Offshore Outsourcing & Scammer
Blog about offshore outsourcing and scammer in the outsourcing industry
Funny - one scammer likes to verify other scammers - vverify.co.in
by Rudolf Faix Friday, July 22, 2016 5:09 AM

What sounds too good to be true isn't true. This proverb got confirmed again with the following offer someone has dropped by using the contact form at my blog. It sounds like some people from India are waking up for starting a fight against the scam coming from their country. The problem is only that the offer itself is coming from a scammer, who likes to be registered by the government - with other words he is thinking that he is an authority in scamming, but he confirms only that he has no education. Here is the offer I have received:

Von: SURESH <joinus@vverify.co.in>
Gesendet: Mittwoch, 20. Juli 2016 23:59
An: rudolf.faix@wwpa.com
Betreff: CC Scam e-mail - for a product

Hello

we have a product to verify the company physically and virtually according to your selected packages with less and comfort fee, and we can verify even a person profile too.

Even we seen your posts and all as you are doing good to public , so even at-least share our product on your end so that at-least some of the companies and some of the peoples will get safe from the scammers . we are registered with govt . even we are lunching an mobile app soon for apple and android and blackberry

We offer a free service for you . a part from of this we will also send you some scammer details which is going on digital marketing /bpo / kpo / dataentry / companies / consultancies / middleman's / and even we verify their linked in profiles .

web address ; www.vverify.co.in
waiting for your valuable reply . kindly make our product helpful to the world .


Author information
Name: SURESH
E-mail: joinus@vverify.co.in
IP address: 49.206.9.91
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36

It would be nice to have an app with trusted results, but by taking a look at the domain registration data, we can see that even this address is a fake:

Registrant Name: sanjay Bansali
Registrant Organization: Bird Inc.
Registrant Street: Suite 2, Silicon Valley , california
Registrant Street: Suite 2, Rocks Street , Florida
Registrant City: Silicon Valley
Registrant State/Province: California
Registrant Postal Code: 33774
Registrant Country: US
Registrant Phone: +1.4041268949
Registrant Email: bird.officials@gmail.com

What can you expect from a company offering something, where even the provided address is a fake?

You can expect only that one scammer likes to earn from other scammers. Depending on the payment from the other scammer you'll receive a positive or negative response. With other words you'll get scammed in any case instead of getting protected from scams.

As long as the scammers are so stupid and uneducated it will be easy like described above to dismantle scams and the offered service useless. Who needs to verify the location and personal profiles in such a case?

How a scammer, which is providing a fake address by himself, will be able to verify others? How trustful can be such an investigation? The provided offer is nothing else than another way of making money of a scammer. He likes to monetize the scam coming from his country. Some people would even try to sell their own dirt if it would not smell bad.

The scam offer got sent from the IP address 49.206.9.91 - located in Hyderabad, India:

IP Address 49.206.9.91
Location India flag India, Telangana, Hyderabad
Latitude & Longitude 17.375280, 78.474440 (17°22'31"N   78°28'28"E)
ISP Beam Telecom Pvt Ltd
Local Time 22 Jul, 2016 05:59 AM (UTC +05:30)
Domain beamtele.com
Net Speed (DSL) Broadband/Cable/Fiber
IDD & Area Code (91) 040
ZIP Code 500018
Weather Station Hyderabad (INXX0057)
Elevation 500m
Usage Type (ISP) Fixed Line ISP
Anonymous Proxy No
Shortcut http://www.ip2location.com/49.206.9.91

Registration data from the domain vverify.co.in:

Domain Name: VVERIFY.CO.IN
Registry Domain ID: D414400000001295401-AFIN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Update Date: 2016-07-07T15:29:42Z
Creation Date: 2016-07-07T15:29:41Z
Registrar Registration Expiration Date: 2017-07-07T15:29:41Z

Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email: abuse@godaddy.com
Registrar Abuse Contact Phone: +1.4806242505

Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited

Registry Registrant ID: CR246679901
Registrant Name: sanjay Bansali
Registrant Organization: Bird Inc.
Registrant Street: Suite 2, Silicon Valley , california
Registrant Street: Suite 2, Rocks Street , Florida
Registrant City: Silicon Valley
Registrant State/Province: California
Registrant Postal Code: 33774
Registrant Country: US
Registrant Phone: +1.4041268949
Registrant Email: bird.officials@gmail.com

Registry Admin ID: CR246679904
Admin Name: sanjay Bansali
Admin Organization: Bird Inc.
Admin Street: Suite 2, Silicon Valley , california
Admin Street: Suite 2, Rocks Street , Florida
Admin City: Silicon Valley
Admin State/Province: California
Admin Postal Code: 33774
Admin Country: US
Admin Phone: +1.4041268949
Admin Email: bird.officials@gmail.com

Registry Tech ID: CR246679902
Tech Name: sanjay Bansali
Tech Organization: Bird Inc.
Tech Street: Suite 2, Silicon Valley , california
Tech Street: Suite 2, Rocks Street , Florida
Tech City: Silicon Valley
Tech State/Province: California
Tech Postal Code: 33774
Tech Country: US
Tech Phone: +1.4041268949
Tech Email: bird.officials@gmail.com

Name Server: NS23.DOMAINCONTROL.COM
Name Server: NS24.DOMAINCONTROL.COM
DNSSEC: unsigned

URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2016-07-22T0:00:00Z <<<

 

Tags: , , , , , , , , , , ,

Scammer Exposed

Tech Support Scammer - Pashin Infotech Pvt. Ltd. - Pintu Singh - likes to get rich quick by scamming
by Rudolf Faix Sunday, January 31, 2016 10:14 AM

Facebook logo from Pashin Infotech Private LimitedPashin Infotech Pvt. Ltd. is an in Liulah, India registered company. Pashin Infotech Private Limited seems to be not successful in their business and for this reason they are trying to make money with fraud. They are offering a Tech Support campaign which is a plain scam and full of lies. The provided domain mscorp-payment.com at their Facebook page got already deleted. The scammer, director Pintu Singh seems have to been so stupid to use the name of Microsoft (mscorp) in his domain name. Such domains have a very short expiration time. As soon the first complaints are coming up and that happens by Tech Support Scam very fast, the domain gets deleted from the authorities.

It seems that Pashin Infotech failed with their own Tech Support strategy at the beginning of the year 2014 because their last entry at their Facebook page is from February 18, 2014. It seems to be easier for their director Pintu Singh to scam others than to work on their own campaign. Everybody can get it how difficult it is to sell Tech Support by cold calls. Nobody gives up a business where he is earning good! For this reason the scammer Pintu Singh got the idea that others should pay to him for getting his scam campaign. The worst case that can happen is that the center owner pays for going to jail.

That scammer are even too lazy to type a email message can get shown in the from a call center forwarded email with the attached script:

From: Pashin Solutions [mailto:pashinsolutions@gmail.com]
Sent: Thursday, January 28, 2016 10:31 AM
Subject: Tech Support Script

PFA

--

Thanks & Regards,

 

Pintu Singh

Managing Director

Pashin Infotech Private Limited

+918100266097

Attachment:
Tech-Support Script.doc

I have copied the content of the script here, but you can download the word document from the link Tech-Support Script.doc too. The campaign requires three different agents. The one agent which is cold calling, a supervisor and an agent which makes the verification with the victim. This campaign can get started from everybody and he even don't need to pay the scammer Pintu Singh from Pashin Infotech because Pintu Singh or Pashin Infotech is not providing anything. By taking a look at the following script you'll see that this campaign is nothing else than an outbound scam system. Why do you need to pay a scammer?

The agent's script shows that this campaign is a plain outbound campaign. You can even not be sure that the called one owns a computer or a device with Internet connection:

Agent’s Script:

Hi! This is ……………. And I am calling you from the computer technical department ‘FOR ‘Universal Pc Care’

How r u doing today?

This call is in regards to your computer as we have been receiving some errors report and warning messages from your computer to our centralized server and its indicating that your computer has some harmful malicious files with malwares and spywares. Are you aware of that?

