Beware scamster site

I've been a long time reader of these forums and just wanted to post some general security information regarding a site called "privacy.li", which has been mentioned in Dr. Who's Security FAQ.

This is a scamming website who will gladly steal hundreds of dollars and then completely stop responding. What they do is request payment in cash by mail with no confirmation. They can request hundreds at a time for a service they will offer you. They tell you it may take weeks to arrive so send it all in at once. Then when you e-mail them asking what's going on, they say "be patient". Then a couple months later, they say it was lost.

No doubt, they deliver a service to some percentage of people, but you take the risk of being in the percentage whose mail was "lost". People who request a service from them are generally trying to be privacy minded, so they know you have little to no recourse. And because you sent it by cash in the mail, you have no proof. They make sure that you do not select the option of signature confirmation. But, even if you do have signature confirmation, they will still gladly lose your mail then stop responding.

Even if they do deliver some service to you, can you really trust these people? I wouldn't. If they will blatantly rip people off, how trustworthy can their proxy service be?

I have no ulterior motive in writing this. I am not a member of a competing privacy service, and I will not advertise any. I'm just writing to say beware of these people. I can't provide any proof nor will I reveal my identity. My only goal is to see these scam artists out of business, so they'll stop ripping people off. If you respond by saying they've provided good service to you, well congratulations. You won the flip of a coin.

I want to be 100% clear about how the scam works. This guy who goes by "adminus" or "john" apparently has some drop box in Canada. He requests cash (and cash only) be mailed to the drop box by regular or registered mail. Then apparently this money has numerous more legs on its journey before it reaches him. He has someone called Janet Hawkins sign for and receive all money in Canada. Then apparently she mails it out to him without taking inventory or informing him of what he's going to receive.

The scam works like this. Even if the money is received in Canada, which you can verify if you use registered mail, he can "lose" the money anywhere on the path for it to reach him. He apparently takes no inventory to make sure what was received in Canada or what is being sent to him. He has no idea of the content until it reaches him, so he has no way to verify what you actually sent. He apparently uses no delivery confirmation, package tracking, or insurance.

If you think these steps are taken as a security precaution, think again. All he's receiving and sending are anonymous cash. There's no security risk and it can't be traced. There's no reason for him not to use package tracking. And I'm sure he does safeguard the money very well once it's received in Canada. But when he e-mails you, he'll come across as an inept, bumbling fool who has no idea what happened to your money. Then he'll encourage you to try again.

You can verify that a package was received in Canada and signed for by Janet Hawkins. You, however, can't prove what was actually in the envelope. The postal service does not insure cash. And even if they did, the package can be verified received in Canada, so you couldn't collect from the postal service anyway. For an honest businessman, confirmation of receipt of the package would be enough to deliver services. Not with this guy. Apparently, any mistake made by his lackeys in delivering your funds to him is still your fault.

But he won't say any of this. It's just "money lost, out of luck, try again". Then he won't respond again.

I hope that's more clear. This story has repeated often enough that it's clear there's a pattern.

Beware

 

I created a new web site describing the experiences you can expect with privacy.li.

I hope it's informative. Please post any suggestions, as it is my first attempt at creating website content.

http://screwprivacy.li.freewebspace.com/

Beware

 

Are you saying you mailed cash only to this person?If so,mail me some!
Did you read their company profile statement,lol. http://www.privacy.li/

 

Beware,I know you are mad at this person/company and are trying to help others but your site comes across as sour grapes.You seem to have done this scam to yourself.Just my take on this.

 

I'm not really sure I understand what you're saying. It takes a scammer to pull off a scam. First of all, I'm sure this guy's making a lot of money off his site, thanks to him being listed in Dr. Who's Security FAQ.

If you were considering using his site and you read my warning (sour grapes or not), would you give him any money? Be honest.

My site is based off of a lot of other sites with a similar theme, including but not limited to http://www.****microsoft.com and http://www.paypalsucks.com . There is some precedent to what I'm doing.

Beware

 

I've also got a couple ideas to bring law enforcement into the game, especially concerning his Canada drop. I'm not just talking about fraud either. Consider the illegal money that probably flows through Canada. I'm sure they'd be happy to know about it. Some of the things they do may be legal where he lives, but probably not in Canada.

 

Beware,if you want me to spell it out for you I will.Your call.

