We love to hear from readers commenting on our blog, but none of our posts (with the possible exception of post we did on Princeton Premier), have generated such a steady stream of comments as the one we did on Earth4Energy.com. Although we blogged about Earth4Energy.com back in September, not a month has gone by without readers adding their two cents.

While we faulted the site for a lack of contact information, hyperlinks that don't link to anything and the fact it appears to be just another Web-based affiliate marketing program, readers took the conversation to a whole new level.

Comments range from scathing (Absolute scam!!!!!!), regretful (I bought it like a fool and it is junk..pure rubbish), defensive (Earth4energy is not a scam product. It's a great product created by Michael Harvey which can help us save our electricity usage to great extent. For more details about this product, visit Earth 4 Energy website), and technical (At $200.00 per panel that is about $67.00 dollars per amp. Most houses today require a 200 amp electrical service. That would require sixty seven panels at a cost of $13,400 plus the $49.95 for the manual.)

Is Earth4Energy.com just another of the thousands of scam sites out there, or a viable, do-it-yourself alternative to affordable energy? Decide for yourself.

Posted by Jorgen Wouters at 03:49 PM | Permalink | Comments (1)

A read sent us the following question: Is Defenza.com's anti-spyware tool rogue?

The short answer is yes.

First off, Googling "defenza.com" with McAfee Site Adviser yielded results flagged with a red X and a warning to "use with caution." According to the Site Adviser report, "When we visited this site, we found that it may be affiliated with other ''red' sites." The other red site in question is cashengines.com, of which McAfee said: "When we visited this site, we found that it funds and facilitates the creation of numerous identical web sites, which charge fees for products available elsewhere for free."

The site itself constituted a second red flag, since it contained no privacy policy, an unacceptable omission for a site selling software downloads. Third red flag: Although the the site says it's based in Montreal, a quick check via WHOIS revealed that it's registered to one Stephane Dadoun of Market Engines in Sliema, Malta, and is hosted in Russia.

Also, the fake CNET Download.com button on the homepage (Download.com doesn't recommend Defenze) didn't exactly inspire our trust.

Third Red flag, numerous negative reviews from Internet security sites, including:

EmsiI Software—Defenza is a rogue security program that shows false Warning messages. It also shows misleading scan Results. It can also install through Trojan exploits.

2-Spyware.com—We DO NOT recommend purchasing and using this product.

BleepingComputer.com—This Add or Remove Programs entry corresponds to a program that is either malware, installs malware, or is bundled with malware.

Finally, you can also read an illuminating thread about Defenza.com on our sister site, BadwareBusters.org.

Posted by Jorgen Wouters at 09:49 AM | Permalink | Comments (0)

Despite a lot of media coverage about a potential new competitor to Google, the newly launched WolframAlpha isn't really a search engine. According to its creator, it's a computational knowledge engine.

Unlike Google and other search engines, WolframAlpha doesn't indiscriminately trawl the Web for information whose sources can range from scholarly journals to the rantings of lunatic bloggers. According it’s FAQ page: "It can only know things that are known, and are somehow public. It only deals with facts, not opinions."

Rather, WolframAlpha performs computations from its own internal knowledge base, more than 10 trillion pieces of information sourced from thousands of official websites, libraries and academic journals, and checked by experts.

Jonathan Zittrain, a law professor at Harvard and the co-founder of the Berkman Center for Internet and Society, describes it as a “computable almanac.”

Don't take our word for it. Experience WolframAlpha for yourself. If you have trouble wrapping your Googled mind around this non-search engine, visit the examples page for suggestions on how to take advantage of this new information resource.

Posted by Jorgen Wouters at 03:00 PM | Permalink | Comments (0)

The days of Apple owners chuckling smugly as they read the about latest virus infecting Windows-based PCS are drawing to a close, according to a recent article in SC Magazine.

"The past few months has seen a dramatic rise in the number and complexity of malware programs being used to target Apple users and the situation is only going to get worse, according to security vendors, and part of the problem may be down to Apple users themselves."

Mac users, take note.

Posted by Jorgen Wouters at 02:56 PM | Permalink | Comments (0)

Here's a response from Mike Dell, general manager of The Historical Research Center, to our blog post about MyFreeScroll.com, selling genealogical for $7.

"Concerns: Your article on Myfreescroll has some inconsistencies. I am the General Manager of The Historical Research Center. We are not a franchise business. We are a business opportunity business. Not sure where you got the 5,000 pounds as a start up figure. We have a start up package for $995.00. Unlike a franchise, all of this money is for inventory. There are no franchise fees. If you want to evaluate whether or not we are at Ellis Island, try giving the gift shop a call. They will tell you if we are there or not. By the way we have been there for about 10 years. When we filmed our ad there we obtained permission from the National Park Service. By the way, the free search on the Ellis Island web site is terrific. We use some of that information ourselves, however we also go way beyond just the immigration records at Ellis Island. Our researchers look for the meaning, origin and historical references from as far back as 1,000 years ago. Give me a call at (xxx) xxx-xxxx or send me an email if you have any questions."

Click on the link below for our response.

First, Mike, we thank you for writing.

We got the information about the Historical Research Center being a franchise business from several sources, most notably, this site, called the U.K. Franchise Directory. It notes: "Overseas Opportunities Exist: USA Italy Spain Malta Germany [sic]." That site is where the 5,000 U.K. pounds figure comes from as well (technically, 4,995 pounds). The Better Business Bureau database lists Historical Research Center branches in Elmhurst, New York; Hemet, Calif.; Louisville, Ky.; Boston; Houston; Lethbridge, Alberta; Las Vegas; Myrtle Beach; and Santa Monica, Calif. In addition, your Web site lists your organization's address as 2019 Corporate Drive, Boynton Beach, Florida. The Historical Research Center Web site is registered there as well. We're not sure what a "business opportunity business" is, but we don't mean anything derogatory -- heck, Taco Bell is a franchise business!

We did call the gift shop on Ellis Island, and they do indeed sell Historical Research Center products via a computer in the store, in much the same way T-shirts are sold there.

