VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
View previous topic :: View next topic |
Author |
Message |
nogoodnameswereavailab... Guest
|
|
Back to top |
|
|
nk3569 at yahoo.com Guest
|
Posted: Sun Apr 20, 2008 3:15 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
Funny. I got a guy from Palestine too today. They tried to use a stolen credit card from one Donald Boltz.
The real Donald has been notified (called him).
Beware of a guy who signs up by "tom mart" - he tried to use multiple stolen PayPal accounts and credit cards. Changes email every time so it's pointless to track email addresses.
Rule of thumb - if anyone makes payments using an American account/address/credit card and their IP is anywhere in the Middle East except Israel - it is almost 100% fraud.
Having said that - we still allow auto PayPal payments. You just have to follow up and verify each and every account afterwards. And don't allow large amounts automatically via PayPal!
--
Nitzan Kon, CEO
Future Nine Corporation
http://www.future-nine.com/
--- On Sun, 4/20/08, Justin Case <nogoodnameswereavailable@gmail.com> wrote:
Quote: | From: Justin Case <nogoodnameswereavailable@gmail.com>
Subject: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz@lists.digium.com>, "Asterisk Users Mailing List - Non-Commercial Discussion" <asterisk-users@lists.digium.com>
Date: Sunday, April 20, 2008, 1:47 PM
Hi List,
I made the mistake of having auto payments via PayPal. Just
had some one put
in payments and have them all denied. So far this person
send in funds from:
julie tosh - juliert@hotmail.com
David Somerville - davso@nbnet.nb.ca
Gaetane Fortier - fortier.3075@videotron.ca
ray stewart - dragonr2262@hotmail.com
Cédric Girard - realm415@hotmail.com
The IP's I have are 213.6.185.243 and 83.233.182.229.
The seem to be calling Palestine Mobile.
/J_______________________________________________
--Bandwidth and Colocation Provided by
http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
trixter at 0xdecafbad.com Guest
|
Posted: Sun Apr 20, 2008 3:20 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
On Sun, 2008-04-20 at 21:47 +0300, Justin Case wrote:
Quote: | Hi List,
I made the mistake of having auto payments via PayPal. Just had some
one put in payments and have them all denied. So far this person send
in funds from:
|
Yeah, you have to be careful with paypal because there are several ways
to make a payment that appears to clear on the merchant side (ie it
looks like any other normal payment) but after a few days it will bounce
back.
I have seen a series of payments (about 20 or so) that all cleared, and
got refunded a month later because paypal said that money was never
cleared. Some of these payments were hundreds of dollars some were
about $45, but all eventually got returned.
It really isnt hard to do this, and paypal has little incentive to
change this since they dont lose money. It all has to do with one way
of funding your account (gee there are only 3 ways really). There are
probably other ways of it looking like money is there when it really
isnt. At least with an e-check paypal notifies the merchant at the
payment time that the money is pending (so hint this is not what I am
talking about).
I do not know if disputing with a credit card would prove useful,
although most likely it would and would be more obvious to more people
so its probably the larger way that people would do this type of stuff.
In the end paypal makes the merchant pay for using their services and
its hard to hold the customer accountable. It generally becomes a civil
suit for failure to pay in a situation like that (getting a criminal
investigation over stuff like that is generally hard at least in the US)
which means that the merchant again would have to bear the costs of
locating and serving the defendant, and they would not be able to do
anything cross border, blah blah blah. Cant imagine why so many
criminals use paypal.
--
Trixter http://www.0xdecafbad.com Bret McDanel
Belfast +44 28 9099 6461 US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
nogoodnameswereavailab... Guest
|
Posted: Sun Apr 20, 2008 3:34 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
Nitzan,
Do you have their IP address's ? The reason we were caught off guard is because of the Chag. We were out for two days. I just blocked all of Paltel (Palestinian ISP) from our servers (http://www.domaintools.com/213.6.185.243) . Do you know of any other ISP's in Azaa ?
Thanks.