 

Are we a bunch of babies here? If you had something to say, you should have said it in your first post. Go ahead.


I also want to say that if anyone thinks I'm full of hot air here about Privacy.li being a scam site, I've already e-mailed them and told them about my posts. They're free to respond. If you don't believe me, e-mail them yourselves and invite them to respond. Why would they let me come here and spread lies without offering some type of defense? Because what I'm saying is true.

 

Beware,you ask and here is your answer. No one said you lied about anything but you were,with that company and continuing now to be a fool about this subject.Give it up or it will eat you up.

 

Huh?

Eat me up? Okay buddy. Go bury your head in some psych books and lets stay on topic here.

I've actually spent very little time doing this. I wrote one page and just posted it in a bunch of places. You've probably spent about as much time responding to me. Is it gonna eat you up too?

I wasn't a fool trying to conduct a business transaction with them. No one had ever warned me about them before. I would never spend anything I wasn't prepared to lose.

But now I'm doing a service. I no longer want any money. I want to bury these scammers. I've done a little more research on them, and they also happen to be involved in a great deal of illegal activity, ranging from money laundering to child pornography. Why do you think they deal in drop boxes and strictly cash transactions. Any business transactions I may have had with them were strictly legal, and I didn't know about their illegal dealings until recently.

So now I have a lot more motivation to bury these guys. And I will.

 

Beware,your post just now say's it all.

 

Again, not sure what you mean. pugmug, you need to be more clear about what you're talking about. We're not mind-readers.

I never made it a secret that I want these guys buried. I'll do what it takes. If I have to step on them and everyone they do business with, I'll do it. I'm not playing a game. I'm out for blood. Satisfied.

But, let me tell you. They deserve what they get. And this is the very tip of the iceberg.

 

Beware,good luck with your quest.You will need it.

 

So sorry to interupt, but I did visit the website out of curiosity and found the following under trojan protection

"a² :: the future of malware protection!

We made it our business to create a completely new tool which protects your computer against Malware."

I don't think this is the A-squared that many of us trust, and that I have. That alone should set off an alarm.

 

Anyone that would send cash in a transaction like that really pretty much deserves what they got scam site or not. Anyone with an IQ over 35 should know you never send cash in a business transaction for any reason. But I bet he knows better now.

 

Thank you bigc73542, I couldn't agree more. A quick look at the site & forum makes you wonder why anyone would go near it in the first place let alone give them money, the whole place smacks of paranoia, conspiracy and racism. Well left alone.

 

They also shilled for a long time for Evidence Eliminator. That tells you something about privacy.li - or what they call on the Usenet - privacy.lie

Beware, I've been reading about this outfit for a long time on Usenet, specifically. alt.privacy and alt.privacy.anon-server.

http://groups.google.com/group/alt.privacy.anon-server/topics

http://groups.google.com/group/alt.privacy/topics

I just noticed there is already a post linking to a thread you started at the Truecrypt forums and your own site. You'll find a lot of support for whatever you want to do there. But remember to do Usenet right. All posts are marked with your IP address and full headers are open for any and all to inspect. Use a proxy!

 

O.K. guys, I'm holding up a yellow card here. No more personal attacks or jibes please otherwise we will close this thread. Thank you for your co-operation.

Menorcaman

 

Now why does LinkScanner Pro warn me about Beware's web site? An FP perhaps or something else?

 

Thanks for the responses, especially those of you that refrained from calling me names.

For those of you who keep harping on my stupidity for sending in cash, I have to say I'm really not stupid. It was a calculated risk. I didn't send in anything I couldn't afford to lose. And if I knew the money was lost on it's path from my location to Canada, I would have gladly accepted the loss. But I know the money made it to him (or his lackeys). It was not for anything illegal or immoral.

For the record, I did not post to usenet (yet), but I'm glad the news is circulating. The only other place I posted was to http://forums.truecrypt.org/viewtopic.php?t=5893&postdays=0&postorder=asc , where I give some more details, especially in my later posts.

Like I stated in my Truecrypt post, this is just the beginning. I fully intend to dismantle this guys racket, when I get some free time. I do hold a grudge.

Thanks for reading.

Beware.