Haven't got our scroll yet, but when we do, we'll give you a call and post more.

Posted by Beau Brendler at 03:40 PM | Permalink | Comments (2)

If you've been following this blog for the past few days, you'll know we've had our hands full with some particularly virulent malware, thanks to a site called ScamSearch.com. We posted an update yesterday, pasting a mind-blowing and PC-frying assortment of malware that infected one of our machines.

So we weren't surprised at all to come across an article in SC Magazine warning of a "malware avalanche."

According to the article, "Security firm Fortinet's April 2009 Threatscape Report identified more incidents of new and known malware infections than ever before. Fortinet said that certain countries and areas are being specifically targeted, and that China had seen the worst attacks. The report also identified online gaming sites as the most common vehicles for infection."

Read the article and make sure all your security software is activated and up-to-date.

Posted by Jorgen Wouters at 02:57 PM | Permalink | Comments (0)

After recent escapades with ScamSearch.com and other likely suspects, here's what I've just cleaned off my home machine -- pasted on the next page. More than 213 infected files and still counting. This is with Avast! enabled, firewall enabled. How's this stuff getting through? Is my machine compromised? We're supposed to be experts in this stuff, and we don't have answers. I turned off Avast! to download the Kaspersky virus removal tool, which has been running now for a couple of hours. I hope this will be able to clean this garbage out of my machine so I don't have to do a reinstall.