/J
On Sun, Apr 20, 2008 at 11:09 PM, Nitzan Kon <nk3569@yahoo.com (nk3569@yahoo.com)> wrote:
Quote: | Funny. I got a guy from Palestine too today. They tried to use a stolen credit card from one Donald Boltz.
The real Donald has been notified (called him).
Beware of a guy who signs up by "tom mart" - he tried to use multiple stolen PayPal accounts and credit cards. Changes email every time so it's pointless to track email addresses.
Rule of thumb - if anyone makes payments using an American account/address/credit card and their IP is anywhere in the Middle East except Israel - it is almost 100% fraud.
Having said that - we still allow auto PayPal payments. You just have to follow up and verify each and every account afterwards. And don't allow large amounts automatically via PayPal!
--
Nitzan Kon, CEO
Future Nine Corporation
http://www.future-nine.com/
--- On Sun, 4/20/08, Justin Case <nogoodnameswereavailable@gmail.com (nogoodnameswereavailable@gmail.com)> wrote:
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
|
|
Back to top |
|
|
nogoodnameswereavailab... Guest
|
Posted: Sun Apr 20, 2008 3:46 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
On Sun, Apr 20, 2008 at 11:15 PM, Trixter aka Bret McDanel <trixter@0xdecafbad.com (trixter@0xdecafbad.com)> wrote:
Quote: | On Sun, 2008-04-20 at 21:47 +0300, Justin Case wrote:
Quote: | Hi List,
I made the mistake of having auto payments via PayPal. Just had some
one put in payments and have them all denied. So far this person send
in funds from:
|
Yeah, you have to be careful with paypal because there are several ways
to make a payment that appears to clear on the merchant side (ie it
looks like any other normal payment) but after a few days it will bounce
back.
I have seen a series of payments (about 20 or so) that all cleared, and
got refunded a month later because paypal said that money was never
cleared. Some of these payments were hundreds of dollars some were
about $45, but all eventually got returned.
It really isnt hard to do this, and paypal has little incentive to
change this since they dont lose money. It all has to do with one way
of funding your account (gee there are only 3 ways really). There are
probably other ways of it looking like money is there when it really
isnt. At least with an e-check paypal notifies the merchant at the
payment time that the money is pending (so hint this is not what I am
talking about).
I do not know if disputing with a credit card would prove useful,
although most likely it would and would be more obvious to more people
so its probably the larger way that people would do this type of stuff.
In the end paypal makes the merchant pay for using their services and
its hard to hold the customer accountable. It generally becomes a civil
suit for failure to pay in a situation like that (getting a criminal
investigation over stuff like that is generally hard at least in the US)
which means that the merchant again would have to bear the costs of
locating and serving the defendant, and they would not be able to do
anything cross border, blah blah blah. Cant imagine why so many
criminals use paypal.
| Trixter,
They made several payments from multiple accounts which seems that they fished them. I still don't know how people fall for those scam emails. Then again they scammed me . I guess we goto be tighter on sign ups. Does any one know if there are any merchant companies out there that have some sort of insurance for the merchant should something like this happen in the future ?
/J |
|
Back to top |
|
|
nk3569 at yahoo.com Guest
|
Posted: Sun Apr 20, 2008 3:57 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
To put it in plain words - PayPal could care less about the merchant. They do very little to prevent fraud, and once it's discovered the merchant gets screwed 100% of the time.
We've added Google checkout recently. SO MUCH BETTER! cheaper too. If this keeps up we'll probably drop PayPal altogether.
Another cheaper (and appears to be safer - not sure yet) option is MoneyBookers. I did hear some horror stories with them though so make sure you don't leave large sums in your account. (horror stories being accounts frozen due to "suspected fraud" and never released)
--- On Sun, 4/20/08, Trixter aka Bret McDanel <trixter@0xdecafbad.com> wrote:
Quote: | From: Trixter aka Bret McDanel <trixter@0xdecafbad.com>
Subject: Re: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz@lists.digium.com>
Date: Sunday, April 20, 2008, 3:15 PM
On Sun, 2008-04-20 at 21:47 +0300, Justin Case wrote:
Quote: | Hi List,
I made the mistake of having auto payments via PayPal.
| Just had some
Quote: | one put in payments and have them all denied. So far
| this person send
Yeah, you have to be careful with paypal because there are
several ways
to make a payment that appears to clear on the merchant
side (ie it
looks like any other normal payment) but after a few days
it will bounce
back.
