Check out this page from another web site listing email address from known scammers. This man has put a lot of work into compiling this list and he has discovered that some scammers have as many as twenty email addresses!

Here's another page from someone fighting the scammers! http://www.bustedupcowgirl.com/scampage.html

Internet Crime Complaint Center: http://www.ic3.gov/

8/5/08 vanbrokkoston@gmail.com attempted to have me send him $500.00 to pay for the "airfreight" for two parrots from Africa. He sent me two links to bogus web sites that he said were web sites for the "shipping company" that I was to pay this money. I contacted the server for both of these "web sites" and had the content removed due to fraud!

7/10/07 Here's another way to scam:
From: morgan kidman <morgan_kidman001@yahoo.com>
Reply-To: kidman_blly@yahoo.com

HELLO THERE,
MY NAME IS MR KIDMAN FROM THE UNITED KINDOM. I AM INTRESTED IN THE IMMIDIATE PURCHASE OF YOUR BIRD I AM A BRID LOVER AND WOULD LIKE TO ADD THIS TO MY COLLECTION OF BIRDS I WOULD LIKE TO KNOW HOW MUCH IT WILL COST ME .
I WOULD LIKE TO YOU HAVE IT IN MIND THAT I WOULD BE RESPONSIBLE FOR THE SHIPPING THEREBY, I WOULD BE ISSUING OUT AN EX-CESS FUND TO YOU AS SOON AS YOU CASH THE CHECK, I WOULD LIKE YOU TO REMIT THE REST OF THE MONEY TO MY SHIPPING AGENCY TO HELP THE IN COMMING FOR THE PICK UP FROM WERE ITS IS SITUATED.
MY PAYMENT METHODS ARE MONEY ORDERS OR CHECKS.
LOOKING FORWARD TO DO BUSINESS WITH YOU SOON. BEST REGARDS, KIDMAN.

In this scam, the scammer sends a bogus check in excess of the price of the bird. The victim "cashes" the check and sends the bird PLUS MONEY (the supposed overage of the funds to be used for shipping). The check, being bogus, does not clear and the scammer makes off with the birds AND SOME OF YOUR HARD-EARNED CASH! DON"T BE FOOLED BY SUCH EMAILS!

10/4/06 Here's another scammer using my images (removed from this copy of his email) that I took of my pet Hyacinth Macaw, Iris, and of my husband.

from: cullen626@yahoo.com

Hi,
Thanks for the respond. Ana is available and i really need a new home for her, one that will have lots of
affection and love to offer her and most especially experienced with birds. She is aged 10months old. Hand raised and tamed to get along
perfectly well with humans and other pets. She has been vet and medical checked and is very healthy. She is able to mic
speech with words such as i love you, good bye, good night, good morning, and her name. She has been DNA sexed and proven,
as a female. Our current location is Bertoua where i got to some days ago as result of my new employment as U.S.A volunteer cartering for people affected by the Hiv/Aids.She has a fee of $1400 that includes the cage, flight cost and other supplies she will be coming along with. Attached are pictures of Ana. I look forward to hearing from you very soon.

Best regards.
Tim.

dollarcaseexports@yahoo.co.uk (claims to have Black Palm Cockatoos and many New World parrot species available from Togo in Africa)

lauren@37.com (using my list of birds for sale on Up At Six classified ads)

Agahken Emmanuel Mimba.
Box 454, Avenue Kenedy
Cite Verte 454
Yaounde 00237, Cameroon
email: myparrotfarm@yahoo.com

Below is the lovely email I received from "Mr. Mimba" after he saw that I had put his information on this site. Nice man!