detected: virus Email-Worm.Win32.Bagle.bo Email message attachment: Main Identity\Local Folders\Inbox\[From:"Bell" ][Subject: ][Time:2005/05/31 11:30:52]/5.zip/19_04_2005.exe
detected: virus Email-Worm.Win32.Bagle.bo Email message body: Main Identity\Local Folders\Inbox\[From:][Subject:Returned Mail: Error During Delivery][Time:2005/05/31 11:30:58]/text/plain//[From "Beaubrendler" ][Date 31 May 2005 10:30:23]/3.zip/19_04_2005.exe
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:Caution: Hot deals on board! Spring Clearance Blowout starts now!][Time:2007/03/23 18:08:53]/text/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:Spring Clearance Blowout and $2.50 shipping through Sunday!][Time:2007/03/31 04:42:54]/text/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:Exclusive 30% off ends soon, shop now!][Time:2007/04/05 16:38:58]/text/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:Exclusive 30% off ends soon, shop now!][Time:2007/04/07 05:22:22]/text/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:It's not too late, yet. 30% off ends at Midnight!][Time:2007/04/08 17:45:10]/text/html
detected: Trojan program Trojan-Spy.HTML.Fraud.gen (modification) Email message body: Main Identity\Local Folders\Inbox\[From:"Sierra Trading Post" ][Subject:Hurry, 2,500+ items have been reduced by 20%!][Time:2007/04/19 01:03:34]/text/html
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl v8.5 tbyb english.zip/ulead photoimpact xl v8.5 tbyb english.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl v8.5 trial english patch by bidjan.zip/ulead photoimpact xl v8.5 trial english patch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl v8.5 trial french patch by bidjan.zip/ulead photoimpact xl v8.5 trial french patch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl v8.5 trial german.zip/ulead photoimpact xl v8.5 trial german.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl v8.5 trial.zip/ulead photoimpact xl v8.5 trial.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead photoimpact xl.zip/ulead photoimpact xl.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead pocket dv show 1.0 crack.zip/ulead pocket dv show 1.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead smart saver 3.0.zip/ulead smart saver 3.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead smart saver pro v3.0 crack by tnt.zip/ulead smart saver pro v3.0 crack by tnt.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead smart saver pro v3.0.zip/ulead smart saver pro v3.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead smart saver v3.0.zip/ulead smart saver v3.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead smartsaver v3.0 by ivanopulo.zip/ulead smartsaver v3.0 by ivanopulo.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead type plugin v1.0 crack.zip/ulead type plugin v1.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead v2.0 serial number.zip/ulead v2.0 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead v2.0.zip/ulead v2.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video capture v6.0 ve.zip/ulead video capture v6.0 ve.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video editor v6.0 ve.zip/ulead video editor v6.0 ve.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio 7 french.zip/ulead video studio 7 french.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio 7 trial patch by gothic.zip/ulead video studio 7 trial patch by gothic.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio 7se dvd serial number.zip/ulead video studio 7se dvd serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio 8 serial number.zip/ulead video studio 8 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio se v1.0 serial number.zip/ulead video studio se v1.0 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio v8.0 serial number.zip/ulead video studio v8.0 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio v8.00.1300 trial english patch by bidjan.zip/ulead video studio v8.00.1300 trial english patch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio v8.00.1300 trial french patch by bidjan.zip/ulead video studio v8.00.1300 trial french patch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead video studio v8.00.1300 trial french.zip/ulead video studio v8.00.1300 trial french.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio 3.0.zip/ulead videostudio 3.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio 7.00.1400 english.zip/ulead videostudio 7.00.1400 english.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio 8 patch by bidjan.zip/ulead videostudio 8 patch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio 9.0 crack.zip/ulead videostudio 9.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio serial number.zip/ulead videostudio serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v7.0.zip/ulead videostudio v7.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v7.00.1300 french by bidjan.zip/ulead videostudio v7.00.1300 french by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v7.00.1400 by tsz.zip/ulead videostudio v7.00.1400 by tsz.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v7.x deutsch by bidjan.zip/ulead videostudio v7.x deutsch by bidjan.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v7.x deutsch.zip/ulead videostudio v7.x deutsch.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v8.0 retail serial number.zip/ulead videostudio v8.0 retail serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v8.00.100 german.zip/ulead videostudio v8.00.100 german.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\ulead videostudio v8.00.100 tbyb french.zip/ulead videostudio v8.00.100 tbyb french.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Beau\Application Data\m\shared\uleadphoto impact 7.zip/uleadphoto impact 7.exe
detected: Trojan program Trojan-Downloader.Win32.Stubby.a File: C:\Documents and Settings\Beau\Local Settings\Temp\Belt.cab/Belt.exe
detected: adware not-a-virus:AdWare.Win32.BiSpy.b File: C:\Documents and Settings\Beau\Local Settings\Temp\biH.cab/bi.dll
detected: adware not-a-virus:AdWare.Win32.BiSpy.a File: C:\Documents and Settings\Beau\Local Settings\Temp\biH.cab/biprep.exe
detected: Trojan program Trojan.Win32.Delf.mjs File: C:\Documents and Settings\Beau\Local Settings\Temp\Real\realpatch.EXE
detected: Trojan program Trojan.Win32.Delf.mjs File: C:\Documents and Settings\Default User\Local Settings\Temp\Real\realpatch.EXE
detected: Trojan program Trojan.Win32.Delf.mjs File: C:\Documents and Settings\Owner\Local Settings\Temp\Real\realpatch.EXE
detected: virus Email-Worm.Win32.Bagle.gl File: C:\Documents and Settings\Priscilla\Application Data\hidn\m_hook.sys
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scoop script 2004 new serial number.zip/scoop script 2004 new serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scoop script 2004 new.zip/scoop script 2004 new.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scoop script 2004 serial number.zip/scoop script 2004 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scopeware vision professional v2.2.0.538.zip/scopeware vision professional v2.2.0.538.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scorch an island 1.11 crack.zip/scorch an island 1.11 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scorch an island screensaver 1 crack.zip/scorch an island screensaver 1 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\score writer v1.0 serial number.zip/score writer v1.0 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\score writer v1.0.zip/score writer v1.0.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scorereadmidi 1.0 crack.zip/scorereadmidi 1.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scorpion vsti dxi v4.2 for mac osx serial by paradox.zip/scorpion vsti dxi v4.2 for mac osx serial by paradox.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scorpion vsti dxi v4.2 for mac osx.zip/scorpion vsti dxi v4.2 for mac osx.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scott professional photo studio v2.1 serial number.zip/scott professional photo studio v2.1 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scotty ftp for win-ce serial number.zip/scotty ftp for win-ce serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scotty ftp for win-ce.zip/scotty ftp for win-ce.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble 1.0.48 crack.zip/scrabble 1.0.48 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble blast 1.0 crack.zip/scrabble blast 1.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble blast crack.zip/scrabble blast crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble complete 1.0 crack.zip/scrabble complete 1.0 crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble crossword game v1.12 for palmos.zip/scrabble crossword game v1.12 for palmos.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble duplitop v4.0 fr keygen by petzi.zip/scrabble duplitop v4.0 fr keygen by petzi.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble duplitop v4.0 fr.zip/scrabble duplitop v4.0 fr.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble for palm os v1.11 serial number.zip/scrabble for palm os v1.11 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble for palm os v1.11.zip/scrabble for palm os v1.11.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble rack attack v1.0.35 crack by fff.zip/scrabble rack attack v1.0.35 crack by fff.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble solution v2.01 keygen by again.zip/scrabble solution v2.01 keygen by again.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrabble v1.0.48 from gamehouse crack by peru cracks.zip/scrabble v1.0.48 from gamehouse crack by peru cracks.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrambled card invoiceit v4.209 by haze.zip/scrambled card invoiceit v4.209 by haze.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrambled card invoiceit v4.209 serial number.zip/scrambled card invoiceit v4.209 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrambled card invoiceit v4.209.zip/scrambled card invoiceit v4.209.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrap pad v3.6.zip/scrap pad v3.6.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrap v2.5 serial number.zip/scrap v2.5 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrap v2.5.zip/scrap v2.5.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook 1.11b crack.zip/scrapbook 1.11b crack.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v1.41 by revenge serial number.zip/scrapbook management software v1.41 by revenge serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v1.43 serial number.zip/scrapbook management software v1.43 serial number.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v2.31 by orion.zip/scrapbook management software v2.31 by orion.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v2.41 keygen by ucf.zip/scrapbook management software v2.41 keygen by ucf.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v2.41.zip/scrapbook management software v2.41.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v2.43.zip/scrapbook management software v2.43.exe
detected: virus Email-Worm.Win32.Bagle.gh File: C:\Documents and Settings\Priscilla\Application Data\m\shared\scrapbook management software v2.44 keygen by nitrous.zip/scrapbook management software v2.44 keygen by nitrous.exe
detected: Trojan program Trojan-Dropper.Win32.Agent.akf File: C:\Documents and Settings\Priscilla\Application Data\m\shared\star trek voyager : ef v1.2.zip/star trek voyager : ef v1.2.exe
detected: Trojan program Packed.Win32.Bagle File: C:\Documents and Settings\Priscilla\Application Data\m\shared\swat 3 : close quarters battle deutsch by dbc.zip/swat 3 : close quarters battle deutsch by dbc.exe
detected: Trojan program Trojan.Win32.Delf.mjs File: C:\Documents and Settings\Priscilla\Local Settings\Temp\Real\realpatch.EXE
detected: Trojan program Trojan.Win32.Delf.mjs File: C:\Documents and Settings\Third\Local Settings\Temp\Real\realpatch.EXE

Posted by Beau Brendler at 05:07 PM | Permalink | Comments (0)

While searching for the domain behind ScamSearch.com, we happened upon an extremely useful site, Malware Domain List, which, as its name implies, is a list of malware-laden domain names.

When we located the domain responsible for all the malware to hit our machines, we couldn't help noticing a slew of malicious sites masquerading as official U.S. government domain names, such as "ustreasury.federalbanksystem.net," "ustreasury.federalbanks.us," "usbanks.esecure-federal.us," and so on.

All of them have one thing in common: they contain an especially difficult-to-detect piece of crimeware called LuckySploit, an exploit toolkit that infects unsuspecting visitors to a site via drive-by-download, installing malware that allows cybercriminals to access personal information by keystroke logging.