I have seen a series of payments (about 20 or so) that all
cleared, and
got refunded a month later because paypal said that money
was never
cleared. Some of these payments were hundreds of dollars
some were
about $45, but all eventually got returned.
It really isnt hard to do this, and paypal has little
incentive to
change this since they dont lose money. It all has to do
with one way
of funding your account (gee there are only 3 ways really).
There are
probably other ways of it looking like money is there when
it really
isnt. At least with an e-check paypal notifies the
merchant at the
payment time that the money is pending (so hint this is not
what I am
talking about).
I do not know if disputing with a credit card would prove
useful,
although most likely it would and would be more obvious to
more people
so its probably the larger way that people would do this
type of stuff.
In the end paypal makes the merchant pay for using their
services and
its hard to hold the customer accountable. It generally
becomes a civil
suit for failure to pay in a situation like that (getting a
criminal
investigation over stuff like that is generally hard at
least in the US)
which means that the merchant again would have to bear the
costs of
locating and serving the defendant, and they would not be
able to do
anything cross border, blah blah blah. Cant imagine why so
many
criminals use paypal.
--
Trixter http://www.0xdecafbad.com Bret McDanel
Belfast +44 28 9099 6461 US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!
_______________________________________________
--Bandwidth and Colocation Provided by
http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
nk3569 at yahoo.com Guest
|
Posted: Sun Apr 20, 2008 4:07 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
Here's a list of those we've caught lately:
172.173.96.17
85.25.139.99
68.118.206.148
78.101.100.21
172.158.212.35
41.196.60.34
86.152.245.47
212.38.144.47
Beware of Egypt, Jordan, and Palestine. Qatar is pretty bad too.
Would probably be a good idea to put a database of offending IP addresses. We already block these, but would be a good thing to share a blacklist between multiple providers eventually.
-- Nitzan
--- On Sun, 4/20/08, Justin Case <nogoodnameswereavailable@gmail.com> wrote:
Quote: | From: Justin Case <nogoodnameswereavailable@gmail.com>
Subject: Re: [asterisk-biz] FRAUD: BE AWARE
To: nk3569@yahoo.com, "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz@lists.digium.com>
Date: Sunday, April 20, 2008, 3:30 PM
Nitzan,
Do you have their IP address's ? The reason we were
caught off guard is
because of the Chag. We were out for two days. I just
blocked all of
Paltel (Palestinian ISP) from our servers (
http://www.domaintools.com/213.6.185.243) . Do you know of
any other ISP's
in Azaa ?
Thanks.
/J
On Sun, Apr 20, 2008 at 11:09 PM, Nitzan Kon
<nk3569@yahoo.com> wrote:
Quote: | Funny. I got a guy from Palestine too today. They
| tried to use a stolen
Quote: | credit card from one Donald Boltz.
The real Donald has been notified (called him).
Beware of a guy who signs up by "tom mart" -
| he tried to use multiple
Quote: | stolen PayPal accounts and credit cards. Changes email
| every time so it's
Quote: | pointless to track email addresses.
Rule of thumb - if anyone makes payments using an
| American
Quote: | account/address/credit card and their IP is anywhere
| in the Middle East
Quote: | except Israel - it is almost 100% fraud.
Having said that - we still allow auto PayPal
| payments. You just have to
Quote: | follow up and verify each and every account
| afterwards. And don't allow
Quote: | large amounts automatically via PayPal!