"BITCH YOU THINK YOU WON.SORRY I JUST SCAMMED ONE AMERICAN IDIOT YESTERDAY OF $1500.i have many identities ie names email address and all that.i am a genuise.i contact 10 foolish Americans and i scam atleast 7.you were lucky.you know ,our parents worked during the slave trade but were not paid,thats what you whites are doing now.paying for what our parents worked.f#@k you and your mother f#&^%n mama."

pay@north.org

petman.com@north.org
name : MARK PARTLOW
conutry :CAMEROON (AFRICA)
city :DOUALA
street :AKAW-DOUALA
PO BOX 21157

frankline_2008@yahoo.com (think this could be another email address for Marious Timhothy)

JOHN SUH
WESTERN ROVINCE BAHAM CAMEROON
HOUSE NUMBER 44 OTATA
email: alexanda@nativeweb.net

JOH STEPHEN
LITTORAL PROVINCE DOUALA
CAMEROON PORT CENTRAL.
email: johnson2000@luxmail.com

(this delightful scammer even threatened my life and those of "you beef" after he saw his name on this page. His email to me:

"i dont blame you you are sotupied.how there you do such a thing by poisling my image.if you joke i will personaly fine you and kiled.my witch doctor here has located you in Texas and if you joke now am killing you you fool.be very care am a chief and our tradition here is too serious i can killed you beef.")

Cameroon Pet Express
Rue Adeanaur, Elik-Sono Yaounde
P.O Box 3046 Yaounde
Centre Province Cameroon
Phone +237744-20-34, +237744-42-81
Fax: +237231-44-10
web page: cameroonpetexpress01.tripod.com
email: cameroonpetexpress@yahoo.ca

Dr MAAH Martin N.
Box 5029 Yaounde
Centre Province Cameroon
Tel: +2375099490
email: maahmn@yahoo.com

MARIOUS TIMHOTHY
CENTRAL PROVINCE YAOUNDE
CAMEROON HOUSE NUMBER237 OBILI
Tel: +237-234-2445
email: marious2008@yahoo.com

PATRICIA BRENDA
CENTAL PROVINCE YAOUNDE,CAMEROON
HOUSE NUMBER 23 BASTOS.
ZIP CODE: 237
email: patricia_petsmama@yahoo.com

PLEASE don't believe the lies of these scammers! KNOW THE FACTS!

-------------------------------------------------------

Rules to protect yourself from these Chinese scammers...

#1. Never use Western Union Money Order to pay for goods from China! NEVER!! Western Union is the preferred method of payment for these scammers. They will request the MTCN from you and within 30-45mins of receipt of such your money is gone. You're sending them cash in effect. I repeat NEVER EVER use Western Union to pay for goods from China.

#2. Don't send a wire transfer to Bank of China. Most international legitimate trade is done on Letter of Credit basis, so if you're considering buying goods for $1000+ then insist on this method of payment, and if the potential supplier says "no we don't accept it", then don't buy from them.
Visit this website for more information on Letter of Credits..
http://www.crfonline.org/orc/cro/cro-9-1.html

#3. If it sounds too good to be true, then it is. They're trying to appeal to your desire to save money, as they say everybody loves a bargain but, being "penny wise" is "pound foolish" ie a penny saved is a pound lost!!

Examples of their methods...

Typically, these person/s use multiple methods to attract westerners and to convince them of their legitimacy. Here are some of examples...

1.) They send spam emails targeting gmail/yahoo/hotmail users, inviting people to visit their website/s like this....

Dear Madam/sir,

We are a wholesaler  which deal with all kinds of such electronic products as motorcycles, TV, Notebooks, Phones, Psp,  Projectors, GPS, DVD, DV, DC, MP3/4, musical instruments, toys, watches and so on. We can offer quality goods with reasonable  price.

We deliver our items by EMS to our customers around the world, When you have time, welcome to visit our website and contact us. Thanks.

If you have any question, please don't hesitate to let us know. We will glad to help you. Welcome to our website and enjoy your purchasing.

Our website: www.eshow123.com
Mail:show123on@hotmail.com
Mail:show123on@yahoo.cn
I hope to hear from you soon.

As you can see they always use hotmail and local yahoo accounts as their originating email accounts. Typically their originating IP in the email headers is spoofed and not their real IP address of course.

2.) They will post trade classifieds on legitimate websites like this one.

http://goldcoast.adoos.com.au/l/mot

When you visit their website you'll see it's related to their others (see below list of domains), same basic design and content,..

