Monday, August 18, 2008

Some Spammers Are "Getting Out Of The Business"

If you've been reading any tech news sites lately, you've probably noticed two distinct trends:

1) Lots of reporting of the storm worm, with sub-stories related to mass hijacks of publicly-owned websites for the purposes of infecting the public's PC's with the Storm worm. (With still further subsets focusing on the "Russian Business Network" (or "RBN") being behind the whole setup.)
2) Lots of arrests, convictions, and imprisonments of large-scale illegal spammers. (Including one murder-suicide of a previously incarcerated illegal spammer.)
3) More raids in Romania of online scammers, predominantly eBay scammers.
4) Lots of arrests and indictments related to the TJ Maxx identity theft incidents from last year.

As with last year, 2008 is proving to be an extremely bad year for illegal spammers.

I define an illegal spammer as the following, which is more specific than CAN-SPAM:

- They don't care who they send to, or whether they actually ever wanted to hear from them in the first place.
- Further to that point: they actively seek out email addresses of total strangers to start spamming them. They know that these email addresses are not actively seeking to be sent spam. They don't care.
- They try to get as much deliverability out of their messages whenever they know that their messages are being specifically filtered against (remember: they know these people don't want the messages in the first place.)
- They spam the same individual numerous times per day. (And in many cases: per hour.)
- They spam urls representing largely illegal or fraudulent websites, selling either fake or counterfeit products, in violation of international law.
- They never opt anyone out, ever, and never honor any inbound communication regarding spamming.
- In many cases, their sites actively filter for any words related to spamming in their email or contact forms. They are well aware that they operate in violation of the law, and the public's privacy.
- Their "opt-out policy" is to tell anyone who complains to "find your delete key."

Robert Soloway was just such an individual. He knowingly spammed millions of people, several times per day, promoting "products" which either didn't work (his so-called "turnkey email marketing solution") or a variety of other bogus products. He ignored, and then later actively retaliated against any complaints regarding spamming.

Soloway was recently quoted as saying "I can honestly say, even though I'm going to federal prison, for once in my life, I have a focus. I'm very sorry for what I did. I'm hoping people can forgive me." (source) This is in very stark contrast to previous statements he had made in chat rooms and web forums. e.g.: "I always win ... regardless of the judgment amount ... losing is not an option, and I never ever, ever have to pay a single cent to anyone." (source)

Well we now know just how wrong he was.

I'm not going to comment on the Eddie Davidson murder suicide. It was very tragic and ultimately had very little to do with his prior spamming exploits (other than the fact that he escaped from the prison he was sent to for doing so.) What I will comment on is that Davidson was an active and willing informant to the FBI and other law enforcement agencies, something very few press outlets covered. He was already providing lots of information on how stock spamming worked, and was allegedly assisting in the case against his former business partner Darrel Uselton, known to be a rampant, unrepentant stock spammers for years. Jack and Darrel Uselton are both awaiting trial on Sept. 29th and continue to be under investigation by several states and the US Securities and Exchange Commission (SEC). (See the Texas AG's press release dated July 9, 2008.)

That doesn't bode well for many spammers, and could also have the ancilliary effect of further damaging Alan Ralsky, currently under a similar indictment in Michigan related to his repeated stock spamming activities, and profiting from stock market manipulation.

There was also the conviction of Michael Dolan relating to his AOL phishing and spamming practices.

All of this is summed up rather nicely in a recent forum thread I was made privy to in the past few weeks.

If You Live In The U.s.a - Please Stop Spamming, It's just not worth it anymore

gerogeyboy0101
Posted: Jul 16 2008, 03:45 PM

On a roll...
*

Group: Members
Posts: 253
Member No.: 1368
Joined: 21-September 04

I have met online and dealt with many of you throughout the years, and some of you are simply terrific people who got caught up into something a long time ago that used to be innocent and legal, but now has been blown into astronomical proportions of bad.

People all over the USA are going down for illegal activity related to spam. I myself became a target for the IRS and was questioned by the fbi all because I told the truth about the fact that I had received 1099's from two spammers that had spam lawsuits against them.

Surveillance technology and the Patriot Act and further bills being signed into being are completely destroying liberal, human, and privacy rights for citizens in the united states.