 

Sorry, the TrueCrypt forum address is http://forums.truecrypt.org/viewtopic.php?t=5893

p.s. I'm really not a newby at all. I've been around for a good while. I just chose not to use the usernames I'm better known for. It would have given this issue more credibility, but it would have also hurt the credibility of my other usernames. That's why I chose a new username.

 

Damn.

Also wanted to add that I never tried to subscribe to his proxy service. I was attempting to pay for another service.

I always use Tor. In fact I'm using it now and I used it for every communication I had with "john". Don't worry about me being traced.

 

Beware,this is not an attack just a responce which you seem to have received much the same of at your link in post #21 as you read here in this forum.Good luck again on your quest.

 

I have to say the behavior of these privacy.li people is truly beyond belief. The level of immaturity has reached a new low.

First, let me preface this by saying that the yahoo e-mail I used to communicate with them was never given to anyone else. I signed up for it using Tor and only communicated with privacy.li. I use it only for the purpose of communicating with them.

Here are the contents of my bulk mail folder:

Lotto.nl Tue Apr 24, 2007
4k
You have won !!! Contact your paying bank
Service Paypal Thu Apr 19, 2007
2k
About your account.
PayPal Thu Apr 19, 2007
4k
Receipt for Your Payment
Mr. Abudu Hanssen. Thu Apr 19, 2007
6k
TO A TRUST WORTHY FRIEND
Mrs Lilian Jones Thu Apr 19, 2007
4k
ENDEAVOUR TO USED IT FOR THE CHILDREN OF GOD
ABBAS AZIZ Wed Apr 18, 2007
3k
HUMANITY SAKE
ALHASSAN BALA MOHAMMED Tue Apr 17, 2007
4k
FROM ALHASSAN BALA MOHAMMED
PayPal Mon Apr 16, 2007
4k
Receipt for Your Payment
egreetings.com Mon Apr 16, 2007
4k
You've received a greeting from a family member!
PayPal Inc. Mon Apr 16, 2007
5k
Your PayPal Account Is Limited Access
PayPal Inc. Sat Apr 14, 2007
5k
Your PayPal Account Is Limited Access
Mrs. Brigit Willem Fri Apr 13, 2007
4k
YOUR EMAIL WON THE LOTTERY
Bank od America Fri Apr 13, 2007
3k
Important: Please update your Bank of America account
postcard.com Thu Apr 12, 2007
2k
You have received a postcard ! (END QUOTE)



I have 14 messages dated from April 12 to April 24 in that folder.


Here are the contents of my Inbox (since March):

Lotto.nl Mon Apr 23, 2007
4k
You have won !!! Contact your paying bank
joseph.mayola15@ terra.es Mon Apr 23, 2007
12k
ASSISTANCE/PARTNERSHIP NEEDED FROM YOU.
Bank of America Inc. Thu Apr 19, 2007
7k
Bank Of America Online Alert : Verify Your Information
casino casino Wed Apr 18, 2007
8k
YOUR TIME TO CELEBRATE!!!
Msoft Newsletter Fri Apr 13, 2007
9k
PLEASE GET BACK TO DR ERIC PETERSON FOR YOUR CLAIMS!!!
PayPal Security Center Wed Apr 11, 2007
5k
Resolution Center: Your account is limited. (END QUOTE)


I have 6 messages dated from April 11 to April 23.


For those of you who don't know what's going on, they've distributed my e-mail address to a bunch of scam sites. This all started when I started posting on these message boards. I was about ready to drop it, then I saw this.

This is further evidence that these people are not trustworthy. When was the last time you saw a reputable business pulling this kind of stuff. Of course, it serves them no purpose since they have no idea who I am.

Here's an e-mail I received from paypal. This actually seems legit since it's actually from paypal. They must have started an account using my e-mail address:

April 12, 2007,

PayPal Resolution Center: Your account is limited.
Your case ID for this reason is PP-?.


PayPal is constantly working to ensure security by regularly screening
the accounts in our system. We recently reviewed your account, and we
need more information to help us provide you with secure service. Untill
we can collect this information, your access to sensitive account features
will be limited. We would like to restore your access as soon as possible,
and we apologize for the inconvenience.

This is done for your protection only you, the recipient of this email can
take the next step in the remove limitation process.

Why is my account access limited?

April 12, 2007: We have reason to believe that your account was accessed by
a third party. Because protecting the security of your account is our primary
concern, we have limited access to sensitive PayPal account features.
We understand that this may be an inconvenience but please understand that
this temporary limitation is for your protection.