Dear friend:
i am sorry to take you precious time !
www.51elec-shop.com , we offer brand-name electronics at deep discounts and come with
manufacturer
warranties. Computers, Televisions, Cell Phones, MP3/MP4 Players, Digital Cameras,
Camcorders, Video Games Consoles, GPS and Motorcycles, most items are sold at wholesale
prices, you will find lots of great bargains here. And we have a sales promotion from now
on, buy more, save more and get more! When you have time, welcome to visit our website get
more information. Thanks!
Contact us through the following ways:
WEB: www.51elec-shop.com
MSN : elec-shop888@hotmail.com
E-mail : elec-shop888@hotmail.com

3.) They setup numerous online webstore and internet shops with attractive prices, but no point in ordering from their website even if you do they will contact you to buy through email. (see below for a list of known internet websites that are setup for internet fraud targeting westerners.

Here's an example of the same scammers on another website... they're just not focusing on electronics and motorcycles, but also shoes, bags and clothes as well.

Who we are: WTT Co.,Ltd.,which is located in one of China big largest shoes industry manufacturing base--Putian of China.Our main focus is dealing with high quality brand sportshoes ,bags and clothes. We have developed mutual trust and understanding with many customers in many countries all over the world such as USA, UK, ITALY, Argentina, Japan,Middle East.
Our Experience: We have many years of experience in dealing with all types of shipping:large or small.We have developed extensive contacts with many local or international freight organizations, so we are able to ship our goods safely and reliably to anywhere in the world.
Our History: For 10 years, WTT’s owners have paid close attention to customers' needs.WTT owners have a proud history of delivering exceptional results. In the process, a unique business culture has emerged that drives associates to perform their absolute best.

And visit this URL to see some posts from people that have fallen victim to these person/s
Click Here (see the comments at the end of the news story)

4.) They will attempt to gain your confidence by making false statements like this...

          For such a mistake I am sorry. Our website invasion by some lawless elements and they Changes the  price. Many of our customers bring about the wrong information, so we have a lot of work that they can not be normal. Our online store has been closed, To adjust. To bring you the mistake, we said very sorry. HDRHC3E our normal price is 608 euro, instead of 250 euro. I hope you can understand, to bring you the error, our company can give you some appropriate concessions , But not 250 euro. If you believe that we can, we can conduct long-term trade, our company will give you a lot of concessions, you are welcome. If you can not see the incident, we can only be conducted later, In any case you are welcome. You are our valued customers. If we can cooperate, we hope that the companies have the opportunity to invite you to come to China to attend the 2008 Olympic Games. We are the sponsor of the 2008 Olympic Games.
 

As you can see they will even claim to be sponsors of the Beijing 2008 Olympics, and ironically claim that "some lawless elements" have invaded their website/s. Again it is more trickery to solicit extra money from you.

In fact, it would seem that if such "lawless elements" aka hackers had attacked their websites through xss scripting and sql injections and thereby caused these scamming websites to be completely inoperable and/or which resulted in the content being erased, one could truly morally and ethically defend such people for doing a community service and positively contributing to humanity by alleviating the continuing suffering of innocent victims as a result of the deliberate and intentional actions of these chinese criminals who are committing fraud. It would potentially give hackers a good name.

5.) They will always insist on payment by a Western Union money order and/or wire transfer to an account at Bank of China based in Beijing. Again neither of these can be verified and they presumably use fake names and IDs to get the funds, in fact they are not in Beijing at all they're from ZhengZhou city in Henan Province. At times they will even ask for extra money claiming the goods can't be released by customs in China unless more money is sent.

Here's an example of the order request email form they will send you..

We currently accept payment of two methods :

1. Western Union
2. A bank transfer.
      PayPal and  visa can not be used temporary, because we are dealing with unruly elements site was changed after the transfer, the initiative of the trouble. About your orders ,You c an see information below, and then back to me:

In order to send products without mistake .Please check out the item and fill in  the (blank)carefully.Then send this letter to us.
 
The following is the details of
1.your purchase         :SONY HDRHC3
2 .Item number          :(2008053002 )
3. price                :() EUR
4 .Shipping & insurance :(0+10) EUR
5. total                :() EUR
6. Receiver name        :( )
7. country :            :(  )
8.Address               :(  )
9.Post Code             :( )
10.Tel Number           :( )

Western Union: www.westernunion.com
My first name is: Hai Tao
My last name is: Tang
City:Beijing
Country:China
Post code :100021
 
 
Bank of China account transfer :www.boc.cn/en
Bank name:Bank of China Beijing branch
-Address:NO.8,YaBaolu,Chao Yang District,Beijing,China
-A/C holder's name: HAI  TAO TANG
-A/C No.:6249-7902-0015-274
-Swift code: BKCH CN BJ 530
 
We will need the following information from you after you have sent the payment:
- Money Transfer Control Number (MTCN)
- Senders Name(first name and last name)
- Country you done the payment
- Total money
- Transfer currency
- Address
-

Best wishes to you !
 