Sir Paul McCartney's site was recently hacked to infect visitors with LuckySploit. ScanSafe, the security firm that detected and neutralized the program, described LuckySploit as "the most advanced and sophisticated version of crimeware toolkits."

So to make sure you don't fall victim to to these identity thieves, below is a list of fake U.S. government domain names to avoid at all costs. The sites are registered to cybercriminals from an improbable assortment of cities, including Austin, Erfurt, Valencia and Krasnogorsk.

Besides trying to fool people with official-sounding domains that infect visitors with LuckySploit, some of these registrants appear to share same Internet access providers (which we've highlighted below), suggesting some level of collusion. And at least one of them (if not all) is using a fake address as well:

ustreasury.federalbanksystem.net
According to WHOIS, this domain is registered to:
Natalya Namestnikova
ulica 50 let Oktyabrya, 12-50
Krasnogorsk
Moskovskaya obl. 143400
Russia
7 495 9378720
namestnikova@bronzemail.net

ustreasury.federalbanks.us
According to WHOIS, this domain is registered to:
Anthony Dennis
4100 Red River
Austin, Texas
78751
United States
1.5124517048
ant.dennis@namebanana.net

usbanks.esecure-federal.us
According to WHOIS, this site is registered to:
Eleodora Quintanilla
Placa Major de la Vila 62
Benaguasil, Valencia
46180
Spain
34.962738614
e.quintanilla@interlayer.net

federalreserve-online.com
According to WHOIS, this domain is also registered to:
Natalya Namestnikova
ulica 50 let Oktyabrya, 12-50
Krasnogorsk
Moskovskaya obl. 143400
Russia
7 495 9378720
namestnikova@bronzemail.net

federalreserve-online.us
According to WHOIS, this site is registered to:
Laura Weaver
945 North Montana Street (The address of La Cense Beef, i.e. a false address)
Dillon, Montana
59725
United States
1.8662554958
federalreserve@bronzemail.net

ustreasury.federalbanks.us
According to WHOIS, this domain is also registered to:
Anthony Dennis
4100 Red River
Austin, Texas
78751
United States
1.5124517048
ant.dennis@namebanana.net

ustreasury.federalbanksystem.us
According to WHOIS, this domain is registered to:
Marcel Frankfurter
Gotthardstrasse 79
Erfurt 99045
Germany
49.0361784633
marcelf@liveinternet.at

federalreserve-direct.com
According to WHOIS, this site is registered to:
Sergei V Popov
Ulyanovskiy prospekt, 2-87
Ulyanovsk
Ulyanovskaya obl. 432072
Russia
7 8422 442591
popov@namebanana.net

Posted by Jorgen Wouters at 04:24 PM | Permalink | Comments (0)

At the suggestion of a BadwareBusters community member, we posted a new topic on the Avast! board on ScamSearch.com here. WebWatch has been suggesting Avast!'s free AV program for home use, and the Avast! forum says it's got more than 60,000 members, so let's see if we can find out how ScamSearch's badware missile got through its defenses.

Posted by Beau Brendler at 01:26 PM | Permalink | Comments (0)

A group of hackers stole millions of medical records from Virginia's prescription drug database, then asked for $10 million in ransom. It's the crime of the future! Or maybe the present. Thanks, ITAC Blog.

Posted by Beau Brendler at 01:09 PM | Permalink | Comments (0)

After some interesting exchanges on BadwareBusters.org, we posted a malware report to Google here, using the form. We encourage you to do the same when similar things happen to you. We'll also post to the Avast! forums later today and talk about the results. Also posted a tweet on Twitter. I just loaded the site again by accident and the drive-by downloads seem to be gone, but I still would not remotely trust this site. Too bad because it's a good idea in theory.

Posted by Beau Brendler at 10:16 AM | Permalink | Comments (0)

Echoing the previous post: Don't go to that site! Here's a partial list of some of the malware the site pipelined into my laptop -- I've been trying to fix it since 10 a.m. this morning and it's now about 4 p.m. I had Avast! turned on and my firewall turned off, by the way:
Win32:Agent-LV2[Rtk]
hupigon13, a Chinese virus that attacked Korea a few years ago;
nurech;
Win32Delf,
and more. Site should be taken down; we're going to work on that. I had to run Spybot twice, download something called SDFix that I had to run from Windows safe mode, download and run AVG's free anti-rootkit software, and reboot about 20 times (after several freeze-ups that caused me to unplug my power cord and remove my battery...)

Posted by Beau Brendler at 03:41 PM | Permalink | Comments (0)

It's downright treacherous in cyberspace for the average consumer trying to avoid getting scammed—especially given the enormous number of sites masquerading as legitimate, but actually designed to steer you wrong. We run into these sites all the time, be they fake government grant review sites, or bogus acai berry review sites.

But while these sites are relatively harmless (provided you don't fall for their transparent BS and actually agree to buy anything from them), we just encountered a far more malicious variant that infected our machines with several types of malware.

The site is called ScamSearch.com, and whatever you do, DO NOT VISIT THIS SITE! We made the mistake of trying to check it out yesterday and the malware-spewing site took control of our PCs, which went into immediate meltdown.

The site pops up as the top result when you Google "scam + site," certainly looked promising, claiming to "Instantly search multiple consumer sites like ripoffreport, complaintsboard, scam.com and many more!"

Although we were able to grab an image of the site via Google cache, that's as close as we ever want to get to ScamSearch.com again. At first, we thought it might be a legitimate site that had been hijacked, but when a WHOIS search revealed a blind-registered domain (a classic tactic by scammers wishing to hide their identity), we thought otherwise.

As one of our machines was melting down, we noticed the following url (to which the badware was trying to redirect our PC) in the status bar: hugetopnano.cn. And a quick search revealed its presence on Malware Domain List. The domain is registered to one Raymond Best (location unknown), raymond@cybernauttech.com. According to the banner at the top of the Malware Domain List: "WARNING: All domains on this website should be considered dangerous."

Look for a follow-up post for details on the malware we got hit with. And once again, stay away from Scam Search.com!