Your case ID for this reason is PP-?.

How can I restore my account access?


Please click here Steps to Remove Limitations. and complete the fields:

https://www.paypal.com/us/vst/id=?????????????????


Completing all of the checklist items will automatically restore your
account access.

Thank you for using PayPal!
The PayPal an eBay Company

----------------------------------------------------------------
PROTECT YOUR PASSWORD

NEVER give your password to anyone, including PayPal employees. Protect
yourself against fraudulent websites by opening a new web browser (e.g.
Internet Explorer or Netscape) and typing in the PayPal URL every time
you log in to your account.


----------------------------------------------------------------

Thank you for using PayPal!
The PayPal Team


Please do not reply to this email. This mailbox is not monitored and
you will not receive a response. For assistance, log in to your PayPal
account and click the Help link located in the top right corner of any
PayPal page.

PayPal Email ID PP-PP-?. (END QUOTE)


Note that I altered the link provided in the e-mail because it actually does go to a paypal site that asks for a password, although I don't think it's actually any account I created.


Here's an e-mail from Bank of America:

Dear Valued Customer :

We recently have determined that different computers have logged in your Bank of America Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us. If this is not completed by April 22, 2007, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner. In order to confirm your Online Bank records, we may require some specific information from you.

To restore your account, please Sign in to Online Banking.



thank you for using Bank Of America Online Service.

Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds. To lift up this restriction, you need to login into your account (with your username or SSN and your password), then you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have reactive your billing information on file. Sign in to Online Banking
Thank You.
Please do not reply to this message. If you have any questions about the information in this e-Bill, please contact your biller. For all other questions, call us at 800-887-5749

(END QUOTE)

Again, this actually seems to be from Bank of America. No one else could have done this except the privacy.li people.


Here's another e-mail from paypal:



Dear PayPal Member,


This email confirms that you have sent an eBay payment of $? USD to
?@hotmail.com for an eBay item.



-----------------------------------
Payment Details
-----------------------------------


Amount: ? USD

Transaction ID: ?

Subject: Digimax ?





Note:
If you haven't authorized this charge ,click the link below to dispute transaction
and get full refund

Dispute transaction (Encrypted Link )

*SSL connection:
PayPal automatically encrypts your confidential information
in transit from your computer to ours using the Secure
Sockets Layer protocol (SSL) with an encryption key length
of 128-bits (the highest level commercially available)

-----------------------------------
Item Information
-----------------------------------


eBay User ID: ?


----------------------------------------------------------------
?'s UNCONFIRMED Address
----------------------------------------------------------------

?
?
?, TX ?
United States

Important Note: ? has provided an Unconfirmed Address. If
you are planning on shipping items to ?, please check the
Transaction Details page of this payment to find out whether you will
be covered by the PayPal Seller Protection Policy.




----------------------------------------------------------------
This payment was sent using your bank account.

By using your bank account to send money, you just:

- Paid easily and securely

- Sent money faster than writing and mailing paper checks
- Paid instantly -- your purchase won't show up on bills at the end of
the month.

Thanks for using your bank account!



----------------------------------------------------------------

Thank you for using PayPal!
The PayPal Team
PayPal Email ID PP?


(END QUOTE)


Imagine what they would do if they had any legit information on me.

People, do not do business with these guys. They are as dirty as they come. If they have a legit e-mail address on you, your physical address, an IP address, or any other real information, they can do anything they want to you.

For those of you who doubt my veracity, I have no way to prove what I'm saying. But, if I wanted to make stuff up, I could do worse than this. Every word I have said is true. I would post the e-mail address and password but I want to keep it private for now, so only I and the people at privacy.li will know it (and also the scam sites they signed me up for).

Beware

 

Regarding what llista (on the TrueCrypt forums) was saying. Here was his attempt to out me on usenet. This is my first time seeing this.

Oooooh, I'm shaking. My IP address was, as I stated, a Tor exit node. It doesn't hurt me at all, but it does show what kind of people they are. Imagine what would happen if they don't like what you're saying and you weren't as careful as I was. They can post your name, IP address, sites you've visited, etc.

Here's his response:


yh7...@yahoo.com wrote:

Thanks for the coverage!! You are priceless, google page ranking is
moving up constantly - thus means business! Keep up the good work!