I don't know if some of you guys realize it but these guys do not close, they do not stop. They take our tax dollars and get paid to sit in rooms and spy and follow leads, and investigate and do whatever it takes to catch whoever they can whenever they can. They are relentless and uncaring. If you're going to spam and you have to, hey, a man (or woman) has gotta do what they gotta do. But using proxys or botnets or unauthorized access on anyones computer is simply not worth it anymore.

They will put you away for years, no ifs, ands, or buts about it. I'm not trying to scare anyone, Im just saying, be careful, and watch your asses, because they are out to get you 24/7.


The thread contnues with a lot of basically "shrugging" comments about how this has always been the case, followed by general agreement that everybody should be careful not to use their real identities when "doing business", and then referring to the US as a "fascist" country.

They are all missing the point.

All of these recent arrests are pointing to a rather obvious point: if you commit crimes, no matter where you are or who you claim to be, you will be found, you will be arrested, you will be prosecuted, and you will be convicted. The few times this has not happened, it still results in suspects vastly changing their lives by moving to a completely different geographic location, and setting up whole new identities. If you're spamming illegally, and especially if that spamming is surrounded by other illegal acts (hacking, hijacking of public computers, infection of public computers, fraud, wire fraud, computer trespassing, unauthorized sale of controlled substances, securities fraud, etc. etc. etc.) trust me: you are going down. Maybe not today. Maybe not this year. But you will.

Regarding the Russian Business Network: this shadowy group are continuing to erode the public perception of the country of Russia. Russian cybercriminals are behind perhaps 90% of the virus-laden emails the general public has been receiving. There are several reports that have linked them to the following:


  • Recent attacks against websites and network infrastructure of the country of Georgia, starting at precisely the same moment as the attacks on the ground.

  • Spam messages claiming to be from either MSNBC or CNN featuring links to bogus "breaking news" stories.

  • Server hijacks and exploits causing them to deliver these same infections.

  • Spam for "Canadian Pharmacy", a known Spamit / Glavmed sponsored property.



And of course there are the less-substantiated claims that they also have been behind spam campaigns and hijacked hosting for a variety of child pornography website operations, and that they were also involved in the cyber-attack against Estonia last year.

Prosecution of whoever is behind this group, especially within Russia, is unlikely. But that's soon going to become less of a problem since much of their target audience is actually geographically located within the US, as are (it is believed) several of their operatives. Also: a lot of the people who spam on behalf of these Russian groups and individuals (notably Spamit / Glavmed) are located in the US, Canada, and several countries in Europe. Arresting them can cut off a major source of cashflow and infrastructure. It also can draw out further details of where these individuals can be found, and subsequently arrested, if not by Russian police, then by international law enforcement. It's a pretty small planet, after all.

The cyber-attacks against Georgia have garnered some very widely viewed headlines, and not just in tech publications. This does not help the Russian government in its bid for entry into the WTO. That was previously hindered by the renowned shuttering and resurrection of AllOfMP3.com. (Which now alternately operates as MP3Sparks and MemphisMembers.) It also isn't doing any favors for Russia in terms of how international law enforcement sees them, which I'm sure is of no consequence to the Russian government anyway. That the recent cyberattacks have gained significant news attention is now raising some questions for other governments: if they can attack Estonia and Georgia, who's to say they can't attack a larger western power? Or a specific government, or utility, or financial network? The fact is: they can. Illegal spammers and their supporters have killed off any site which gets close enough to the truth to make them uncomfortable: the KillSpammers forum (which is not completely gone, just on hiatus. :) ,) spam-court, castlecops, blue frog, etc. They will do it whenever it suits them, or when they feel that the evidence is such that it will cause problems with their cashflow. I don't doubt that they'd eventually try to attack Citibank, or PayPal, or the US Federal Reserve if it suited their needs at the time.

But that can only keep going for so long. A very bright light has been shone upon the RBN, and they are certainly aware of it. One day, inevitably, something's gotta give, one way or the other.

In any case, the past two years have made two things abundantly clear:

1) While the process may be slow, law enforcement and the courts do enforce laws against these criminals, and apply penalties resulting in real jail time
2) The public at large is definitely fed up with continually receiving email spam (or really spam of any type.)