--
Nitzan Kon, CEO
Future Nine Corporation
http://www.future-nine.com/
--- On Sun, 4/20/08, Justin Case
| <nogoodnameswereavailable@gmail.com>
<nogoodnameswereavailable@gmail.com>
Quote: | Quote: | Subject: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented
|
| Asterisk Discussion" <
Quote: | asterisk-biz@lists.digium.com>, "Asterisk
| Users Mailing List -
Quote: | Non-Commercial Discussion"
| <asterisk-users@lists.digium.com>
Quote: | Quote: | Date: Sunday, April 20, 2008, 1:47 PM
Hi List,
I made the mistake of having auto payments via
|
| PayPal. Just
Quote: | Quote: | had some one put
in payments and have them all denied. So far this
|
| person
83.233.182.229.
Quote: | Quote: |
The seem to be calling Palestine Mobile.
/J_______________________________________________
--Bandwidth and Colocation Provided by
http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
|
| http://lists.digium.com/mailman/listinfo/asterisk-biz
Quote: |
_______________________________________________
--Bandwidth and Colocation Provided by
| http://www.api-digital.com--
Quote: |
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
| http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
trixter at 0xdecafbad.com Guest
|
Posted: Sun Apr 20, 2008 5:00 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
On Sun, 2008-04-20 at 13:09 -0700, Nitzan Kon wrote:
Quote: | Rule of thumb - if anyone makes payments using an American account/address/credit card and their IP is anywhere in the Middle East except Israel - it is almost 100% fraud.
|
"except israel" excludes all the scammers that actively have been using
a satellite ISP based out of .IL for the last few years.
I would say more that if they use a US credit card (some of the weakest
secured cards in the world) and their IP isnt US then that should be a
flag no matter what. Further, it shouldnt be limited to just US, if you
have conflicting information based on where the person is, where the
card is from, etc then you should look further before digging into it.
--
Trixter http://www.0xdecafbad.com Bret McDanel
Belfast +44 28 9099 6461 US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
trixter at 0xdecafbad.com Guest
|
Posted: Sun Apr 20, 2008 5:08 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
On Sun, 2008-04-20 at 23:40 +0300, Justin Case wrote:
Quote: |
Trixter,
They made several payments from multiple accounts which seems that
they fished them. I still don't know how people fall for those scam
emails. Then again they scammed me . I guess we goto be tighter on
sign ups. Does any one know if there are any merchant companies out
there that have some sort of insurance for the merchant should
something like this happen in the future ?
|
you didnt hear how earthlink was running one of the largest phishing
sites out there just to make a quick buck? This was quite the news
story the last little while.
Now they werent intentionally running a phishing site, they just
redirected every bad url to a server in the UK which had a problem in
its javascript (it just displays ads but looks like the real site) and
lets you embed anything you want. So if you tell someone to goto
http://money.paypal.com they will make it look like you really are at
paypal and not some squirley ad based company in the UK.
Earthlink isnt the only one, basically they are doing what verisign did
a few years ago.
The story was slashdotted today but broke a couple days ago. So its
easy to see how people can fall for it, the ISPs trying to make a little
extra money make it so much more convincin
http://news.google.com/news?hl=en&ie=UTF-8&tab=wn&ncl=1152280840
--
Trixter http://www.0xdecafbad.com Bret McDanel
Belfast +44 28 9099 6461 US +1 516 687 5200
http://www.trxtel.com the phone company that pays you!
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
beckman at angryox.com Guest
|
Posted: Mon Apr 21, 2008 12:04 am Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
MinFraud from MaxMind. Use it.
On Sun, 20 Apr 2008, Nitzan Kon wrote:
Quote: | Here's a list of those we've caught lately:
172.173.96.17
85.25.139.99
68.118.206.148
78.101.100.21
172.158.212.35
41.196.60.34
86.152.245.47
212.38.144.47
Beware of Egypt, Jordan, and Palestine. Qatar is pretty bad too.
Would probably be a good idea to put a database of offending IP addresses. We already block these, but would be a good thing to share a blacklist between multiple providers eventually.