Posted by Jorgen Wouters at 11:42 AM | Permalink | Comments (0)

While investigating a fraudulent site last week, we came across SCAMwatch, an excellent site created by the Australian government to protect consumers down under from fraud.

Like the Federal Trade Commission's OnGuard Online, SCAMwatch was designed to consumers and small businesspeople recognize, report and protect themselves from scams, although for our money, it's more consumer-friendly.

The site features sections on lottery scams, Nigerian 419 scams, identity theft, investment scams, small business scams and all manner of Internet scams. One page, Scams Target You, features four compelling stories of actual victims who lost money, their identities, life savings and even their homes.

SCAMwatch is owned and maintained by the Australian Competition and Consumer Commission and also serves as the campaign portal for the Australasian Consumer Fraud Taskforce. So why should you care about an Australian site? Because national borders are meaningless to online scam artists, who operate everywhere and target everyone. Visit SCAMwatch.

Posted by Jorgen Wouters at 10:03 AM | Permalink | Comments (0)

Here's a nice little blog by an engineer in Denmark on the subject of Web sites selling pirated copies of TV series. He's got a list that mentions Planet DVD Store.

Posted by Beau Brendler at 03:09 PM | Permalink | Comments (0)

Read this even though it's a year old.

Posted by Beau Brendler at 03:02 PM | Permalink | Comments (0)

Uncovering online fraud is our bread and butter, but we ran across an article in Information Week that forced us to admit that sometimes, a little fraud may be a small price to pay to preserve, well, priceless antiquities.

The Information Week article first came to our attention for citing a WebWatch report on online auction fraud we published last December. But what really piqued our interest were the comments of UCLA anthropologist Charles Stanish, who says his fears of eBay promoting the looting and selling of ancient artifacts online hadn't been realized. Instead, he explains, scam artists have realized it's far more profitable to hawk knock-offs on eBay than the real thing. Read the article.

Posted by Jorgen Wouters at 02:19 PM | Permalink | Comments (0)

If you're a fan of Hill Street Blues, a groundbreaking 80s crime drama that ran seven seasons on NBC-TV in the United States, you probably know the series copyright holder, 20th Century Fox, has no plans to release seasons 3-7 on DVD. (Even Hulu.com only has seasons 1-3.) We know no way, short of catching reruns on some obscure cable channel, to see any Hill Streets after season 3. That is, until PlanetDVD came to our rescue! We found a sponsored link ad for their store on IMDB's Hill Street Blues index page. PlanetDVD advertises a "brand new box set" for $129.99, all seven seasons complete. So we decided to do a little mystery shopping.

To our surprise, given PlanetDVD's online reputation and red flags such as no address or phone number on the site, a blind registration, a look and name-sound similar to legitimate online store DVD Planet, and a cut-and-paste job from Wikipedia, they actually sent us something resembling a "box set." Sort of.

First, the box arrived with no return address or contact information, except the number from an apartment block in Qingdao, China. The packing slip listed in the customs declaration box the contents were a "gift accessory" worth $15.The "box set" had a suspiciously homemade look to it, with three plastic videocassette boxes stuffed full of hand-numbered discs, each bearing a simliar "Hill Street Blues" logo to the official seasons one and two releases by Fox. The video boxes were lined with hand-photocopied paper.

Predictably, seasons one and two were ripped directly from the official Fox release, with relatively good quality. Not so great for seasons 3-7, however. Source material was recorded from Britain's Channel 4 on-demand service, its intro logo appearing at the beginning of each episode. At least three of the 24 season 3 and 4 discs are unwatchable, either due to heavy signal dropout, intensive skipping, or just failing to play. Those that did play featured picture quality comparable perhaps to a VHS tape, not a DVD.

We tried complaining via PlanetDVD's customer service e-mail, but received no reply.
So: Don't buy DVDs from this online store. You're probably going to get poor quality, pirated DVDs.

We'll be posting more here about other possibly shady online DVD shops selling those hard-to-find TV shows and movies.

Posted by Beau Brendler at 01:55 PM | Permalink | Comments (1)

A reader recently forwarded us this e-mail:

Priscilla,

John Franklin
Vice President, Research Division
The Global Directory of Who's Who
4250 Veterans Highway, Suite 2050
Holbrook, NY 11741, USA
Phone: (631) 588-8600

This isn't the first time we've looked at one of these vanity spam offers, and we're sure it won't be our last. Thankfully, it took us about 10 seconds to suss this one out.

Although The Global Directory of Who's Who site looks legitimate enough, the lack of a privacy policy troubled us. Far more more troubling was a Better Business Bureau Reliability Report, which gives the Global Directory of Who's Who an Unsatisfactory Rating.

We also found some illuminating comments on the Ripoff Report:

The Global Directory Of Who's Who Sketchy Sales Tactics. Don't buy from them, you pay more and get more then they tell you
I too should have followed my gut when these over aggressive people kept calling me and calling me. I mean I ignored their calls for 3 weeks until I finally couldn't take it any more. Unfortunately I agreed to purchase the 5 year membership with Wall Plaque (Which looks like it was made by High School Shop Class). Finally I got my stuff and then they called me because they couldn't charge my card an additional 150 dollars for a book I was told was including in the membership. When I told them I have already paid my membership and that the book was promised to me, they told me I am only partially paid. I told them that this is BS and that that was only mentioned AFTER they had received my payment info.

Saleensolutions
Woodbine, Iowa
U.S.A.

The Global Directory Of Who's Who Dishonest sales practice and Charging of products not ordered ripoff
Ms. Mary Michaels, a sales representative from The Global Directory of Who's Who, contacted me on 05/21/07 to sell me a 5-year or lifetime membership in The Global Directory of Who's Who. I agree to buy the membership since I was led by Ms. Michaels to believe that the membership included the directory book. Only after I gave her my information, she informed me that an additional $199.00 was going to be charged to my credit card account for the directory book.

Andres
La Grange Park, Illinois
U.S.A.