Could you please also include all other domains which lead to
www.privacy.li? Such as:

http://www.privacy.in
http://www.privacy.org.cn
http://www.anonymous-banking.info
http://www.anonymous-gold.info
http://www.anonymous-privacy.info
http://www.anygoldnow.us
http://www.egold.us
http://www.goldnow.us
http://www.no-taxes-with.us
http://www.noprivacy.us
http://www.offshore-banking.us
http://www.offshore-with.us
http://www.privacy-banking.info
http://www.privacy-gold.info
http://www.privacy-tunnel.info

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

And that the world sees what sicko you are, here what you ordered from
me (I am glad the money didn't make it!):

Website 0 (omitted as it is irrelevant):

Here are the actual addresses of the sites I want to
sign up for. Ignore the link I sent to you in previous
e-mail.

Website 1 (omitted as it is irrelevant):
$? USD

Website 2 (omitted as it is irrelevant):
$? USD


Website 3 (omitted as it is irrelevant):
$? USD


Website 4 (omitted as it is irrelevant):
$? USD

Sign up service
$? USD (? Euro)

Total
$? USD

Here's the header from your order:
cnbsig...@yahoo.com

X-Spam-Checker-Version:
SpamAssassin 3.1.7 (2006-10-05) on sam.hitrust.net
X-Spam-Status:
No, score=-1.9 required=5.5 tests=ADVANCE_FEE_1,AWL,BAYES_00,
RCVD_IN_SORBS_WEB autolearn=no version=3.1.7
Received:
from sam.hitrust.net (localhost [127.0.0.1]) by sam.hitrust.net
(8.13.1/8.13.1) with ESMTP id l03IQsNK026962 for xxxxxxxxxxxxxWed, 3 Jan
2007 19:26:54 +0100
Received:
(from root@localhost) by sam.hitrust.net (8.13.1/8.13.1/Submit) id
l03IQse1003898 for xxxxxxx; Wed, 3 Jan 2007 19:26:54 +0100
Received:
from web59101.mail.re1.yahoo.com (web59101.mail.re1.yahoo.com
[66.196.101.12]) by sam.hitrust.net (8.13.1/8.13.1) with SMTP id
l03IQrP9032116 for xxxxxxx>; Wed, 3 Jan 2007 19:26:54 +0100
Received:
(qmail 1232 invoked by uid 60001); 3 Jan 2007 18:26:51 -0000
DomainKey-Signature:
a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
h=X-YMail-OSG:Receivedate:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID;
b=VRcNkAY0bi6AaE1Fa1Pd/apwXjHDrKbOfnzYAiXMjMv4IC7gU44Mjq8Hq17dXN6Pv8pTyVrDQ4Lv4a7PH8ZPyE357quW431AjYzmhrhkd6Gn5sMKMGnpyiz8IPLujFAZHX6LrfjyWAwqMGen4q6A7jfXxXndpjF/qbCl8gyfee8=;
X-YMail-OSG:
SgVSAjgVM1ksJ.2FWf9xlWvq8TZc1t8kyh_SidIn
Received:
from

that's your IP-address!!! [149.9.0.57]

by web59101.mail.re1.yahoo.com via HTTP; Wed, 03 Jan 2007 10:26:50 PST
In-Reply-To:
<200701020333.l023X8VI031...@sam.hitrust.net>
MIME-Version:
1.0
Content-Type:
text/plain; charset=iso-8859-1
Content-Transfer-Encoding:
8bit
Message-ID:
<247604.1215...@web59101.mail.re1.yahoo.com>
X-Virus-Scanned:
ClamAV version 0.88.6, clamav-milter version 0.88.6 on localhost
X-Virus-Scanned:
ClamAV version 0.88.6, clamav-milter version 0.88.6 on localhost
X-Virus-Status:
Clean



So, he posted websites that a subscriber wanted him to sign up for. He posted the header of the e-mail, including an IP address. Notice how he went out of his way to highlight the IP address.

What a jerk.

Any more questions about these people. Thanks llista for pointing that out. I hadn't seen it before.

Here's one of the usenet links on google groups:

http://groups.google.com/group/alt....b60f7b16734/ef73504778872530#ef73504778872530

Guys, do the world a favor and tell these guys where to shove it. Please don't do business with them.

Beware