Many thanks

As you can see the item number is just the date in reverse, and they claim unlike their website material that Paypal and VISA are temporarily unavailable.. again due to unruly elements. More sophistry to deceive and mislead through trickery with clear intention to commit internet fraud to steal your money, they will not send goods typically or if they do they'll send cheap jewelry or shoes, using DHL or EMS from a Hong Kong location after sending the item from somewhere else in China (most likely Zhangzhou) to Hong Kong for despatch. They will attempt to do this when they wish to persuade you to buy something else from them to bide some more time.

Known websites committing Internet Fraud...

Here's a list of known related websites that are committing Internet Fraud, don't be fooled by the website storefronts with all the logos, and some even have address and telephone contacts at the bottom.. none of them are real and the same asp/sql website is being used on all these websites, just with slightly different appearances and/or flash animations. Some of these websites have since been removed by the scammers, only to re-setup under new domains. Update: looks like many of the websites are being removed in a hurry now.. ;-)

Unfortunately there are just far too many websites to list here, take the time to visit a few of them.. you'll soon get a feel for the style and english they use in their websites. Then cut 'n paste sentences like these "Our main focus is dealing with high quality brand" and then google the web, you'll soon find numerous online webshops/storefronts selling bags, shows and jeans etc, like these..

• welcometotrade.com
• nikezoom.net
• cntechsky.com
• worldtoptrade.com
• tradingtop.com
• tradesunrise.com
• wholesaletrainers.com
• sellshoesb2b.com
• love-biz.com
• clothing-oscar.com
• hulantrading.com
• abaygogo.com

Then cut 'n paste sentences from their website like "We are a large wholesaler who mainly sell" and google the web, you'll soon find numerous online webshops/storefonts selling electroincs, laptops and motorcycles etc, like these..

• buyelenow.com
• ttlxl.com
• fgxzq.com
• dgtaste.com
• kemashop.com
• wtdzuy.com
• shopcome.com
• buyshoping.com
• ele988.com
• fvi8.com
• 51elec-shop.com
• shopingsale.com
• ele-brand.com
• sellerhot.com
• emarket-trade.com
• eshow123.com
• upatd.com
• elehot.com
• bdaopy.com
• top-un.com
• trademallcn.com
• wdzmcn.com
  
  

Don't bother using whois to try to find out who is behind these websites.. no point, they're not real people.. but wait here they're!!!

The real operators and IP's...

The operators of these scamming websites are the owners (see below), and/or people connected to them, of the domains TOTOC.COM & TOTOC.NET. In late 2006 they began development of these scamming websites and by early 2007 they were operational. However, due to doltish oversights the creators of the faudlent webstores left a copy of their initial development website completely unprotected, so it was available for complete download (probably still is btw). Once the structure of their website was determined it was then easy to download the databases of a non-development website ie. a live webstore front they were actively using to commit fraud. They simply would shut down one domain after a certain number of scams, cosmetically change the appearance, storefront name and then just reload the entire website and databases to another domain. All of the abovementioned domain names used this same development storefront as their base, indicating the scams were all originating from a single source.

Below are links to;

1.) Their original complete development website - Click Here

2.) The database files from an operational webstore, in this case the one from gdtaste.com. -

Click Here

Here's an example of the normally hidden administrative asp file from their website for all these related fraudulent internet storefronts... as you can see this is the file that is used after they login successfully to manage all of the storefronts.