The Global Directory Of Who's Who Questionable Sales and Billing Practices

When signing up for the Global Directory of Who's Who, I expressly told the sales representative, Diane Webster, that I would access all member data online and that I DID NOT want to pay $199 plus shipping & handling for their hard-bound book.

David
Atlanta, Georgia
U.S.A.

Posted by Jorgen Wouters at 04:11 PM | Permalink | Comments (5)

Yesterday, we told you about Grant Instructor LLC, another government grant scammer, whose sites' 641 complaints resulted in a failing grade from the Better Business Bureau.

The BBB Reliability Report also published a lengthy list of Grant Instructor LLC's alternate business names, so do yourself a favor and stay away from these too:

2008 Grant Instructor
American Grant Club
American Grant Club
Best Grant For You
Breakshaw
Business Resource
Every Day Grant 2008
Get My Grant
Government Funded Grants
Grant Access Club
Grant Danger
Grant Dollars
Grant For Me
Grant For You Today
Grant Research Guide
Grant Resource Center
Grantdollarstoday
Grants Are Easy
GRC
Learn, Sell, Profit
Mycalendarwizard.com
Mygrantdollars.com
New Grants
Paymetolist.com
SBA Connections
Secure Grant Now
The Grant Secret Club
The US Grant Club
USA Best Grant
Your American Grant
Your USA Grantalternate

Posted by Jorgen Wouters at 10:49 AM | Permalink | Comments (2)

Time for a look at another bogus government grant site, and as we'll repeat each time we write about these scam sites, there's only one site for federal grants, and it's www.grants.gov. Although the FTC has been warning consumers about these scams since 2006, they've been proliferating like cockroaches after passage of President Obama's stimulus package, with scammers trying to lure financially desperate consumers with promises of easy money free for the asking.

Last week, we took a look at GovenmentGrantsOnline.us, a site that purports to review these sites, and dissected its top-rated site, GrantLine Professional. As we pointed out last week, GrantLinePro.com turned out to be a particularly egregious site, thanks to its blind-registered domain, some scathing reviews on Ripoff Report, and a failing grade from the Better Business Bureau. And this was GovenmentGrantsOnline.us' five-star "top choice."

Today, we look at Free Grant Money, which, according to GovenmentGrantsOnline.us, rates 4.5 stars, ranking just behind the stellar GrantLinePro.com. Hmmm.

Unfortunately, we can't refer to the site by its domain name, which is quite a mouthful: https://ssl.encryptedprocessing.com/~grantchecknow.com/index.php?refer=cc2&pubid=&subid=35749. We looked up grantchecknow.com (which redirects to the above URL) on WHOIS, and to no surprise, found it to be blind-registered. There's also no name in the browser bar, beyond "Mozilla Firefox," which hardly inspires confidence.

But unusually for sites like this, there's actually a privacy policy, as well as contact information, although neither of them make any mention of the company's name. Also, the contact us page list two addresses, one in Las Vegas, and one in Danehill, East Sussex, of all places.

Filling out the form for our Grant CD with took us to an order page, where we were given the option of Instant Access ($1.95) having the CD mailed to us. ($2.95 S+H). There was also this fine print:

By submitting this form I am ordering the Grant Resource Information and trial membership. After the seven day trail I will be charged sixty eight dollars and thirteen cents a month thereafter if i [sic] don’t not cancel. I have read and agree to the Privacy Policy and Terms and Conditions. Cancel any time by calling 1-800-235-1364 or 1-888-276-8105.

Pretty poor English for a site based at least partially in the UK. And $68.13 is certainly a novel amount. But we still wanted to know just who we're doing business with, and we found the answer on the terms & conditions page. Although it wasn’t easy to spot, and only mentioned twice, we now had a name: Grant Instructor LLC.

First stop, Ripoff Report, which boasted no less than 25 complaints from angry consumers, with headlines such as:

Grant Instructor LLC HUGE RIP OFF! THIEVES!
What a rip off by a bunch of THIEVES!.. They say it's only $1.95 for their limited info. What they don't tell you is that if you don't cancel within 7 Days they'll charge you $49.50 a month thereafter! I thought I was lucky enough to have seen comments on this company from other people before my 7 days was up. I called to cancel and they assured me I wouldn't be charged. When it was finalized in their system I would get an e-mail stating so. They said it could take several days but I called in time so there was no problem. WRONG!!!!!!!!!!!! I just saw my credit card statement and wondered why I was over my limit. Now I know why. They still charged my card the $49.50 and now I also have a $39.00 charge for going over my credit limit!
Jamie
Phoenix, Arizona
U.S.A.

Grant Instructor LLC An erroneous charge of 49.50 & no one to answer phone calls. How convenient
I was looking online for grant writing information and the Grant Instructor LLC offered a one sheet page of information for $1.00. I received my credit card bill yesterday only to discover I was charged $1.09 AND $49.50 which was unbeknownst to me. I have tried calling them several times at 888-276-8105 and if you choose option 3 to cancel you are told to go online yet there isn't one single place to cancel online. I have called many times over choosing the other two options available and you end up with a recording that eventually disconnects the call.
Tubbs2987
Saint Albans, West Virginia
U.S.A.

-Grant Instructor LLC Bait-and-Switch
Grant Instructor LLC is using Bait and Switch to defraud persons thinking they had ordered a $2.95 CD. The CD was to help find grants and monies to start new business. When you purchased the CD, automatically you are enrolled in a so-called monthly magazine at $49.50 per month! I was shocked to find the expense on my bank statement.
Grace
Glen Rose, Texas
U.S.A.

With so many complaints we figured the Better Business Bureau would probably have something to say, and we weren't disappointed. The BBB gives Grant Instructor LLC a failing grade, which may have something to do with the 641 complaints filed against the company in the past 36 months, which include:

* 623 - Unauthorized credit card charges
* 9 - Unauthorized bank debits
* 1 - Failure to provide itemized billing as requested
* 2 - Refund or Exchange Issues
* 1 - Product Issues
* 1 - General Product Quality Complaint Issues
* 4 - Customer Service Issues
* 4 - Inappropriate behavior by customer service personnel

Enough said.