The tally so far this year:


  • Indicted:

    • Alan Ralsky

    • Scott Bradley

    • Judy Devenow

    • John Bown

    • William Neil

    • Anki Neil

    • James Bragg

    • James Fite

    • Peter Severa

    • How Wai John Hui

    • Francis Tribble

    • Albert Gonzalez, AKA Segvec

    • Christopher Scott

    • Damon Patrick Toey

    • Maksym Yastremskiy, AKA Maksik

    • Dzmitry Burak

    • Sergey Storchak

    • Aleksander Suvorov, AKA Jonny Hell

    • Hung-Ming Chiu

    • Zhi Zhi Wang

    • Sergey Pavolvich

    • An unknown hacker named "Delpiero"



  • Arrested:

    • Alan M. Ralsky [but out on bail]

    • Albert Gonzalez, AKA Segvec

    • Maksym Yastremskiy, AKA Maksik


  • Convicted and Imprisoned:

    • Robert Soloway

    • Michael Dolan





That's 25 total. And that's actually an incomplete total since there were an additional 22 arrested back in April, notably including "Vladuz", a Romanian cybercriminal behind rampant amounts of eBay phishing attempts. So for 2008 alone, we're nearing 50 criminal prosecutions against these criminals, and it's only August.

So I think I would have to agree with ol' "gerogeyboy0101" up there: if you're spamming at all, do us all a favor and get the hell out of "the business."

SiL / IKS / concerned citizen

Oh and P.S.: anybody notice that a lot of inbound spam purporting to be for VPXL or "Canadian Healthcare" now redirect to the SpamWiki entry for SanCash? :)

e.g.:

chipadd.com [a king replica site]

now points to:

http://www.spamtrackers.eu/wiki/index.php?title=King_Replica

Hehe. Nicely done, whoever you are.

SiL

19 comments:

IKillSpammerz said...

The count just went up! Seven individuals have been indicted for running "PersonalizedRx, LLC", an illegal online pharmacy which was selling controlled pharmaceuticals. Read the press release here:

http://www.usdoj.gov/usao/mow/news2008/holman.ind.htm

Fantastic.

SiL

Anonymous said...

Nice, long list of convicted spammers. I hadn't seen all those mentioned on one source, yet. Keep up the great reporting, SiL!

Anonymous said...

No names yet, but it looks like there will be 11 more people to add to your list:

"Romania breaks up alleged dating-fraud ring"
http://www.earthtimes.org/articles/show/228074,romania-breaks-up-alleged-dating-fraud-ring.html

Information in the (brief) article sounds very similar to the ROKSO Ukraine operation listed in Spamhaus under Vad Kaz (Wolf) / promo-mail.net - bestdates.org

IKillSpammerz said...

That is a great article. :)

And we can definitely add yet another arrest to that list, Leni Neto:

"Leni de Abreu Neto, from Taubate, Brazil, faces up to five years in prison and a fine of more than $250,000 for allegedly running and leasing access to a botnet of 100,000 compromised computers around the world for the purposes of sending spam."

(You can see more coverage over at the spectacular blog known as "CyberCrime & Doing Time", run by Gary Warner.)

Neto was arrested in the Netherlands and is a member of the large group behind last year's TJX identity theft case, which included several of the names listed above (notably Albert Gonzalez [Segvec] and Maksym Yastremskiy [Maksik])

I fully expect to see many, many more of these arrests, and not merely focusing on botnet operators either. One day, maybe soon, we'll see a major arrest of someone operating an illegal pharmacy such as "Canadian Pharmacy" or "Canadian Healthcare."

As a once-popular anti-spam blog once said, "get the popcorn..."

SiL

Harry Stottle said...

You're clearly more knowledgeable about SPAM than I am, so perhaps you can answer a question I've been asking for a few years.

Ignoring the SPAM which is intended as a vector for malware, most SPAM is commercial. It is trying to funnel us in the direction of one or more products so that someone can make a profit. Unless a small number of people actually follow the trail and end up buying the relevant products, the SPAM would be a completely futile exercise and would simply evaporate. Given that SPAM continues, we must assume that enough SPAM recipients are buying enough product to make the SPAM worthwhile.

While I appreciate that tracking the source of the SPAM is a hard problem, there is nothing difficult about tracking the sellers of the products who benefit from the SPAM. After all, if they hid themselves, they couldn't sell anything.