Yes or No (Customer).

You are not aware of these harmful viruses and malware which is getting downloaded in your computer just because of those infections are hidden in nature, which is why your Antivirus is also not able to detect that.

And they keep getting into your computer and corrupt the hard drive and mother board of your computer and taking your computer to the verge of getting crashed, and also you are not getting update of these infections just because the security system of your computer has also been compromised.

So is your computer on right now, so that I can show you the problems which are there in your computer and you would be able to see them right now.

Look at the left -hand side bottom corner of your keyboard you would find a CTRL key and just beside that there would be a 4 flagged windows key / start key. Press the windows key and the alphabet R key (R as in roger) both at the same time (simultaneously) and you will find a small dialog box appearing at the extreme left-hand side of your computer screen named “Run”. Then you will find a ‘white bar’ beside ‘open’. Now in that white bar type in ‘eventvwr’ (explain using phonetics) and then click on ‘Ok’ or press ENTER. Can you see a new window as ‘EVENT VIEWER’? And at the left hand side of the box you will find event viewer local and there would be a sub option of windows log/ application, security, system. If it comes as window log so double click on windows log you would be getting an option as application security, setup, system just below windows log, now double click on ‘application’ and then you would find list of events which will have blue “I” as information, Red circled errors and yellow triangular icon as a warnings. Now slowly, just scroll down the page and give me a rough count how many errors and warnings are there?

Now again on the left hand side of the page you will find an option ‘system’ under windows log.

This is the system log of the computer Just give a double left click on system and again you would find a list of information, errors and warnings. So just scroll down the page and let me know how many red errors and yellow warnings are there?

Now do you have an idea what these errors and warning are? And how come these get into your computer….

Whenever you are going to Google and when you click on any search suggestions by google or when you surf any social networking sites like YouTube and face book by mistake or accidently your computer tends to download unwanted and harmful files and once these files gets into your computer they keep multiplying them and thereby harming your computers motherboard and slowly corrupts it, thereby it acts like a slow poison for it.

Your Computer then sends Error reports and messages to our centralized server which is specially developed by our technical team as a receptor so that we can retrieve them and find out from it is coming, with the help of the IP address we can figure out the Geographical location of the computer or laptop and then with the help of the geographical location we derive the street address and then we figure out the phone numbers associated with it and then we give a call, only when we see that the issue requires your immediate attention.

Okay, so right now what I will transfer this call to one of our senior technician who will explain you further about this problem of your computer.

We can see that the scam starts already in the third sentence. For such calls you don't need a scammer like Pintu Singh from Pashin Infotech. As this guy is a notorious scammer he will scam you too and not only the called computer users. You cannot trust such a criminal for this reason you need to have your own payment processor. Please remember that nobody will give you money as a gift. Everybody is hard working for his money and does not have more than he needs to survive.

A scammer, which is making such stupid calls need to put into jail and the key to his cell needs to get thrown away. In such a case are the call centers the scammers and creatures like Pintu Singh the instigator or ringleader. In any case as long as the Indian authorities are only interested in making money from their own corruption the reputation of the whole country will go down to a country of scammers. Isn't it a nice outlook for the future? As longer it takes until every real businessman does not take action against the scammers as harder it will be it for him to make a real, legit and genuine business in the future. It does not help anybody if the CEO from Google is an Indian. One rotten apple spoils the whole barrel!

Let's come back to the Technical Support Scam offered from Pintu Singh - Pashin Infotech. As next we read how the supervisor needs to continue the scam:

Senior Supervisor’s Script:-

Hi my name is _________and I am the senior technician. How are you doing today? I believe my agent has shown you the errors and the warnings in the application and system logs of your computer? Do you have any idea what these errors and warnings are? Well they are just a sign that your computer has been badly corrupted and it is full malware and spyware that requires your immediate action. I believe that you know that whenever you buy a computer you get a warranty. And you know that warranty comes with a limited time period of one year. So as you have using this computer from the past ‘X’ no. of years. So the software maintenance warranty of your computer has expired. That’s the reason all the software’s present in your computer and the anti-virus is not working properly and not protecting your computer from these malicious files. These malicious files are so small and hidden in nature that in spite of having anti-virus on your computer, your computer is still getting infected by these malicious files which you yourself can see with your eyes. These malicious files keep on multiplying in numbers and corrupt the boot sector and the hard-drive of your computer. And once it completely gets blocked then your computer might crash down. And I believe that you don’t want your computer to crash down. Right?

