHOIS. That's how unscrupulous
scammers are compiling large databases of domain name
owners... and trying to sell them something they don't need.
Here's what happened to us:
We got a fax filled with legalese that looked like we were in
violation of someone's intellectual property. (Actually, by
now we've gotten a dozen of them since we own quite a few
domain names!)
It is dated today and gave us a deadline of tomorrow. It's
VERY legalistic, using terms like "bad faith, "in accordance
with the United States Legal Code," etc.
At the bottom, it says:
"Note: YOU MAY DISREGARD THIS NOTICE. IF YOU DISREGARD THIS
NOTICE OR FAIL TO REPLY BY THE DEADLINE INDICATED ABOVE"
(describes very obscure consequences)
When you read this carefully, it says that we can register the
.NET version of one of our domain names. After all, otherwise
there might be confusion if someone else registers it...
This scam is also going on new and unproven top-level domains
like .BIZ. Remember that .COM is the domain name extension
everyone thinks of first -- who's going to type in
www.yourdomain.biz?
Unfortunately, we're sure a LOT of people will register
useless domain names based on this junk.
Folks, if you get any correspondence that's not from the
company you registered your domain name with, or even if you
can't figure out the legalese in any domain name
correspondence, contact your own Registrar.
For more information on this scam, see:
==> http://www.carr-ferrell.com/pubs/html/dotbiznotice.html
for a law firm's take on it, and
==> http://www.ftc.gov/bcp/conline/pubs/alerts/domainalrt.htm
for the FTC's page on domain name registration scams.
~~~
Yahoo! Warns of Identity Theft
Another group of enterprising fraud artists is doing its best
to separate Yahoo! users from their money.
In a bulk mailing to Yahoo! customers who pay for certain
added features, the fraud artists posed as Yahoo! and asked
the customers to send in personal and credit card information.
Unfortunately, some of the customers were duped.
Bravo to Yahoo! for sending out a warning email within 24
hours of the fraudulent one.
For more information, and some common sense security tips, see:
==>
http://www.techtv.com/news/security/story/0,24195,3404115,00.html
If you're a Yahoo! Mail user and you suspect an email is
fraudulent, use this form to report it:
==> http://add.yahoo.com/fast/help/us/mail/cgi_abuse
~~~
Identity Fraud Warning for Online Retailers
If you're running an online store, pay attention to this one.
We received an email order last week from a 'demo' account
with a .mn extension. The sender informed us that "In order to
pay it I need to get your detailed bank info where I'm going
to wire the money."
We suspect this is a scam to get our bank information. Here
are the red flags you should look out for:
1. The account name is 'demo' and does not match the name of
the alleged person ordering the product.
2. The .mn top-level domain is for Mongolia. You should always
beware of accepting international orders from countries who
may not have the same stringent regulations we do.
To find out which domain extension corresponds to which
country, see:
==> http://www.norid.no/domenenavnbaser/domreg.html
We will never give bank info to get paid for an order.
For eight steps Web merchants can use to minimize credit card
fraud, see:
==> http://www.scambusters.org/CreditCardFraud.html