US-BURGESSGROUP.NET

The Purpose of This Post Is To ALERT You That The Job You Are About To APPLY For or May Have Applied For or is CONSIDERING APPLYING For Is Scam Alert 1Fraudulent. A LEGITIMATE COMPANY IDENTITY OR AN INDIVIDUAL IDENTITY HAS BEEN STOLEN OR A BOGUS ONE CREATED

These job postings are an attempt to lure you into cashing counterfeit checks and have you wire funds via Western Union or MoneyGram -Essentially You Become A Money or RePackage Mule

Understanding The Cyber Theft Ring
Money Mule Explained

Washingtonpost.com by Brian Kerbs

Interview With A Money Mule


Money Mule Servers Hosts
United States. Here’s the list of the related ASs and their occurrences:

  • AS34305, EUROACCESS Global Autonomous System – The Netherlands – 11 name servers
  • AS38356, TimeNet – China – 11 name servers
  • AS46664, VolumeDrive – United States – 11 name servers
  • AS30517, Great Lakes Comnet, Inc. – United States – 9 name servers
  • AS32097, RoadRunner RR-RC-Wholesale Internet, Inc.-KansasCity – United States – 9 name servers
  • AS29182, ISPSYSTEM-AS ISPsystem Autonomous System – Belgium – 8 name servers
  • AS31103, KEYWEB-AS Keyweb AG – German

Dear ScamFraudAlert,
Let me introduce myself! My name is Brian Hawcroft and I represent Lloyd Company.

I’ve found your CV at totaljobs.com and I can say in sure that you meet our requirements!

Our company is a well-known not only in the UK, but all over the world! We service an ever-growing variety of consumers, businesses, associations and organizations with a comprehensive line of transaction processing solutions that include:
o IT development;
o Software support;
o Comprehensive connectivity options;

Working schedule is a flexible. You would have to work about 2-3 hours a day, depending on the amount of transactions.
NOTE: Internet and e-mail are required.
There’s no entrance or any other fees. All fees and commissions are paid by our Company.

In the beginning you should hold a training period (1 month). During this time you will be trained, receive online support and get paid indeed.
NOTE: During the training period, personnel supervisor can recommend termination.

Your salary during the training period is GBP 1,500 per month plus 8% commission from each transaction. Total income, with the current volume of clients, will be about GBP 2,500 per month. After the training period, base salary will be GBP 1,800 per month, plus 8% commission.

I hope you’ll find interest in this part-time position. Please feel free to ask me any questions at ann.john.ltd@gmail.com.

Yours faithfully,

Brian Hawcroft
Lloyd LTD.

Here are some more scam sites, registered on the 27th and 28th, and not live yet:

Here is another batch of sites, registered on the 6th, also not live yet:

STAFFORDSGROUPINC.COM

US-LEAPROFGROUP.COM

VERITASGROUP-LLC.COM

VIRTUE-MAINGROUP.COM

Here are the new name servers registered on the 6th:

IP address: 122.70.149.13

Host name: ns1.nsdoomed.cc

Alias:

ns1.nsdoomed.cc

122.70.149.13 is from China(CN) in region Southern and Eastern Asia

TraceRoute to 122.70.149.13 [ns1.nsdoomed.cc]

Hop (ms) (ms) (ms) IP Address Host name

1 9 6 6 72.249.128.109 –

2 9 13 17 64.129.174.181 64-129-174-181.static.twtelecom.net

3 60 13 59 66.192.242.190 sjc1-pr1-ge-1-0-0-0.us.twtelecom.net

4 50 54 52 202.97.50.53 –

5 48 230 54 202.97.50.53 –

6 225 218 218 202.97.51.241 –

7 225 226 227 202.97.53.102 –

8 Timed out Timed out Timed out –

9 239 222 223 219.141.130.94 bj141-130-94.bjtelecom.net

10 253 237 233 219.141.131.158 bj141-131-158.bjtelecom.net

11 286 290 219 124.126.245.110 –

12 258 245 242 222.35.251.121 –

13 227 262 260 222.35.251.166 –

14 286 238 248 222.35.251.210 –

15 234 222 226 122.70.149.13 ip149.hichina.com

Trace complete

Retrieving DNS records for ns1.nsdoomed.cc…

DNS servers

ns2.nsdoomed.cc [67.215.243.210]

ns3.nsdoomed.cc [122.70.149.201]

ns1.nsdoomed.cc [122.70.149.13]

Answer records

ns1.nsdoomed.cc A 122.70.149.13 172800s

Authority records

nsdoomed.cc NS ns2.nsdoomed.cc 172800s

nsdoomed.cc NS ns3.nsdoomed.cc 172800s

nsdoomed.cc NS ns1.nsdoomed.cc 172800s

Additional records

ns2.nsdoomed.cc A 67.215.243.210 172800s

ns3.nsdoomed.cc A 122.70.149.201 172800s

Whois query for nsdoomed.cc…

Results returned from whois.nic.cc:

Domain Name: NSDOOMED.CC

Registrar: WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC

Whois Server: whois.webnic.cc

Referral URL: http://www.webnic.cc

Name Server: NS1.NSDOOMED.CC

Name Server: NS2.NSDOOMED.CC

Name Server: NS3.NSDOOMED.CC

Status: CLIENT-XFER-PROHIBITED

Status: CLIENT-UPDATE-PROHIBITED

Status: CLIENT-DELETE-PROHIBITED

Updated Date: 06-oct-2010

Creation Date: 06-oct-2010

Expiration Date: 06-oct-2011

Last update of whois database: Sun, 10 Oct 2010 08:00:11 EDT

Domain: nsdoomed.cc

Status: Protected

DNS:

ns1.nsdoomed.cc

ns2.nsdoomed.cc

ns3.nsdoomed.cc

Created: 2010-10-07 03:02:16

Expires: 2011-10-07 03:02:16

Last Modified: 2010-10-06 15:02:15

Registrant Contact:

Liliya Akhmadullina

Liliya Akhmadullina asap@ppmail.ru

ul.Ogneupornaya d.51 kv.1

Izhevsk, Respublika Udmurtiya, RU 426000

P: +7.3412930011 F: +7.3412930011

Administrative Contact:

Liliya Akhmadullina

Liliya Akhmadullina asap@ppmail.ru

ul.Ogneupornaya d.51 kv.1

Izhevsk, Respublika Udmurtiya, RU 426000

P: +7.3412930011 F: +7.3412930011

Technical Contact:

Liliya Akhmadullina

Liliya Akhmadullina asap@ppmail.ru

ul.Ogneupornaya d.51 kv.1

Izhevsk, Respublika Udmurtiya, RU 426000

P: +7.3412930011 F: +7.3412930011

Billing Contact:

Liliya Akhmadullina

Liliya Akhmadullina asap@ppmail.ru

ul.Ogneupornaya d.51 kv.1

Izhevsk, Respublika Udmurtiya, RU 426000

P: +7.3412930011 F: +7.3412930011

Network IP address lookup:

Whois query for 122.70.149.13…

Results returned from whois.arin.net:

# The following results may also be obtained via:

# http://whois.arin.net/rest/nets;q=122.70.149.13

NetRange: 122.0.0.0 – 122.255.255.255

CIDR: 122.0.0.0/8

OriginAS:

NetName: APNIC-122

NetHandle: NET-122-0-0-0-1

Parent:

NetType: Allocated to APNIC

NameServer: TINNIE.ARIN.NET

NameServer: SEC1.AUTHDNS.RIPE.NET

NameServer: NS4.APNIC.NET

NameServer: NS3.APNIC.NET

NameServer: NS1.APNIC.NET

NameServer: NS2.LACNIC.NET

Comment: This IP address range is not registered in the ARIN database.

Comment: For details, refer to the APNIC Whois Database via

Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl

Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming

RegDate: 2006-01-06

Updated: 2010-07-30

Ref: http://whois.arin.net/rest/net/NET-122-0-0-0-1

OrgName: Asia Pacific Network Information Centre

OrgId: APNIC

Address: PO Box 2131

City: Milton

StateProv: QLD

PostalCode: 4064

Country: AU

RegDate:

Updated: 2004-03-01

Ref: http://whois.arin.net/rest/org/APNIC

ReferralServer: whois://whois.apnic.net

OrgTechHandle: AWC12-ARIN

OrgTechName: APNIC Whois Contact

OrgTechPhone: +61 7 3858 3188

OrgTechEmail: search-apnic-not-arin@apnic.net

OrgTechRef: http://whois.arin.net/rest/poc/AWC12-ARIN

# ARIN WHOIS data and services are subject to the Terms of Use

# available at: https://www.arin.net/whois_tou.html

Results returned from whois.apnic.net:

% [whois.apnic.net node-2]

% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 122.64.0.0 – 122.95.255.255

netname: CTTNET

country: CN

descr: China TieTong Telecommunications Corporation

descr: Jinze Mansion, 2 Guangningbo Street,

descr: Xicheng District, Beijing, China, 100032

admin-c: WP188-AP

tech-c: LM273-AP

status: ALLOCATED PORTABLE

mnt-by: MAINT-CNNIC-AP

mnt-lower: MAINT-CN-CRTC

mnt-routes: MAINT-CNNIC-AP

changed: hm-changed@apnic.net 20061103

source: APNIC

route: 122.64.0.0/11

descr: CHINA RAILWAY TELECOMMUNICATIONS

country: CN

origin: AS9394

mnt-by: MAINT-CNNIC-AP

changed: ipas@cnnic.cn 20100528

source: APNIC

person: Wang Pei

nic-hdl: WP188-AP

e-mail: crnet_mgr@chinatietong.com

address: Jinze Mansion, 2 Guangningbo Street,

address: Xicheng District, Beijing, China, 100032

phone: +21-51892106

fax-no: +21-51847802

country: CN

changed: ipas@cnnic.net.cn 20060926

mnt-by: MAINT-CNNIC-AP

source: APNIC

person: liu min

nic-hdl: LM273-AP

e-mail: abuse@chinatietong.com

address: 22F Yuetan Mansion,Xicheng District,Beijing,P.R.China

phone: +86-10-51848796

fax-no: +86-10-51842426

country: CN

changed: ipas@cnnic.net.cn 20041208

mnt-by: MAINT-CNNIC-AP

source: APNIC

Advertisements

Leave A Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.