The Purpose of this post is to ALERT you that the job you are about to apply for
or may have applied FOR or is CONSIDERING APPLYING FOR is FRAUDULENT.
These job postings are an attempt to lure you into cashing counterfeit checks and have you wire funds via Western Union or MoneyGram. Essentially You Become A Money or RePackage Mule.
The identity of an individual or entity have been stolen along with fund from their bank accounts. You are being recruited to wire transfer these funds either by WESTERN UNION, MONEYGRAM, into your bank, a DOMESTIC BANK or FOREIGN BANK ACCOUNT
- Understanding The Cyber Theft Ring
- Money Mule Explained
- Protecting Yourself Against Money Mule
- Washingtonpost.com by Brian Kerbs
- Interview With A Money Mule
- Bobbear.co.UK ~ Historical Money Mule Sites
____________________
Address lookup
canonical name http://www.payments-amazon-online.ca
aliases
addresses 66.96.160.132
Domain Whois record
Queried whois.cira.ca with “payments-amazon-online.ca”…
Domain name: payments-amazon-online.ca
Domain status: registered
Creation date: 2013/03/19
Expiry date: 2014/03/19
Updated date: 2013/03/24
Registrar:
Name: Tucows.com Co.
Number: 156
Name servers:
ns2.netfirms.com
ns1.netfirms.com
- wm-shipping.sufx.net
- mondial-shipping.com
- bi-logistics-ltd.net
- bicorptransltd.com
- oleris-express.com
- envios-lhg.com
- alexsaranc.org
- incourltd.com
- cds-delivery-express.com
- jffundsltd.com
- worldlinkescrow.com
- awsvp.com
- courierfreightinc.com
- dsl-logistics.eu
- center-googlecheckout.com
- dhl-lincoln-nebraska.com
- intcourier.net
- royalspedition.com
- isold-it.webs.com
- http://www.autotrans-limited.eu
scamFRAUDalert™ Report 
Address lookup
canonical name http://www.payments-amazon-online.ca.
aliases
addresses 66.96.160.132
Domain Whois record
Queried whois.cira.ca with “payments-amazon-online.ca”…
Domain name: payments-amazon-online.ca
Domain status: registered
Creation date: 2013/03/19
Expiry date: 2014/03/19
Updated date: 2013/03/24
Registrar:
Name: Tucows.com Co.
Number: 156
Name servers:
ns2.netfirms.com
ns1.netfirms.com
Network Whois record
Queried whois.arin.net with “n 66.96.160.132″…
NetRange: 66.96.128.0 – 66.96.191.255
CIDR: 66.96.128.0/18
OriginAS:
NetName: BIZLAND-FC01
NetHandle: NET-66-96-128-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-04-03
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-66-96-128-0-1
OrgName: The Endurance International Group, Inc.
OrgId: EIG-12
Address: 10 Corporate Drive
Address: Suite 300
City: Burlington
StateProv: MA
PostalCode: 01803
Country: US
RegDate: 2005-02-07
Updated: 2013-03-04
Ref: http://whois.arin.net/rest/org/EIG-12
OrgAbuseHandle: BBR189-ARIN
OrgAbuseName: Brock, Brian
OrgAbusePhone: +1-781-852-3254
OrgAbuseEmail: bnbrock@maileig.com
OrgAbuseRef: http://whois.arin.net/rest/poc/BBR189-ARIN
OrgTechHandle: BBR189-ARIN
OrgTechName: Brock, Brian
OrgTechPhone: +1-781-852-3254
OrgTechEmail: bnbrock@maileig.com
OrgTechRef: http://whois.arin.net/rest/poc/BBR189-ARIN
OrgNOCHandle: ENO74-ARIN
OrgNOCName: EIG Network Operations
OrgNOCPhone: +1-339-234-9762
OrgNOCEmail: netmon@maileig.com
OrgNOCRef: http://whois.arin.net/rest/poc/ENO74-ARIN
DNS records
name class type data time to live
http://www.payments-amazon-online.ca IN MX
preference: 30
exchange: mx.payments-amazon-online.ca
3600s (01:00:00)
http://www.payments-amazon-online.ca IN A 66.96.160.132 3600s (01:00:00)
payments-amazon-online.ca IN TXT v=spf1 ip4:66.96.128.0/18 ?all 3600s (01:00:00)
payments-amazon-online.ca IN SOA
server: ns1.netfirms.com
email: dnsadmin@netfirms.com
serial: 2013031983
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 3600
3600s (01:00:00)
payments-amazon-online.ca IN NS ns1.netfirms.com 3600s (01:00:00)
payments-amazon-online.ca IN A 66.96.160.132 3600s (01:00:00)
payments-amazon-online.ca IN MX
preference: 30
exchange: mx.payments-amazon-online.ca
3600s (01:00:00)
payments-amazon-online.ca IN NS ns2.netfirms.com 3600s (01:00:00)
132.160.96.66.in-addr.arpa IN PTR 132.160.96.66.static.eigbox.net 43200s (12:00:00)
160.96.66.in-addr.arpa IN SOA
server: ns1.yourhostingaccount.com
email: admin@yourhostingaccount.com
serial: 2007100501
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 3600
3600s (01:00:00)
160.96.66.in-addr.arpa IN RRSIG
type covered: NSEC (47)
algorithm: RSA/SHA-1 (5)
labels: 5
original ttl: 10800 (03:00:00)
signature expiration: 2013-04-10 12:02:26Z
signature inception: 2013-03-31 12:02:26Z
key tag: 57359
signer’s name: 66.in-addr.arpa
signature:
(1024 bits)
25D2271950F806F2644DC85668131D9E
E221C21DD15B558B2DD9B5F27447A511
24F0310792F7530B509AC81D8E4AB39B
81D88AE0E44F5FC5D7A196EB460484F3
9DC4C369E6DCDDE770828A1B3F83E6C3
AD64442941F3319C2F02C50767B53B0E
1FFCF23F8374DBBAD039FEE98C51917B
94837A38DB5173231A2FD3F9B4EE608E
10799s (02:59:59)
160.96.66.in-addr.arpa IN NSEC
next domain name: 161.96.66.in-addr.arpa
record types: NS RRSIG NSEC
10799s (02:59:59)
160.96.66.in-addr.arpa IN NS ns2.yourhostingaccount.com 3600s (01:00:00)
160.96.66.in-addr.arpa IN NS ns1.yourhostingaccount.com 3600s (01:00:00)
— end —