-- Nitzan
--- On Sun, 4/20/08, Justin Case <nogoodnameswereavailable@gmail.com> wrote:
Quote: | From: Justin Case <nogoodnameswereavailable@gmail.com>
Subject: Re: [asterisk-biz] FRAUD: BE AWARE
To: nk3569@yahoo.com, "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz@lists.digium.com>
Date: Sunday, April 20, 2008, 3:30 PM
Nitzan,
Do you have their IP address's ? The reason we were
caught off guard is
because of the Chag. We were out for two days. I just
blocked all of
Paltel (Palestinian ISP) from our servers (
http://www.domaintools.com/213.6.185.243) . Do you know of
any other ISP's
in Azaa ?
Thanks.
/J
On Sun, Apr 20, 2008 at 11:09 PM, Nitzan Kon
<nk3569@yahoo.com> wrote:
Quote: | Funny. I got a guy from Palestine too today. They
| tried to use a stolen
Quote: | credit card from one Donald Boltz.
The real Donald has been notified (called him).
Beware of a guy who signs up by "tom mart" -
| he tried to use multiple
Quote: | stolen PayPal accounts and credit cards. Changes email
| every time so it's
Quote: | pointless to track email addresses.
Rule of thumb - if anyone makes payments using an
| American
Quote: | account/address/credit card and their IP is anywhere
| in the Middle East
Quote: | except Israel - it is almost 100% fraud.
Having said that - we still allow auto PayPal
| payments. You just have to
Quote: | follow up and verify each and every account
| afterwards. And don't allow
Quote: | large amounts automatically via PayPal!
--
Nitzan Kon, CEO
Future Nine Corporation
http://www.future-nine.com/
--- On Sun, 4/20/08, Justin Case
| <nogoodnameswereavailable@gmail.com>
<nogoodnameswereavailable@gmail.com>
Quote: | Quote: | Subject: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented
|
| Asterisk Discussion" <
Quote: | asterisk-biz@lists.digium.com>, "Asterisk
| Users Mailing List -
Quote: | Non-Commercial Discussion"
| <asterisk-users@lists.digium.com>
Quote: | Quote: | Date: Sunday, April 20, 2008, 1:47 PM
Hi List,
I made the mistake of having auto payments via
|
| PayPal. Just
Quote: | Quote: | had some one put
in payments and have them all denied. So far this
|
| person
83.233.182.229.
Quote: | Quote: |
The seem to be calling Palestine Mobile.
/J_______________________________________________
--Bandwidth and Colocation Provided by
http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
|
| http://lists.digium.com/mailman/listinfo/asterisk-biz
Quote: |
_______________________________________________
--Bandwidth and Colocation Provided by
| http://www.api-digital.com--
Quote: |
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
| http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
---------------------------------------------------------------------------
Peter Beckman Internet Guy
beckman@angryox.com http://www.angryox.com/
---------------------------------------------------------------------------
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
beckman at angryox.com Guest
|
Posted: Mon Apr 21, 2008 12:04 am Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
On Sun, 20 Apr 2008, Trixter aka Bret McDanel wrote:
Quote: | "except israel" excludes all the scammers that actively have been using
a satellite ISP based out of .IL for the last few years.
I would say more that if they use a US credit card (some of the weakest
secured cards in the world) and their IP isnt US then that should be a
flag no matter what. Further, it shouldnt be limited to just US, if you
have conflicting information based on where the person is, where the
card is from, etc then you should look further before digging into it.
|
Except then they just use AOL, and it looks like they are from the US, but
they aren't. Gah.
---------------------------------------------------------------------------
Peter Beckman Internet Guy
beckman@angryox.com http://www.angryox.com/
---------------------------------------------------------------------------
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
nk3569 at yahoo.com Guest
|
Posted: Mon Apr 21, 2008 12:27 am Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
--- On Sun, 4/20/08, Peter Beckman <beckman@angryox.com> wrote:
Quote: | Except then they just use AOL, and it looks like they are
from the US, but
they aren't. Gah.
|
You know, we had one of these guys today. He triggered other checks anyway, but doing a traceroute on his IP showed it was going to Europe. Pretty sad that we have to go as far as tracerouting each transaction, but what can you do...
MinFraud does look promising though! I will give it a try.
-- Nitzan
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
sip at arcdiv.com Guest
|
Posted: Mon Apr 21, 2008 8:22 am Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
Good to know he's picking on someone else.