Given that, why the hell haven't we just gone after the merchants whose wares are advertised by the SPAM?

I've had one attempted answer to that, which was that such a policy would be a gift to competitors or enemies of the merchant, who could put them out of business by setting up an apparent SPAM operation aimed at selling the target merchants products. But a) that would be an extremely rare attack and b) it would be a relatively trivial attack to counter. Hence I cannot believe that it accounts for our failure to "follow the money".

So what does?

IKillSpammerz said...

Hello and thanks for your comment. As you might expect, the answer isn't straightforward, so forgive my lengthy response. (But hey: you asked. :) )

> While I appreciate that tracking the source of the SPAM is a
> hard problem, there is nothing difficult about tracking the
> sellers of the products who benefit from the SPAM. After
> all, if they hid themselves, they couldn't sell anything.
>
> Given that, why the hell haven't we just gone after the
> merchants whose wares are advertised by the SPAM?


Well this is precisely what this blog is here for.

My blog is pretty widely-read, and I also occasionally assist law enforcement regarding these malicious merchants. Unfortunately, the short answer to your question is unfortunately another question: how would you specifically propose that we do that?

I'll give you an example:

Based on my own research, I know for a fact that an affiliate group known as SanCash are behind all the millions of VPXL (aka: Express Herbal, MaxGain+, PowerEnlarge, Manster and at least four other brand names.)

They are the middle-tier which signs up mailers (spammers) to promote the product.

Both an independent investigator and the BBC discovered a direct link between the spam they received, the order they placed, a sponsor group named "GenBucks", located offshore in the country of Mauritius, and a company called Tulip Lab, located in Mumbai, India.

My own research, including direct statements posted on numerous forums, uncovered that the spam-sponsoring group was actually known as SanCash. They are the ones who send the actual emails promoting these products. It has since changed names a few times, and operates completely underground.

Further investigation, and an interview by the BBC, ld to someone at Tulip Lab stating directly that they did in fact use GenBucks to market their products.

Since posting this information, the independent investigator was threatened with a temporary injunction against his blog. Tulip Lab consider this information to be libelous, despite the fact their own statements confirmed that there was a link between GenBucks and their Manster / VPXL product.

So: how would YOU approach that? Would you fly to India yourself and try to go after Tulip Lab directly? Would you attempt to infiltrate SanCash (or whatever they're called this week) and attempt to gain contacts at SanCash and Tulip Labs? (Assuming the handful of sponsor reps would let you in, which is extremely unlikely.)

It's easy enough to say "just shut down the merchant." But when that merchant is known to operate offshore, in countries (like Mauritius) with shifty law enforcement, and with no clear paper trail identifying all of the players: what do you want to try next?

Similarly Spamit, the sponsor group behind "Canadian Pharmacy", is located in Moscow. When are you booking your flight? :)

> I've had one attempted answer to that, which was that such a
> policy would be a gift to competitors or enemies of the
> merchant, who could put them out of business by setting up
> an apparent SPAM operation aimed at selling the target
> merchants products.


I think literally every company behind the legitimate products would most certainly not take this approach.

Spamming for Viagra has damaged the branding for that product, and Pfizer has an entire division dedicated to seeking out and shutting down counterfeit or imitation versions of their products, and they've slowly but surely managed to shut down several such operations in numerous countries. For whatever reason, they can't shut these ones down.

Competing spammers though, or their sponsors, yes you're right. They very likely would set up an all-new operation to step in and replace whatever went down. (Or more likely: they'd buy the old software and whatever other elements were part of the old one, and simply re-brand it. We've seen a lot of that over the last three years.)

> But a) that would be an extremely rare
> attack and b) it would be a relatively trivial attack to
> counter. Hence I cannot believe that it accounts for our
> failure to "follow the money".
>
> So what does?


* International borders.
* Distance.
* Lack of efficient or non-corrupt law enforcement in hosting countries.
* Lack of funding / resources in north american law enforcement agencies.
* Lack of cooperation between international law enforcement agencies. (Though that is slowly changing.)
* Funds or the cost of investigating every source of this activity.
* Public or media attention / indifference.
* American Drug Policy
* American Healthcare policy.