So what I will do right now is that I will get you connected to one of our certified technician who will fix up all your problems and will also install all the required software’s to protect your computer so that in the coming future your computer will be absolutely safe and secure and your computer will not crash down. The service provided by the technician and the software’s that out technician will be installing on your computer will be absolutely free but in order to activate the software maintenance service on your computer you need to pay only a one- time payment of _________dollars/pounds for _________no. of years. And in that coming long________ no. of years if you do face any problems with your computer or if you require any software’s for your computer it will be provided to you free of cost within this extended warranty period. You don’t have to pay for that again and again.

Now close down everything and come down to the main screen of the computer and click o n to the internet explorer so that I can connect yourself to one of our certified technician, now once you get the internet page on the screen in the address bar you just need to type in www.logmein123.com and hit enter, now you will see in the next page support connection enter your six digit code so just bare with me I’ll be generating a trail code for you so that connect yourself to the technician…and your six digit code would be 123456 now click on connect to technician…now you will get an option RUN so click on that and again you need to click on RUN so click on again…now you just need to click on every positive options like allow, ok, continue…now you have been successfully connected to one of our certified technician.

Just hold on now I will ask my technician to send you the registration form on your computer screen which you need to fill from your side. You don’t have to provide me any of your personal information or the card numbers to me over the phone. If you have printer in your home then you can take the print out of the receipt after making the payment and you will also get the invoice ant the order no. in your e-mail as well.

LogMeIn is a service and has is not responsible for the scam itself, only their service is getting used for the scam. LogMeIn Inc. gets traded at the NASDAQ. At the Better Business Bureau Boston we can find during the last three years 88 complaints and 31 customer reviews from which is only one positive. I wonder why the CEO from LogMeIn Inc. does not give an oder to make their product more secure? Are they afraid that they would lose some customers, which are only scammer? Is he an Indian too and does he like to help his compatriots in scamming innocent computer users?

After the scam action from the supervisor the victim shall confirm that everything is OK. The only problem is that even if the answer from the victim is that he does not have some problems now that the recording will not help in front of the law court. I think this action should only soothe the conscience of the agents for the case they have something what normal people are calling conscience:

VERIFICATION SCRIPT

Hi this is …….. And I m from the verification department, how are you doing today?

Well, the purpose of this transfer is to check or confirm that you were not pressurized or misled at any point of time.

  1. So can you confirm to me “Was the agent polite and courteous with you?”
  2. Did he explain you what exactly the issues were in your computer or was he just rushing through with what he had to say?
  3. Did you at any point of time hand over any of your card information or your Banking details over the phone?
  4. Please be aware that we are not a part of Microsoft and that we are an independent service provider for windows and MAC operating computers
  5. Now you can let the computer be on and leave the controls and once the work of the technician will be completed you will be informed about the same with a message on the computer screen.
  6. Do you have any more questions for me?
  7. So it was pleasure talking to you, thank you for your time and patience and take care of yourself.
  8. Bye Bye.

Not only these ones, which are participating at the scam system, are making themselves guilty, these ones, which are knowing about the scam and do nothing against it, are the same way guilty like the scammers itself!

Everybody should think about an old prophecy from the Cree (native Americans): "When the last tree is cut down, the last fish eaten, and the last stream poisoned, you will realize that you cannot eat money."

 

Caught WhatsApp messages leaded to Belgian terrorist captures
by Rudolf Faix Friday, June 12, 2015 5:12 AM

WhatsAppEnd-to-end encryption holes in WhatsApp message metadata have uncovered jihad terrorists.