<HTML><HEAD><TITLE>网站管理面板</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD>
<%
if session("admin_name")="" then
response.redirect("login.asp")
else
%>
<frameset rows="*" cols="190,*" framespacing="0" frameborder="NO" border="1">
<FRAME name=leftFrame src="admin_left.asp" noResize>
<FRAME name=mainFrame src="http://www.totoc.net/link/Clent_admin_body.asp">
</FRAMESET>
<noframes></noframes>
<%end if%>
</HTML>

As you can see it includes a remote call from their webserver! All their websites have this same remote code embedded in their admin.asp files for execution to manage all these scamming websites. Other files include DIV and inline linking references to totoc.com as well.

To confirm this in their initial development website the data.mdb access db file contains further references to "totoc", here's a copy of their recordsets from their initial development storefront.

So who are (were ;-) Totoc.net & Totoc.com?

Response for query: "totoc.com"

Domain name: totoc.com

Registrant Contact:
song yue
song yue sy1314@totoc.com
+8613910716474 fax: +8601065001114
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Administrative Contact:
song yue song sy1314@totoc.com
+8613910716474 fax: +8601065001114
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Technical Contact:
han qing lin Edmond_H@163.com
+8601065953214 fax: +8601065953214
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Billing Contact:
song yue song sy1314@totoc.com
+8613910716474 fax: +8601065001114
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

DNS:
dns.bizcn.com
dns.cnmsn.net

Created: 2005-06-30
Expires: 2008-06-30

Response for query: "totoc.net"

Domain name: totoc.net

Registrant Contact:
song yue
song yue linyue1573@21cn.com
+8601065953214 fax: +8601065953214
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Administrative Contact:
song yue linyue1573@21cn.com
+8601065953214 fax: +8601065953214
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Technical Contact:
han qing lin Edmond_H@163.com
+8601065953214 fax: +8601065953214
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

Billing Contact:
song yue linyue1573@21cn.com
+8601065953214 fax: +8601065953214
chaoyangguandongdianbeijie1haoguoandashaa
beijing Beijing 100020
CN

DNS:
dns.bizcn.com
dns.cnmsn.net

Created: 2005-06-30
Expires: 2008-06-30

........ as you can see the domain was originally registered in 2005, and unlike all their other scamming websites they kept this one renewed for 3 years, until we exposed them of course. Originally, they were a Chinese ISP selling server-based hosting on IIS asp webservers (that was what was on Totoc.com before they removed it), it would also explain why these scammers have the programming skills to develop an asp webstore front like this from scratch and further support the fact they have the knowledge of how the internet works and how to avoid detection.

Their biggest mistake was to leave their unprotected development site online,
so it could all be connected back to them!

Finally, if you have been a victim of any of these abovementioned fraudulent webstores then we recommend you contact the local Chinese Embassy or Consulate in your own country to lodge a complaint and refer them to this website

-------------------------------------------------------

Glossary Of Internet Scam Terms

Back-door Trojan -- a program that opens up a user's computer to remote access across the Web without the user knowing.

Bot -- short for robot. A computer program that performs automated tasks. Can be used maliciously to scan for passwords, search browsing history, capture keystrokes, send spam and report information to a third party across the Internet.

Botnet -- a network of compromised robot computers controlled remotely by a third party.

Malware -- a general term for malicious software. Examples include viruses, Trojan horses, spyware and worms.

IM -- instant messenger

Image spam -- a spam e-mail whose content contains text embedded inside an image.

Smishing -- phishing using SMS messages on cell phones. The message tries to lure smart phone users to a Web site, where they download malware without knowing it.

Spim -- spam over instant messaging.

Spit -- spam over internet telephony, or VoIP spam.

Trojan (horse) --a malicious program made to look legitimate or harmless to unsuspecting computer users so that they will run the program.

Virus -- a malicious program capable of copying itself and attaching to other programs. To function, someone must run the program to which the virus is attached.

Vishing -- short for voice phishing. In this scam, consumers receive an e-mail or phone call directing them to call a phone number with regard to a problem on a bank or credit card account. When victims call, they hear an automated message asking them to verify account information and other sensitive data. Keystrokes get recorded as victims enter in their account details. By using Voice over Internet Protocol phones, scammers can choose the area code and prefix of the telephone numbers used so that they closely resemble the real company's phone numbers.

Web 2.0 -- a term used to describe Web sites that allow users to generate content. Examples include blogs, Wikipedia, MySpace, YouTube, Facebook and LinkedIn.