Pick any of those. My personal feeling is that last one is a pretty serious boon to the profits of illegal pharmacy spammers. If the US healthcare system wasn't so messed up, you wouldn't have desperate patients who actually DO need these pills but have been refused any more prescriptions by their HMO, for whatever reason. Of course they're going to turn to an online pharmacy. The spammers know this.

But ignoring that for a moment:

If you went to Moscow and complained to their law enforcement about Spamit or Glavmed, how far do you think you would get?

If you went to Mumbai, and went to the offices of Tulip Lab and asked them to stop supporting spammers, what do you assume their reaction would be, aside from suing you for making libelous claims?

It's far from cut-and-dry. This is a global, organized and well-hidden series of operations.

Fortunately we're seeing some real action (especially lately) on behalf of domain registrars and rogue hosting companies which are seriously impeding the cashflow of several known criminal organizations.

I personally think things will only change when someone in the mainstream media does an investigative report into just how many people are either seriously afflicted or killed by these illegal pharmaceutical products. I know there are lots of instances of this happening, but none of them are ever highlighted in the news. I don't know what it will take to educate people, but that's frankly what I see being the start of any real change in investigating these scumbags.

SiL / IKS / concerned citizen

Harry Stottle said...

Excellent and informative response, if somewhat depressing. Thanks.

The only other path I've contemplated is a pure whitelisting email environment with a trusted enrolment system. I've even designed one. The problem I haven't been able to crack (which is why I've never promoted the idea) is the Denial of Service attacks which would inevitably be launched against the hubs which would be necessary to run the whitelist enrolment. We simply don't have a practical defence against those yet and I suspect that is what keeps a number of otherwise obvious solutions on the shelf...

IKillSpammerz said...

> Excellent and informative response, if somewhat depressing.
> Thanks.


Thanks for the kind words.

> The only other path I've contemplated is a pure whitelisting
> email environment with a trusted enrolment system. I've even
> designed one.


Is it called "Facebook" by any chance? :)

There's a reason that site has become so popular. People can finally communicate again without having to sift through dozens-to-hundreds of bogus crap messages.

> The problem I haven't been able to crack
> (which is why I've never promoted the idea) is the Denial of
> Service attacks which would inevitably be launched against
> the hubs which would be necessary to run the whitelist
> enrolment. We simply don't have a practical defence against
> those yet and I suspect that is what keeps a number of
> otherwise obvious solutions on the shelf...


That has been attempted in the past, and each time the purveyors of these solutions have had their servers attacked mercilessly by shadowy individuals who don't like it. (Blue Frog is the most recent notable example.)

I have also written several "fight back" utilities which I know have a considerable impact on their profits. They've also attacked any site I've posted that information on.

You're dealing with criminals. They do not care who you are: they'll attack you.

The key thing would be to motivate enough people to really have an impact. It wouldn't even take that many. If you look at how "ordinary" Russians banded together to attack Georgian websites and networks recently [source] you can see that it really can be done effectively. People just need to be alerted to the fact they can take action, and some of them will. That's been the hard part: equating spam (just delete it / perceived as merely an annoyance) with criminal, dangerous activity (criminals profit from spam / you can die from using their products.)

SiL

Harry Stottle said...

"The key thing would be to motivate enough people to really have an impact. It wouldn't even take that many."

Expand. What is you want "enough people" to do? (Apologies if this is fully explained in your previous missives, I realise I've arrived late at the party)

Just as a point of interest, do we have *reliable* stats on what percentage of all email traffic is SPAM? And what % of forum applications and posts? etc

I've read MessageLabs claim that it's 75% but they would say that wouldn't they...

IKillSpammerz said...

> Expand. What is you want "enough people" to do? (Apologies
> if this is fully explained in your previous missives, I
> realise I've arrived late at the party)


If you read the post I linked to, you get an idea. It's this one. Anyone could do that, and that particular choice would not be my first choice. But anything where we organize and send, say, 12 fake orders in to one particular type of spammed product's site (say: VPXL), or something to that effect. Their sites never fully validate credit cards so even a small group of people could cause a real hassle. I know they really disliked it when it was only me and three other people. Imagine what thousands could do?

SiL

Harry Stottle said...

I'm in. I'm happy to set up a couple of false IDs and run through a proxy to submit my part of a such a flood attack.