The FBI has been campaigning hard to get free access to the messages went by scrambled informing administrations. Yet, it clearly didn't require that level of access to WhatsApp messages sent between individuals from a charged Chechen jihadist gathering working in Belgium. As per a report by Bloomberg, a couple of men were captured and warrants were issued for three others for supposedly get ready for a terrorist as in Belgium. 

The captures took after attacks in which 16 individuals were confined, which Belgian law implementation authorities said was the consequence of "working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service," Bloomberg's Gaspard Sebag reported. 

The BBC reports that the men fixing to the al-Nusra Front in Syria and the Islamic Caucasus Emirate. One man confined had as of late come back to Belgium injured in battle in Syria while battling with al-Nusra. There were two gatherings attacked one in Ostend on Belgium's coast, and the other inland at Louvain. The Louvain gathering was said to be plotting a terrorist assault in Belgium. BBC likewise refered to Belgian authorities as saying WhatsApp messages blocked by the US government were utilized to follow the gathering. 

WhatsApp started giving end-to-end (E2E) encryption of its messages last November with the joining of security specialist Moxie Marlinspike's WhisperSystems encryption convention TextSecure. In principle, if TextSecure were being used by the affirmed terrorists, the substance of their messages would have been exceptionally hard to peruse; the TextSecure convention persistently changes sets of encryption keys with each new message. Yet, it’s dubious that the messages were scrambled especially since E2E encryption is not upheld by the Apple iOS rendition of WhatsApp, and gathering messages and pictures aren't bolstered by WhatsApp for Android yet. 

Regardless of the possibility that a percentage of the messages stayed secured by encryption, it’s conceivable that the FBI or NSA assembled metadata at the server for the messages. That metadata could have been utilized to build up the associations between the suspects and the injured jihadi, which would have permitted the US organizations or Belgian law requirement to accomplish more focused on observation. 

In an article in German magazine C'T, proofreader Fabian A. Scherschel dove into the encryption conspire in WhatsApp and battled that it didn't shift the key used to scramble data in travel rather, it utilized a key got from the client's watchword and encryption code in light of the RC4 calculation for both inbound and outbound correspondence. The hint was that captured and gathered messages could hypothetically be broken a great deal all the more effortlessly since the key seeds could be all the more effectively discovered on the grounds that it diminished the quantity of conceivable keys. Be that as it may, in a reaction to the article presented on Reddit, Moxie Marlinspike said, "This article should be retitled 'Breaking News: WhatsApp E2E Deployment Process Exactly As Advertised.'  We announced a partnership, not a finished deployment. In the blog post announcing that partnership, we publicly outlined the WhatsApp E2E deployment process, and it describes exactly what has been 'discovered' here. As I said in the blog post, deploying across this many users (hundreds of millions) and this many platforms (seven, of which they checked two) takes time, and is being done incrementally. I also point out that we will be surfacing information in the UI once that is complete."

 

Tags: , , , , , , ,

Security

Malware application for non-jailbroken iPhones
by Rudolf Faix Thursday, June 4, 2015 4:36 AM

iPhoneCybercriminals in Japan are focusing on iPhone clients with an online trick that deceives them into introducing a malevolent application when they endeavor to view porn features.

This sort of assault, known as a single tick extortion, is not new and has been utilized for quite a long time against Windows, Mac and Android clients. On the other hand, what's fascinating in this specific case is that it works even against non-jailbroken iPhones. 

Apple firmly controls how iOS applications are circulated to clients by constraining engineers to distribute them on the authority App Store where they are liable to Apple's audit strategies. Then again, there are exemptions to this standard as unique advancement programs for which members need to pay additional. 

All the more ON CSO: Mobile Security Survival Guide 

One such program is known as the iOS Developer Program and has a yearly participation expense of US$99. Designers enlisted in this system can appropriate applications over the air, outside of the authority App Store, yet there are a few limitations. They can just appropriate applications in this way to 100 gadgets for each year and the special IDs (UDID) of those gadgets should be enlisted ahead of time. 

Another project that is more adaptable, additionally more lavish, is known as the iOS Developer Enterprise Program. It is proposed for organizations who add to their own applications and need to introduce them on their workers' iOS gadgets without distributed them on the App Store. Interest in this system costs US$299 every year. 

