Thursday, April 10, 2014

Why fraud is so easy on the Internet

Last week, a fairly large number of email addresses associated with customers of the popular Bitcoin service Coinbase.com leaked to the Internet.  Since then, a number of phishing attacks have been launched against those email addresses in the hopes of stealing user login details and gaining access to the millions of dollars in Bitcoin stored in Coinbase user accounts.

Tonight, I received such an email and thought I'd follow it to its logical conclusion. I traced IP addresses and found that

1. The person sending the email originated from China.
2. They used a server at GoDaddy.com to send the phishing email
3. They put a fake Coinbase.com website up at the Aplus.net hosting provider

This seemed pretty cut and dried. I'd call these companies, file reports, and they'd crack down on the fraudsters immediately bu closing the associated accounts.

That's not even close to what happened.

First I called APlus. Even though I had the URL of the fraudulent website that was sitting on their servers, I was told there was nothing they could do. "We can't just go and shut down a website based on a complaint' is what I was told. Even though the complaint could be backed up with proof on a server THEY controlled? Yep, sorry, can't help.

Next, I called GoDaddy. They are the worlds #1 domain name register and hosting provider. Surely they would do something. Nope, the couldn't do anything either. In fact, I was told by the agent I spoke to that they couldn't do anything until the authorities told them to take the site down! Really?  What if I was reporting a site streaming live child porn, I asked. That's different. How? They are both crimes and GoDaddy's server is being used to facilitate that crime. Why is one different?

The rep at GoDaddy wasn't done though. He told me that my complaint was like 'calling Ford and reporting seeing a Mustang speeding'. Sure, except there is nothing Ford can do about a random Mustang speeding and there is everything GoDaddy can do to stop their server from doing illegal things.

In the end, I send abuse reports to both APlus and GoDaddy. I'm sure 'something' will be done eventually but how much money will be stolen in the next few hours before these two complicit companies get off their behinds and decide it's actually worth doing something?  It's responses like these that criminals depend on. They know these companies simply can't be bothered to do anything until something bad happens. So, while they don't expect it to run long, they know it will likely be at least a little while and they will make a little (or a lot) of money before the companies do something.

GoDaddy and Aplus should be absolutely ashamed. If their 'policy' is to do nothing then their policies need to be changed. I am ashamed to say I am a customer of GoDaddy. Their callous attitude towards the abuse of their server is unconscionable and needs to be rectified. Until they do, I would encourage anyone who is a customer of either GoDaddy or Aplus to go elsewhere. Policies will change when the money dries up. WE control that. 

No comments: