KELOS-CIS.COM
The notorious kelos-cis.com scam project of US domain registration and webhosting companies, such as iPower, DreamHost and Comodo. The latter provides authentication certificates, apparently, to the highest bidder. (www.iPower.com, www.DreamHost.com, www.Comodo.com).
This is a multi-billion scandal involving some of the most known brands in
the industry. Prominent position holds the company Endurance International
Group (www.endurance.com).
Not even Google managed to shut down the phishing sites that rip off people
of their cash and dignity. And that takes place globally. Last year, more than
2 million people were successfully attacked in France at a cost to the innocent
that may very well reach a billion Euro.
The valley giant could not stand as safekeeper of the internet in this
case. Google may end being exceptionally harmed by this inadequacy. Needless to
say, there are indications that people working for criminal entities may have
already infiltrated the tech company and benefit from inside access. Evidence
shows that way.
On the other hand, ICANN, the official regulatory authority, has created,
very questionably indeed, a safe heaven for the thugs operating the scheme from
the headquarters of such companies. Of course, other stakeholders are involved.
ICANN looks like being the protector of the scammers instead of regulating the
industry.
iPower and DreamHost both market and operate services where anyone could
register a domain name without any details being disclosed. This service could
be used by any criminal, common or terrorist, to launch attacks from active or
dormant websites. But it served better internally, to registrars and webhosting
companies, so they can cover tracks.
iPower runs the service Domain Privacy Service FBO and DreamHost runs the
service Proxy Protection, via their entity Proxy Protection LLC.
The findings were overwhelming and deserved special attention. An attempt
to reach out to Middlesex District Attorney, Marian T. Ryan - as Mrs. Ryan is
believed to be the competent district prosecutor at the area of Endurance's
headquarters - was fruitless.
There are indications about several domain registration and hosting
companies and their affiliates, which collect data and contact details that
later use to send out tons of fraudulent emails.They also run websites trying
to deceive any way they can unsuspected visitors.
The companies, would not shut down their phishing sites or stop their
activities no matter what. Again, to be noted, this is measured in billion
(with a b).
In several occasions, the phishing emails originate from countries out of
the ordinary, like Moldova, but from servers run by old buddies with American
education and experience and several years in business. At least in one
occasion, phishing emails came from IP address 94.177.182.190 that is used by
Vesta.
Another expert, let us say, in Frankfurt, Germany, would remotely connect
to the aforementioned server, so no harm done. Nonetheless, each case is
unique.
Once your credit card details are stolen, they would forward immediately
your data for evaluation and charges to other international scammers, for
example businesses that are supposedly travel agencies, and may operate from
Singapore or Europe, or any other place you can imagine. Companies like
Supersaver and Seat24:
These merchants are open for business and then disappear as quickly as
water on a sunny day. (Most of the links above would not work after a week or
month).
By the way, who is behind the aforementioned scam websites?
This is another domain registration and web hosting company. You get the
idea, right?
Kelos is the code name of the operation. They have built a sophisticated
team of experts and a state-of-the-art platform to control and monitor
operations. The moment you take any action on the internet, you leave your
footprint, which these guys size and manipulate against you.
Accountability investigation led again towards the turf of Google.
In the case of kelos-cis.com, visitors are redirected, thanks to code that
runs on the site, to other phishing websites, such as the following which
specifically target French citizens:
And eventually visitors would end in something like this:
Kelos as a hub is just the play-maker. The internet domain receives links
coming from emails and websites and distributes the workload according to the
scam campaign that is on, each particular period.
There is only one line of code on www.kelos-cis.com:
Be aware. Do not disclose personal information under any condition on the internet. The malicious sites would trigger you with special offers and low prices to bend your resistance.
They are experts and very sophisticated criminals. Be very cautious.
https://web.facebook.com/michael.angelopoulos.5/posts/875070785929179
https://web.facebook.com/michael.angelopoulos.5/posts/875070785929179