Posted by Jorgen Wouters at 05:11 PM | Permalink | Comments (0)

I went ahead and bought the $7 "free" scroll from MyFreeScroll.com, the Web site of the Historical Research Center and its founder Michael Walshe, who claims on one of his sites to be the creator of the Ginsu knife ("In Japan, the hand is quicker than the blade, but it doesn't work on a tomato..."). The "free" scroll offer that costs $7 will put you through about five pages of sales pitches on the Web site, seeking desperately to upgrade you to plaques, histories of coats of arms and whatnot, and shipping upgrades before it will let you finish the transaction. It's one of the more aggressive sales sites we've seen, and concludes with a pitch to join a buyer's club for $16.95 a month, a Web classic that's made a lot of people rich and others really, really mad.
The Historical Research Center is a franchise business, and about 5,000 British pounds ($7,500 or so in today's economy) can start you up with your own branch.

We'll look forward to our scroll. In the meantime we'll be evaluating the Historical Research Center's claim that they're on the ground at the immigration center at Ellis Island. (The Statue of Liberty-Ellis Island Foundation Inc.'s Web site lets you do free searches yourself).

Posted by Beau Brendler at 02:37 PM | Permalink | Comments (1)

Take a look at MyFreeScroll.com, a Web site and TV commercial offering research on family history. The way it works: You give them your name, and they send you information on your family history, printed in mock medieval style on a scroll. We're going to actually purchase one of these, but for the moment, what we want to call your attention to is this: MyFreeScroll.com, like FreeCreditReport.com, is not free.

You will be charged $7 in "shipping and handling," which, when you think about it, is a lot of money to have a computer printout mailed to you. MyFreeScroll.com doesn't hide this fact on its Web site or TV ad, but we're wondering, what exactly is free? We'll be writing more about MyFreeScroll.com shortly. Tell us if you've made a purchase from them, and if you are satisfied.

We're going to be publishing more here over the next couple of days on family history scams (if you're interested in this topic, get started here).

Posted by Beau Brendler at 11:54 AM | Permalink | Comments (1)

We're big football fans (the kind played by the rest of the world), and while reading up (at home, of course) on tonight's Champion's League semi-final clash between Barcelona and Chelsea, we happened upon a page from Rupert Murdoch's Sky Sports site we just had to share.

At the bottom of an previewing the match, we noticed a link inviting readers to bet on the outcome. Although we prefer to watch football matches rather than gamble on them, we couldn't resist clicking for fun, and were overwhelmed by the sheer number of variables available for wagering—a full 16 screens worth.

But what really caught our eye was a discreet link in the upper right-hand corner of the page preceded by a red exclamation mark:"Boss?! Look Busy!!" The resulting page is nothing short of ingenious. Experience it for yourself.

Say what you want about Murdoch, he knows how to give the people what they want.

Posted by Jorgen Wouters at 10:21 AM | Permalink | Comments (0)

Time for a follow-up on our favorite Internet watchdog, the WebTradeBureau.com.

As we blogged about last week, the WebTradeBureau caught our attention for a number of reasons, including:
-Its lack of contact or ownership information
-finding its "seal of approval" on a badware-spewing work-at-home site
-hosting a picture of its "senior commissioner" on a site deemed unsafe by McAfree Site Adviser
-hawking a $29 streaming video on "how to own a truly free house"

As promised, we sent the WebTradeBureau two e-mails in response to an open invitation by Gary Sullivan, the WTB's "Senior Commissioner."

The first was a request for the WTB to review Consumer Reports WebWatch and see if it met the WTB's high standards—making it eligible to proudly display its impressive seal of approval. Secondly, since Commission Sullivan asks readers to alert the WTB to sites displaying non-clickable seals of approval, we forwarded them the badware-laden site.

Unfortunately, we received the following response to our second e-mail: "failed delivery." Oh dear. Things aren't looking good for our seal of approval, are they?

In the meantime we looked up www.webtradebureau.com via WHOIS and learned the site is registered to:
Susan Phillips
PO Box 61359
Sunnyvale
94088
CA
(510) 595-2002

We'd call her, but it seems that number is notorious for being associated with scams.

Posted by Jorgen Wouters at 02:44 PM | Permalink | Comments (2)

Florida's attorney general put up this Web site in mid-April to educate consumers on mortgage fraud. These companies are listed:
* FMA Servicing, Inc.
* Lincoln Lending, LLC
* Wineberg, Lopez & Rodriguez
* Mortgage Crisis Solutions Association, LLC
* National Foreclosure Counseling Services Corp.
* Keep Your Property, Inc.

Posted by Beau Brendler at 02:26 PM | Permalink | Comments (0)

The Better Business Bureau is warning consumers to beware of fraudulent e-mails and Web sites trying to take advantage of the current swine flu outbreak.

“Scammers read newspapers, watch TV and surf the Internet and they know that by using a hook from the day’s top headlines, that they’ll be able to catch lots of fish,” said Steve Cox, BBB spokesperson. “Right now, issues associated with swine flu and a potential pandemic are of global interest and that means scammers have a very large pond to go phishing in.”

According to the online security company F-Secure Corp., one Web site is already selling a “Swine Flu Survival Guide” PDF for $19.95.

For more information and tips on avoiding swine flu spam, read the BBB alert.

Posted by Jorgen Wouters at 02:07 PM | Permalink | Comments (0)

We recently received a couple of comments about the same post.

Why are you linking to them? This is giving them Google ranking power.
Jonathan

You better disable that hyperlink or put rel='nofollow' tags on the link to their site. You're giving them Google backlink juice by linking to them.
Eugene

The reason we link to sites like Cash N Minutes.com is to let consumers see what we're talking about. And hopefully, once they've seen enough of these scam sites, they'll learn to recognize them in an instant--before it's too late.