For the last 3 years, we've been getting one particular individual (or
small group) from Egypt that does the same thing. If you follow their
traces back as far as you can go, they all ultimately originate from
accounts on Link.net in Egypt. We've worked with the FBI and British
Authorities to try and track things down. The Egyptian authorities have
been little help. Link.net is either woefully ignorant or, more likely,
complicit in the activities.
The charges come in from IPs all OVER the world (proxies galore out
there), but connections can be traced back to Egypt, Jordan, and Paltel
(Link.net is firewalled out completely from our services).
It comes in waves. We'll see nothing for a month, and then a spate of
several days of concerted charges (sometimes as many as 30-40 attempted
charges in a day). From the looks of it, it looks like someone's going
through a VoIP directory one by one in a circuit. When he gets to us, we
get hit. When enough of his charges don't go through or we've notified
enough people that his cards begin to get cancelled and he feels the
pinch, he moves on. Until the next time 'round.
We've seen some posts on militant fora out there with the accounts that
had charged stolen cards, advertising that this guy (who, from his
colloquial Arabic, seems to be in his young 20's) is willing to offer
hacked accounts to anyone who wants to, in essence, stick it to the
Americans (even though we're not an American company).
I keep hoping that one day he'll get hit by a bus, but alas... it hasn't
happened yet.
N.
Justin Case wrote:
Quote: | Hi List,
I made the mistake of having auto payments via PayPal. Just had some
one put in payments and have them all denied. So far this person send
in funds from:
julie tosh - juliert@hotmail.com <mailto:juliert@hotmail.com>
David Somerville - davso@nbnet.nb.ca <mailto:davso@nbnet.nb.ca>
Gaetane Fortier - fortier.3075@videotron.ca
<mailto:fortier.3075@videotron.ca>
ray stewart - dragonr2262@hotmail.com <mailto:dragonr2262@hotmail.com>
Cédric Girard - realm415@hotmail.com <mailto:realm415@hotmail.com>
The IP's I have are 213.6.185.243 <http://213.6.185.243> and
83.233.182.229 <http://83.233.182.229>.
The seem to be calling Palestine Mobile.
/J
------------------------------------------------------------------------
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
nk3569 at yahoo.com Guest
|
Posted: Tue Apr 22, 2008 2:42 am Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
This can't be just one guy. They hit us the first time about a month ago from Egypt, Jordan, and Paltel. We canceled all their accounts early on and blocked Egypt and Jordan completely, so they gave up and moved on.
They do come back occasionally using proxies, but since then we've managed to cancel their accounts before they managed to make any calls.
You are absolutely right- I believe they go through myvoipprovider.com and just hit every provider on there. That's how they got to us.
There is an easy way to tell it's them. It's quite obvious but given this is a public list I don't want to post and "ruin it". email me privately if you want this info (although you're probably aware of it already).
-- Nitzan
--- On Mon, 4/21/08, SIP <sip@arcdiv.com> wrote:
Quote: | From: SIP <sip@arcdiv.com>
Subject: Re: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz@lists.digium.com>
Date: Monday, April 21, 2008, 8:15 AM
Good to know he's picking on someone else.
For the last 3 years, we've been getting one particular
individual (or
small group) from Egypt that does the same thing. If you
follow their
traces back as far as you can go, they all ultimately
originate from
accounts on Link.net in Egypt. We've worked with the
FBI and British
Authorities to try and track things down. The Egyptian
authorities have
been little help. Link.net is either woefully ignorant or,
more likely,
complicit in the activities.
The charges come in from IPs all OVER the world (proxies
galore out
there), but connections can be traced back to Egypt,
Jordan, and Paltel
(Link.net is firewalled out completely from our services).
It comes in waves. We'll see nothing for a month, and
then a spate of
several days of concerted charges (sometimes as many as
30-40 attempted
charges in a day). From the looks of it, it looks like
someone's going
through a VoIP directory one by one in a circuit. When he
gets to us, we
get hit. When enough of his charges don't go through or
we've notified
enough people that his cards begin to get cancelled and he
feels the
pinch, he moves on. Until the next time 'round.