Somewhere around the web is a simple guide to generate "legitimate" (but non existent) credit card details. There are lots of "instant disposable" email address providers and lots of proxies. Now all we need is a focal point and "critical mass" trigger, so that we co-ordinate the attack to start when there are at least (say) 500 of us ready to go...

IKillSpammerz said...

I realized I missed the second part of your comment:

> Just as a point of interest, do we have *reliable* stats on
> what percentage of all email traffic is SPAM? And what % of
> forum applications and posts? etc
>
> I've read MessageLabs claim that it's 75% but they would say
> that wouldn't they...


Well I can tell you my own stats, which I've been maintaining for several years now:

For most accounts, during most months, it has been 98-99% spam. That's omitting the messages captured by spamassassin set to a fairly critical setting. If I include spamassassin messages, easily over 99% (99.8% for the month of december, 2007, the last month I tested this on.)

For my gmail accounts lately: definitely around the 70-80% mark. I'm unaware of whether gmail pre-filters messages before they get to my spam box. Their in-client spam filtering is impressive and extremely accurate.

Yahoo: 99%
Hotmail: 99.6%
Other personal domains' email: 90-97%

Again: these are just my stats, and this doesn't actually include any addresses I use specifically to comment on the state of spamming.

Most people I know are seeing this level of inbound spam. The sadder thing is: you can create an account today on gmail, and do absolutely nothing with it. Leave it alone for a month or two and check it: you'll have spam. Why these morons would target such an address is totally baffling to me. If you create one with anything resembling a Chinese-sounding word, you'll receive tons (several hundred per day) of Chinese language spam. This is a repeatable experiment.

The Register, Wired and several other media outlets over the past year have all written stories that globally spam has surpassed 95% of all email received by anyone with an email address. I don't doubt those numbers.

SiL

IKillSpammerz said...

I tried emailing you, but the only address I can find for you bounces. Respond to this comment and I'll give you and idea what I have already created for this purpose.

Thanks.

SiL

sophie said...

TO THE FRAUD SECTION IRS FRESNO:

PLEASE READ THIS LETTER. THE USA FIRM TECHNI-PAK, OPERATING OUT OF COLORADO AND TENNESSEE, IS MAKING INCOME “FROM WHATEVER SOURCE DERIVED” IN THE USA, YET TECHNI-PAK HAS ITS PENIS ENLARGEMENT DRUG ORDER NUMBER IN BRITISH COLUMBIA AND REGISTERS ITS BUSINESS IN THE BAHAMAS.

PLEASE INVESTIGATE THIS MOB FOR INCOME TAX EVASION AND PUT THEM IN COURT AND OUT OF THE ILLEGAL DRUG/SPAM BUSINESS. THANKS FROM ALL OF US WHO HAVE HAD OUR EMAIL SYSTEMS HACKED THIS HOLIDAY SEASON.