That said, we're certainly not interested in helping any of these sites rise in any search engine's rankings, so we appreciate the feedback from Jonathan and Eugene. Henceforth, we'll make sure to add "nofollow" tags to all dubious sites we blog about. We've already added "'nofollow" tags to the post in question, and will do the same for all our previous posts as well.

You can learn more about "nofollow" tags here and here.

Posted by Jorgen Wouters at 01:11 PM | Permalink | Comments (0)

Although we get scads of spam, we've noticed an uptick of spammers replying to our exposés of sham sites with links to other dubious sites. Here's a case in point, which someone tried to post to our blog yesterday:

going for the grant kits is the way to go when choosing a grant
gautney@gmail.com
http://www.governmentgrantsonline.us

The comment was a response to a post we did on grantwritingexpress.com, one of the many fake government grant sites proliferating like mushrooms as con artists try to take advantage of desperate consumers. As we noted in a recent post, there's only one site for federal grants, and it's www.grants.gov. The FTC has been warning consumers about these scams since 2006, but they've gained a new lease on life with President Obama's stimulus package.

That said, let's take a look at www.governmentgrantsonline.us, which gautney@gmail.com was good enough to share with us. There's a complete lack of contact information and a privacy policy, always bad signs. But thanks to WHOIS, we learned the site is registered to Thomas Gautney, 1877 SE Main, Roseburg, Oregon 97470 (541-530-1188).

The homepage features your standard "free grant" pitch: "The Government is giving away Billions of Grant money to U.S. Citizens for FREE! It's true, you dont [sic] have to pay the Grants back. All you have to do is apply for the type of Government Grant that fits your needs, and wait for the check from the Government."

The homepage also includes the above photo, purportedly one Jennifer Dahl, PhD - CEO of GovenmentGrantsOnline.us. Funny, there's no mention of her on WHOIS. Also, the ALT text refers to her as "business-woman12," which certainly has a very stock-photo ring to it.

Of course, there's also the obligatory "As seen on TV" banner with the logos of major news organizations for that extra bit of legitimacy. Most site using this ploy leave these logos unlinked for obvious reasons. But the entire banner is linked, and clicking it takes you to this site: GrantLine Professional.

If you scroll down the page, the site promotes three different grant sites, the first of which is GrantLine Professional. (We'll look at the others in subsequent posts). We felt like we'd seen this site before, and in a sense we had, since it bears a resemblance to grantwritingexpress.com, the subject of the post Thomas commented on—and the recipient of a failing grade from the Better Business Bureau.

Like Grant Writing Express, GrantLine Professional asks that you fill out a form to "find out if you qualify for free government cash today." We filled it out with nonsense, clicked and landed on a page similar to one we encountered on Grant Writing Express, where we learn that our "free CD" will cost us $1.97 for priority shipping.

And again, as with Grant Writing Express, the devil is in the details in the form of some very fine print below the "Ship My Kit!" button (emphasis added):

"Terms & Conditions: By clicking "Send My Grant CD", I am ordering the GrantLinePro Bonus CD and trial membership to GrantLinePro membership site for $1.97 S&H, after the seven day trial, i will be charged only $59.95(and every thirty days thereafter) if I do not wish to cancel. To cancel GrantLinePro call 877-317-0193 8am-6pm MST. As an additional bonus, you are receiving 14 day free trial membership to Domain Processing. After the 14 day trial, unless you cancel, we will automatically bill the account you provided us today for a $14 monthly membership fee plus $5.95 monthly maintenance fee, and each month thereafter. You agree to the Terms and Conditions. You have the right to cancel any time by calling the toll-free number located there. You also agree to receive a 10 day FREE trial membership for Premier Plus, your personalized desktop with free e-mail and SMS sending. After the 10-day trial, unless you cancel, Premier Plus will charge your account $12.95, and each month thereafter. You have the right to cancel any time by calling the toll-free number located at premierplusmember.com. You agree to the Privacy Policy and Terms of Use."

Let's see if we got this straight. Once you order your "free" CD for $1.97, and assuming you ignore the fine print, you're agreeing to monthly, recurring credit card charges of $92.85! And even if you do read the fine print and agree to all three free trials, you may have trouble trying to cancel before the deadline. Most offers of this kind are notorious for providing numbers that either don't work or never pick up.

Although the BBB has no record of GovernmentGrantsOnline.us, it has plenty to say about GrantLine Professional (which was exactly what we encountered with grantwritingexpress.com, since there was no record of the "feeder" site that linked to it). For while the GrantLine Professional URL that GovernmentGrantsOnline.us links to (https://glpimi.orderlockbox.com/?file=index_trial.html&affiliateid=GLPIMI1&sub_affiliateid=23038) turned up zero on either WHOIS or the BBB, a search for "GrantLine Professional" on the BBB site struck pay dirt.

Turns out GrantLine Professional is based in Utah, and the main site can be found at www.grantlinepro.com. Running that URL through WHOIS turns up no information, since they're registered by proxy, a classic tactic by companies wishing to hide their identity. And what did the BBB have to say about GrantLine Professional? It gives it a failing grade, for the following reasons:

-BBB concerns with the industry in which this business operates.
-Number of complaints filed against business.
-Failure to respond to complaints filed against business.
-Number of complaints filed against business that were not resolved.
-BBB does not have sufficient information to determine how long this business has been operating.
-BBB does not have sufficient background information on this business.

The Ripoff Report also featured a couple of interesting entries about GrantLine Professional:

Grantline Pro unaturarized my debit card for 59.95
I was falsley assummed by this company to recieve grant information, then they charged my debit card for 59.95 when the site said only 1.97 for cd. never got anything cannot contactt them to get remibursed.

Willard
summit hill, Pennsylvania
U.S.A.

GrantLine Pro grant preditors just like all the rest. Plus they gave my e-mail to everyone but Santa
Grant Line Pro was one of many sites that came up after searching govt. grants. 'We will send you free Cd for Shipping only $1.97' Don't fall for it.

Chuck
carlisle, Pennsylvania
U.S.A.

Posted by Jorgen Wouters at 01:09 PM | Permalink | Comments (1)