JD's Brain

« January 2005 | Main | March 2005 »

February 05, 2005

online-replica-store.com sucks!

It has been a few weeks since I reported about simply-rx.com. Lots of people posted comments saying they were ripped off. I decided to check if several of the redirected domains (those that point any subdomain to the sucky site) were still up, and they are--except that they now all point to online-replica-store.com.

A quick search on Google will tell you that this is just another scam by the same people. The domain was registered by another fine Spanish citizen:

domain:       online-replica-store.com
status:       production
owner:        Sanchez Gonzalez
email:        gruco99@rodrun.com
address:      San Roque 889
city:         Castiblanco
state:        --
postal-code:  41230
country:      ES
admin-c:      gruco99@rodrun.com#0
tech-c:       gruco99@rodrun.com#0
billing-c:    gruco99@rodrun.com#0
nserver:      ns1.dns889.com 203.98.159.136
nserver:      ns2.dns889.com 203.98.159.136
registrar:    JORE-1
created:      2004-12-17 10:56:45 UTC JORE-1
modified:     2005-01-23 17:10:37 UTC JORE-1
expires:      2005-12-17 05:56:45 UTC 
source:       joker.com

Looks like a bogus name to me, as both "Sanchez" and "Gonzalez" are usually last names.

A few of the domains redirecting to the site are:

• *.iazy.com (as listed before)
• *.keej.com (as listed before)
• *.yomoi.com:

  Domain Name: YOMOI.COM 
  Domain Status: LOCK
  Registrar: Wooho T&C Co., Ltd. d/b/a RGNames.com
  Referral URL: http://www.RGNames.com
  
  Domain Registration Date....: 2004-11-04 GMT.
  Domain Expiration Date......: 2005-11-04 GMT.
  Domain Last Updated Date....: 2004-12-24 08:23:40 GMT.
  
  Registrant:
      bee aa
      588, Seocho-dong, Seocho-gu
      Seoul,  137070
      KR   
  

  We know Mr. Bee Aa already, right? :P

• *.roiex.com:

  Domain Name: ROIEX.COM 
  Domain Status: LOCK
  Registrar: Wooho T&C Co., Ltd. d/b/a RGNames.com
  Referral URL: http://www.RGNames.com
  
  Domain Registration Date....: 2004-10-26 GMT.
  Domain Expiration Date......: 2005-10-26 GMT.
  Domain Last Updated Date....: 2004-12-24 10:49:27 GMT.
  
  Registrant:
      smith a
      588, Seocho-dong, Seocho-gu
      Seoul,  137070
      KR
  

  Now _that's_ a real name: "Smith A". "How are you doing today, Mr. A?".

• *.jeou.com:

  Domain Name: JEOU.COM 
  Domain Status: LOCK
  Registrar: Wooho T&C Co., Ltd. d/b/a RGNames.com
  Referral URL: http://www.RGNames.com
  
  Domain Registration Date....: 2004-11-04 GMT.
  Domain Expiration Date......: 2005-11-04 GMT.
  Domain Last Updated Date....: 2004-12-24 08:23:40 GMT.
  
  Registrant:
      bee aa
      588, Seocho-dong, Seocho-gu
      Seoul,  137070
      KR
  

  Looks like Wooho is making a killing on registering domains for these people!

• *.vievv.com:

  Domain Name: VIEVV.COM 
  Domain Status: LOCK
  Registrar: Wooho T&C Co., Ltd. d/b/a RGNames.com
  Referral URL: http://www.RGNames.com
  
  Domain Registration Date....: 2004-10-04 GMT.
  Domain Expiration Date......: 2005-10-04 GMT.
  Domain Last Updated Date....: 2004-12-24 10:47:26 GMT.
  
  Registrant:
      aweb 
      588-5, Seocho-dong, Seocho-gu
      Seoul,  137070
      KR
  

• *.repllca.com:

  Domain Name: REPLLCA.COM 
  Domain Status: ACTIVE
  Registrar: Wooho T&C Co., Ltd. d/b/a RGNames.com
  Referral URL: http://www.RGNames.com
  
  Domain Registration Date....: 2005-01-21 GMT.
  Domain Expiration Date......: 2006-01-21 GMT.
  Domain Last Updated Date....: 2005-01-21 17:24:09 GMT.
  
  Registrant:
      Kimbo K
      Gangdong-gu, Seoul Gangdong P.O.Box, Gangdong-gu
      Seoul,  134600
      GB
  

A few other domains at Wooho (raoy.com, mejc.com, etc.) are not responding right now. I wonder if Wooho is doing something about this or if they're just having technical difficulties.

The "modus operandi" for these scammers is the usual: design a professionally looking site (probably by just stealing the layout from an honest site), list products that are not readily available (cheap medicine, fake watches, sex toys) due to grey market concerns, charge about half the price of regular grey market items, and PROFIT! I wouldn't be surprised to hear that the credit card charges point back to India or China even if the site is in English. That makes it a lot more difficult for credit card companies to get their money back. Of course customers should get their chargeback even if the CC company never seems a dime back from these scammers.

What really made me mad about these guys this time is that they spammed _all_ of the GNU mailing lists (glibc, a2ps, smalltalk, chess, etc.). Do they _really_ think that Free Software / Open Source people fall for this kind of scam? I'd think that their 0.01% sales over advertisement must come from people who are using the Net for the first time or something like that. I mean, they don't even post contact information on the site. Or list a company name. It's just a pretty site with _no credentials_ whatsoever.

So there you go, same gang, new site, beware.

Updated: [6-Feb-05] Added repllca.com.

Posted by jdrowell at 10:25 PM | Comments (23)