Scientists from antivirus seller Symantec accept that Japanese cybercriminals are misusing the iOS Developer Enterprise Program in their most recent a single tick misrepresentation crusade, despite the fact that they don't have affirmation yet. 

"They could have either applied for membership on their own or compromised someone else's account," the specialists said Tuesday in a blog entry

Both those potential outcomes are awful. In the event that assailants petitioned participation, it would imply that the US$299 cost is no more a sufficiently high hindrance for them. The length of they can contaminate a vast countless rapidly and benefit from them, its justified, despite all the trouble for assailants to pay that passage value regardless of the fact that Apple will probably repudiate their designer ID when the assault is found. 

On the off chance that they utilized a bargained record, that may move others to do likewise. That would be awful news for organizations in light of the fact that interest for stolen designer records enlisted in the iOS Developer Enterprise Program would become on the secret business. 

The maverick application utilized as a part of this extortion battle obliges client affirmation before its introduced. On the off chance that that is acquired, the application will guarantee that the client has subscribed to a grown-up feature site and needs to pay 99,000 Japanese yen (just about $800) over the course of the following three days, or the cost will go up to 300,000 yen ($2,400). 

It's anything but difficult to perceive how that can be productive. On the off chance that a solitary casualty pays $800, the aggressors as of now profit paid for selecting in the iOS Developer Enterprise Program, in addition to a $500 benefit.

 

Tags: , , , , ,

Security

UNCERTAIN APPS: millions of customer data at risk
by Rudolf Faix Sunday, May 31, 2015 5:51 AM

Still are app developers careless with user data. A study by the Fraunhofer SIT showed that several million records are at risk in the cloud - for a lax handling of authentication.

Hand coming out of the monitor for typingDevelopers are still storing unprotected preferred secret keys and tokens for access to the cloud storage in their apps. With little effort it can get read. For this criminals can get access to databases such as the Amazon Web Services (AWS) or Facebook. By this way are up to 56 million records compromised, estimates the Fraunhofer Institute for Security in Information Technology (SIT).

Together with the Technical University of Darmstadt and expert from Intel examined the Fraunhofer SIT in an automated process about two million apps in Google Play Store and Apple's App Store. In many has been the simplest form of authentication for access to cloud providers implemented. The developers are probably not aware of how inadequate the information are protected and getting collected by the Apps Data.

Unrestricted access to customer data

In their experiments, the scientists could not only read highly personal information, such as who are friends with whom Facebook or health information, from some app users. Using the secret key actually they could read complete user databases or even could manipulate them.

The report concludes that user cannot become actively protect. You should be careful what app you entrust personal information. Developers, however, should be better informed of the safety precautions of the cloud provider and implement more restrictive access controls in their apps. The researchers have already informed some developers on the most critical vulnerabilities.

Cloud providers have to act

Even with the providers of cloud services is the Fraunhofer SIT in contact. Both, Amazon and Facebooks Parse.com, Google and Apple have been informed of the findings too. The cloud providers also incumbent responsibility to bring the app developers to use not only the most vulnerable authentications. In addition, the cloud provider should make not convenient, but the safest possible standards mandatory.

The problem is not new. Already in June 2014 did researchers of the New York's Columbia University, a similar investigation and covered a distance of thousands of secret access token for Amazon Web Services open. The researchers then criticized that many developers did not follow the recommended conversions when programming their Apps and imbedded secret keys directly into the source code. They are apparently unaware of how simple source code can be translated back. In March 2014 researchers had discovered ten thousands of AWS credentials on Github.

 

Tags: , , , , ,

Security

Filter by APML

Follow me

AboutMe

I'm since more then 35 years in the computer business (programming and technical support) and using the Internet since it has started. Since 2002 I'm programming solutions for Asterisk and since 2004 I'm in the call center industry.

Disclaimer

All data and information provided on this site is for informational purposes only. I make no representations as to accuracy, completeness, currentness, suitability, or validity of any information on this site and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis and is only representing my own opinion. By browsing or using content from this site you accept the full legal disclaimer of this website.