A few days ago I received a reply to one of my blog on “Domain Registration Scams” which inspired me to write a bit more about Domain Registration scammers. From where is this scam being initiated , is it really a Chinese originating scam ?
The latest email is being sent from the email id : jeremy@cdnetchina.com
Whois Lookup of cdnetchina.com
Domain Name: CDNETCHINA.COM
Registrar: TODAYNIC.COM, INC.
Whois Server: whois.todaynic.com
Referral URL: https://www.NOW.CN
Name Server: NS3.01ISP.COM
Name Server: NS4.01ISP.NET
Status: clientTransferProhibited
Updated Date: 16-jul-2013
Creation Date: 16-jul-2013
Expiration Date: 16-jul-2014Administrative Contact:
Name: wangximing
Organization: wangximing
Address: jinjiangquhaijiaoshijie
City: ChengDuShi
Province/state: SC
Country: CN
Postal Code: 610061
Phone: +86.2885915583
Fax: +86.2885912113
Email: wxm.k@163.com
There are two inputs which can be used for finding more information ie. the email-id associated with the domain and the telephone numbers.
Using WebBoar and IPAddressden we get the list of domains associated with wxm.k@163.com
1. cnsolutioncd.org
2. cnsolutionip.org
3. tsentcn.com
4. tsentcn.org
5. tsnet-asia.org
6. tsnet-china.com
7. tsnet-china.org
8. tsnetcor.com
9. tsnetcor.org
10. tsnetdata.com
11. tsnetdata.org
12. tsnetdefend.com
13. tsnetint.com
14. tsnetint.org
15. tsnetkeytech.com
16. tsnetnictech.com
17. tsnetpatent.com
18. tsnetpatent.org
19. tsnetproperty.com
20. tsnetproperty.org
21. tsnetser.com
22. tsnetsolution.com
23. tsnetsolution.org
24. tsservice.net
25. tsservicechina.com
26. tsservice.net
27. tz-nic.org
28. tscnservice.com
29. tscomcenter.com
30. tsnet-now.com
31. tsnet-now.org
32. tsnetservice.com
33. tsnetservice.org
34. tsnic-china.org
A look into one of the websites :
Domain Name Service Provider
In order to provide any service we need resources either in form of computers or network or skilled technicians. Keeping this thought in mind, I started looking into job/classifieds portals which matched the information provided by Whois records .
The below mentioned information is also available here. This advertisement had appeared in a local Chinese portal which catered to the area of Chengdu. The advertisement is looking for freshers and the number of recruits they are looking out for is 10 in number.
Job advertisement Part 1
Part II of the same advertisement
One has to consider the fact that “Google Translate” was used to get the translated text, hence the name of the Parent Organization might have been wrongly translated / interpreted. Hence , in order to gain further insight, used the original Chinese text to gather more information. This activity of ours leads to numerous Local Chinese Classified portals posted on various dates . A few of them have been listed below
Link 1 on a Local Chinese Classified PortalLink 2 on a Local College Recruitment Portal
College Students Recruitment Advertisement
After completing all these exercises we are able to extract a few more email-ids jian299@yahoo.com.cn, chengtao19@yahoo.com.cn and 1282333818@qq.com
More search leads us to a couple of source IP address all of which incidentally belong to Chendgu Region of China.
IP Address
One might be wondering about the exact location from where this scam is being perpetrated.
Approx. Geo Location
In all the advertisements one may find that there is always a requirement for 10 people every two months . This doessnt mean that at the end of 10th month they will be having 100 employees , however it would be safe to assume that they have a very high influx of employees.
However, one thing which is common everywhere is the number of present employees ie. 20-25. For the sake of calculations we assume that this organization , at any point of time has 20 employees and each and every employee is being paid an average salary 2500 yuan. We have arrived at this figure based on the advertisements.
In order to sustain this work-force, this organization would be probably shelling out 62500 yuan per month ie. approx 10500USD per month.
Further research into the amounts requested by these scamsters they tend to generate a profit of atleast 35USD per domain and thats approximately 300 New Domain registrations per month just to break even. And every victim would be procuring not less than 5 domains which would compute to a minimum of 60 victims per month.
The most disheartening aspect of this entire exercise was to find college-freshers being lured into this unethical business.
Since, we are not maintaining any list of Domain Scams, those interested may find a comprehensive listing of Domain Scam Emails over here. Also, you may forward the domain scam emails alongwith the email headers to Mr Christopher on his email id christopher@europeandomaincentre.com .
[Update]
Current PriceList of Chinese Domains : https://www.bigrock.in/domain-registration/domain-registration-price.php
CN Domain Price List
1 Comments
Pingback: SCAM Warning – China! | TMP-SYSTEM-SERVICE LLC