30 December 2008
For those of you who have not had a happy email holiday season, I too have been hacked and spoofed by a persistent spammer advertising penis enlargement drugs that allegedly are "green certified" and "all natural."
These emails appear to come from various American companies such as yours, and have your company’s address in a blue box in the email body. When I click on the link to unsubscribe, immediately a disgusting page pops up with the right hand margin displaying penises in various stages of erection. At the top there is a photo of a man with a halter-topped woman about to go down on him. On the left hand side there is a photo of a half naked man with a very young tank-topped woman cuddling.
The contact details provided on this email are as follows: (a) phone 604-677-3533; (b) company address 2414 4th Ave, Greeley CO 80631. I rang the phone number and the woman answering asked to take my order. I first established that she represented a company selling penis drugs and that the company address was in Greeley CO. I then asked why the company had a Colorado address and a BC phone number. She said the drugs were shipped from Colorado. I hung up.
I then reported the crime to the Greeley CO police and spoke with an officer who took an information only crime report, in other words no action. He and I did determine by looking on Google Earth that the Greeley address is a vacant block next to the railroad tracks. He said he’d do a drive-by.
I continued to research this spam, as I have had my address spoofed nine times by this criminal. I discovered that he uses a domain name server for his webpage of www.eqiulibb.com and a further domain name server of www.dement66.com. I looked up these addresses and discovered that the first is registered out of China by HINET. The second one is registered out of China by a company called Xinnet, a notorious spam domain registrar currently under investigation by ICANN, the Internet domain registrar regulator, for providing false domain name contact details. The site registered by Xinnet, dement66, further resolves into www.truemane.com. I looked up the registrar of truemane, which is OnlineNIC, with a phone number in Alameda California registered to Rex Liu, 2251 Mosley St, Alameda 94501-4095. The number is: 510-769-8492. I have rung that number at least 20 times and it never answers.
I then did a Google search on Power Gain Plus, the company allegedly sending the offensive email named in the body of its graphic webpage. This resolved to www.powergain.com. When I looked up that page, it displayed the same graphic page as what I had received, amplified by a spam hater’s prolific comments critiquing every one of the advertising claims. This webpage identified the spammer as Leading Edge Herbals. I further researched this company on Google and discovered it is based in the Bahamas.
Then I looked up on whitepages.com the address 2414 4th Ave, Greeley CO, and discovered that address allegedly is occupied by Techni-Pak LLC [meaning it is a limited liability company not even registered in the USA]. I looked up www.technipak.com and found three contact numbers: 800-385-1964, with address 1658 17th Ave Greeley CO; 800-877-0891 with address 149 Old Gray Station Rd Johnson City TN; and 800-356-0077 address 2414 4th Ave Greeley CO. I rang the first number and spoke with Cathy with a syrupy southern accent, who said she was in Tennessee not Colorado and knew nothing about penis enlargement drugs. She told me to ring back and she would direct me to the right person. I rang back and spoke with Shiree who put me onto Mark her manager. Mark denied all knowledge of penis drugs and said his company merely ships plain brown packages for Leading Edge and has done so for some time. He likened his part as "like the US Post Office." He was not concerned about inspecting these packages to see what they contained. He was not concerned that Leading Edge gives 2414 4th Ave Greeley, purportedly Techni-Pak’s address, and Leading Edge’s address too. He thanked me for the call and said he would continue shipping for Leading Edge as long as their account is paid up to date.
Last night I received a return call from my message left at Leading Edge’s customer service number, 866-621-6886. It was 03309 here in Sydney. The person identified himself as Don McKay and began spewing rude offensive language that he was not spamming me, that his company does not spam, and accused me of being an amateur spam sleuth and told me to get a life and just delete this stuff. I provided this person progressively with details of what I have discovered. He refused to listen, going on his rant that I was wasting his time and mine. When I came to the clincher he hung up.
The clincher is that one of the spam emails sent to an Alaskan lobbyist’s firm uses the IP address of 207.229.10.2, which is served by TELUS Canada phone company I rang TELUS and spoke with Dave, who provided the info that this IP traces to an ADSL computer line at 250-383-0893 in BC Canada. I rang that number and was greeted by a message service of Leading Edge Cash, asking me to leave a message for Mike. I have yet to hear from Mike.
Searching Google for Leading Edge comes up with another page on ripoffreports.com written by an unhappy customer of Leading Edge, detailing that the penis drugs he bought did not work and in fact gave him stomach problems. When he tried to return them for his money back, he got denials and run arounds and finally gave up.
I am mad as hell and will not take it any more. I ask your company to join forces to take Leading Edge down and to put Don McKay or whatever his name is in prison for a long time.
Feel free to contact me in a spirit of cooperation, and rest assured that my address, pazamor1@gmail.com is not responsible for your troubles–it is Leading Edge who is our mutual target.
A California man on Thursday sued a slew of international companies, including a Greeley, Colorado distributor, alleging the penis-enlargement products they market and distribute do not work. They are associated closely with another company, Albion Medical and operate out of the Bahamas. They also market a product called MaxiDerm a patch that you put on your body that allegedly claims to enlarge your penis. Of course this is just another scam.
The lawsuit seeks class-action status to represent an estimated 1 million people who ordered the products in response to advertisements on television, radio and spam e-mail. The lawsuit names as defendants Leading Edge Marketing Inc. of British Columbia, TechniPak LLC of Greeley and several others. The lawsuit described TechniPak as the "operational hub" of the enterprise.
Leading Edge Marketing has a terrible track record and has been under the gun in numerous other mailorder and internet scams around the world. They recruit others to do their sales work for them and they paid a hefty commission.
Some distributors carry the whole line of products made by or distributed by Leading Edge Marketing and Albion Medical. Some of the sites even contain Links to diet drugs and narcotics.. They say that they are located in the U.S., but they are really in the Bahamas, just like Leading Edge Marketing.