We've seen some posts on militant fora out there with
the accounts that
had charged stolen cards, advertising that this guy (who,
from his
colloquial Arabic, seems to be in his young 20's) is
willing to offer
hacked accounts to anyone who wants to, in essence, stick
it to the
Americans (even though we're not an American company).
I keep hoping that one day he'll get hit by a bus, but
alas... it hasn't
happened yet.
N.
Justin Case wrote:
Quote: | Hi List,
I made the mistake of having auto payments via PayPal.
| Just had some
Quote: | one put in payments and have them all denied. So far
| this person send
<mailto:juliert@hotmail.com>
<mailto:davso@nbnet.nb.ca>
<mailto:dragonr2262@hotmail.com>
<mailto:realm415@hotmail.com>
Quote: |
The IP's I have are 213.6.185.243
| <http://213.6.185.243> and
Quote: | 83.233.182.229 <http://83.233.182.229>.
The seem to be calling Palestine Mobile.
/J
| ------------------------------------------------------------------------
Quote: |
_______________________________________________
--Bandwidth and Colocation Provided by
| http://www.api-digital.com--
Quote: |
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
| http://lists.digium.com/mailman/listinfo/asterisk-biz
_______________________________________________
--Bandwidth and Colocation Provided by
http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
shmaltz at gmail.com Guest
|
Posted: Tue Apr 29, 2008 8:12 pm Post subject: [asterisk-biz] FRAUD: BE AWARE |
|
|
Interesting you mention Chag, there is has been lots of hacking
activities against Jewish companies during Chag oen that actually
closed Bank of Israel for 2 days. I guess they thing they'll gain a
few days until you catch them.
If thats the case I would recommend that before every Chag (next one
is in just 40 days) security is tightened so that more stricter rules
apply, in addition over Shabbat the same should be done.
http://www.jpost.com/servlet/Satellite?pagename=JPost%2FJPArticle%2FShowFull&cid=1208870494142
http://www.theinquirer.net/gb/inquirer/news/2008/04/27/bank-israel-hacked-temporarily
On Sun, Apr 20, 2008 at 4:30 PM, Justin Case
<nogoodnameswereavailable@gmail.com> wrote:
Quote: | Nitzan,
Do you have their IP address's ? The reason we were caught off guard is
because of the Chag. We were out for two days. I just blocked all of
Paltel (Palestinian ISP) from our servers
(http://www.domaintools.com/213.6.185.243) . Do you know of any other ISP's
in Azaa ?
Thanks.
/J
On Sun, Apr 20, 2008 at 11:09 PM, Nitzan Kon <nk3569@yahoo.com> wrote:
Quote: | Funny. I got a guy from Palestine too today. They tried to use a stolen
| credit card from one Donald Boltz.
Quote: |
The real Donald has been notified (called him).
Beware of a guy who signs up by "tom mart" - he tried to use multiple
| stolen PayPal accounts and credit cards. Changes email every time so it's
pointless to track email addresses.
Quote: |
Rule of thumb - if anyone makes payments using an American
| account/address/credit card and their IP is anywhere in the Middle East
except Israel - it is almost 100% fraud.
Quote: |
Having said that - we still allow auto PayPal payments. You just have to
| follow up and verify each and every account afterwards. And don't allow
large amounts automatically via PayPal!
Quote: |
--
Nitzan Kon, CEO
Future Nine Corporation
http://www.future-nine.com/
--- On Sun, 4/20/08, Justin Case <nogoodnameswereavailable@gmail.com>
| wrote:
Quote: |
Quote: | From: Justin Case <nogoodnameswereavailable@gmail.com>
Subject: [asterisk-biz] FRAUD: BE AWARE
To: "Commercial and Business-Oriented Asterisk Discussion"
|
| <asterisk-biz@lists.digium.com>, "Asterisk Users Mailing List -
Non-Commercial Discussion" <asterisk-users@lists.digium.com>
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz
|
_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-biz |
|
Back to top |
|
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|