I just start this Discussion in order to alert you on this website: https://www.world.com/
She got called by this number: +79654930063 Country: Russian Federation Carrier: PJSC Vimpel-Communications (VimpelCom) Line type: mobile
The hacker penetrated the mailbox by those IP:
162.253.68.150
23.83.131.121
176.107.179.213
she got rooted to this website : dr.com, please see the whois:
Organization: World Media Group
Address: 90 Washington Valley Rd Rd. #1128
City: Bedminster
State / Province: NJ
Postal Code: 07921
Country: US
Phone+1.9089982344
after digging a bit I could find this person:
https://www.facebook.com/jaquariousb1
It looks like a big entity
Please could someone help, my sister started not long ago a new company and now she is losing money as they are stilling from her. The scammers are pretending to be her and sending bills to her customers in her name but still the money as they changed the bank account number.
@Draco#170284 Sorry I am new here, I am just a Service Desk agent and my sister came to me crying she lost 7K I know it is not a lot but she just started and she asked me help, the cops where warned but they did just fill in a form and the “hackers” are still stilling money now.
I tried to flood them but they are a lot and I could only flood the chat not the call center I do not know how to do.
The think she would like is to slow them in order to let the cops do they work
They also sent mails from the domain dr.com (this is woh I get to [World Media Group, LLC (“World”) ] I have a lot of print screen of mails they sent and the logs from the mail server with the ip who connected
@ahottois#170289 I don’t understand how the scam works. World.com seems to be a company that owns a lot of valuable domain names that can be rented, e.g. dr.com.
- What exactly happened? Can you tell chronologically?
- Which domains are owned by your sister? Which are owned by World.com?
- For what exactly did she pay money for? And how much?
Actually my sister ownes: https://www.fashionweekstudio.com/.
She just started not long ago and now she has person who work for her, about 2 weeks ago one of the client of my sister called informing her that she payed the bill my sister was a bit surprised because never she sent a bill to that client.
After investigation they found out the the person who sent the mail with the bill sent the email from this address: [email protected] and from [email protected], my sister does not own dr.com neither gmail.com meaning that this mail is coming from the scammers them self so she told to her client to stop paying as the client payed only on top of it my sister got contacted by the scammer on whatsapp by this number +79654930063
she lost already as we know 6400$ and it could be much more as my sister is affrayed to loose her clients so she did not call everyone yet they sent the bill and the billing address is:
Karen Louise Reese
bank of america
routing number: 063100277
account number 004432419184
checking account
Swift code: BOFAUS3N
When looking for that person we saw that it is a wooman of 71 years old:
I am not Shure on this but look the url:
https://www.michiganresidentdatabase.com/person/4443084/karen-reese#overview
Now the scammers are continuing and the funny part of it is that my sister is named Nathanaelle which is a men name normally and some one called the client impersonating my sister but affirming that Nath is a men lol
Very strange case. So first off, a lot of respect to your sister or the web developer who created that website of hers, it looks super professional and very well made. I really like it.
Theoretically, the scammers could have spoofed the email address. You *can* send emails from domains which you don't own, e.g. I could send from that [email protected] as well using some software. You can maybe find out if it was spoofed or not by checking the email header aka email source code as it sometimes shows the IP from which the email has been sent. Depending on which email client you or the client which got scammed uses, search for "Show original email" or "Source code" to see the code. Then paste it into one of these websites for analysis:
Are the IPs in your first post from the scam emails, were they used to send the emails to the victim?
- 162.253.68.150 belongs to Performive LLC, USA
- 176.107.179.213 belongs to DeltaHost, Ukraine
- 23.83.131.121 belongs to LeaseWeb, USA
So depending on this, it has to be checked if World Media Group is actually involved or not. I kinda doubt it as they wouldn't have used the gmail address and it looks like they just make money by buying and selling expensive domains.
I think the 'Karen Louise Reese' name/identity is fake. I don't think it's the 71-year-old woman and you can easily put any person's name in there.
The Russian phone number +79654930063 returns the same info that you already have, carrier VimpelCom
What I would definitely do is, send out emails to your/your sister's clients, like all of them. Warn them about someone impersonating her so that they are all aware *not* to pay any random person via email. Tell them to re-confirm payments by calling your sister on her phone or emailing to her official email address to make sure it's not someone else. I think she won't lose clients that way because it's not her fault if someone is using her identity, what can she do?! It's just important that no other client loses its money because they will be mad if they find out that you know about the scam going on but didn't inform and warn them. So that is a must!
Also, I would definitely go to the police and file a complaint. Both your sister and also her client. You have some data that we scambaiters won't be able to trace, like the bank account details and maybe who owns the phone number. It also adds some professionalism to it because you can inform your clients that you're already letting the police investigate as well. So they know that you've done your best to handle the situation.
Here you can see that this company was in the past a reseller for dvd's and other they closed not long ago
https://www.linkedin.com/company/world-media-group-inc./about/
you ca
Please see here some more data:
here are some other post in other website where they was scammeras scammer
https://bitcointalk.org/index.php?topic=131009.0
https://www.yelp.com/biz/world-media-group-basking-ridge
https://www.complaintboard.in/complaints-reviews/world-media-group-l553624.html
https://sellercentral.amazon.com/forums/t/fake-buyer/39130/4
https://www.everycaller.com/phone-number/1-908-903-0200/