IKillSpammerz said...

I debated publishing this comment but I figured it wouldn't hurt since it is clear that Sophie has done some pretty in-depth research on this setup. Illegal spammers love to abuse the identities of innocent individuals by using their contact info in fraudulent WHOIS information for illegally-registered domains used to support illegal spam campaigns. One of these days, the criminals behind these operations will pay a very high price for this continued abuse. Maybe not today, maybe not this year, but eventually. The noose has been tightening over the past several years.

SiL

TexWriter said...

This comment appeared while doing research concerning Onlinenic, recently sued by Verizon and Yahoo.

Sophie clearly has reason to be upset and the following information may be useful, as some of the research contained in her post is several years out of date or an incorrect understanding of US legal entities.

A Limited Liability Company (LLC) is a legal entity in the US, and LLC ownership records can be identified by contacting State offices. Some states provide basic information without charge, some states charge minimal fees. Dan Balsam provides an excellent list of state websites that can be used to look up business records:
http://www.danhatesspam.com/sos.html

In regards to LeadingEdge, the article posted as part of the comment was several years out-of-date.

A settlement was reached in 2007. While the settlement site, lemsettlement.com, appears now to be offline, the following articles provide some information:

"Thank Heavens for Class Action Lawyers",
http://www.circleid.com/posts/7102113_class_action_lawyers/

A copy of the preliminary settlement document here:
http://spamnotes.com/files/31236-29497/Horton.pdf
- or in Google cache html format -
http://74.125.95.132/search?q=cache:MxynAwpqwG8J:www.casewatch.org/civil/horton.pdf+%22Jeffery+Horton%22+%2Balbion&cd=1&hl=en&ct=clnk&gl=us

Sophie may consider contacting the Colorado Court Clerks office or the plaintiffs New York attorney with information about her experience with the company. (Please be judicious in use of CAPS key in any correspondence.)


Slightly off-topic:
There is something about the State of Colorado. A distributor of T___ L__ products was located in Grand Junction, Co. This information was passed to FTC in 2007 and New Zealand authorities in 2008.

TexWriter said...

This comment appeared while doing research concerning Onlinenic, recently sued by Verizon and Yahoo.

Sophie clearly has reason to be upset and the following information may be useful, as some of the research contained in her post is several years out of date or an incorrect understanding of US legal entities.

A Limited Liability Company (LLC) is a legal entity in the US, and LLC ownership records can be identified by contacting State offices. Some states provide basic information without charge, some states charge minimal fees. Dan Balsam provides an excellent list of state websites that can be used to look up business records:
http://www.danhatesspam.com/sos.html

In regards to LeadingEdge, the article posted as part of the comment was several years out-of-date.

A settlement was reached in 2007. While the settlement site, lemsettlement.com, appears now to be offline, the following articles provide some information:

"Thank Heavens for Class Action Lawyers",
http://www.circleid.com/posts/7102113_class_action_lawyers/

A copy of the preliminary settlement document here:
http://spamnotes.com/files/31236-29497/Horton.pdf
- or in Google cache html format -
http://74.125.95.132/search?q=cache:MxynAwpqwG8J:www.casewatch.org/civil/horton.pdf+%22Jeffery+Horton%22+%2Balbion&cd=1&hl=en&ct=clnk&gl=us

Sophie may consider contacting the Colorado Court Clerks office or the plaintiffs New York attorney with information about her experience with the company. (Please be judicious in use of CAPS key in any correspondence.)


Slightly off-topic:
There is something about the State of Colorado. A distributor of T___ L__ products was located in Grand Junction, Co. This information was passed to FTC in 2007 and New Zealand authorities in 2008.

IKillSpammerz said...

Thank you, Tex Writer, for the first informative and constructive comment in many months. Good information.

SiL

Anonymous said...

Sopia,
Your a idiot. The warehouse really is there.Lem internet had nothing to do with that e-mail.
The lawsuite your talking about was handled out of court.