In the vast digital landscape, if you’ve ever owned a domain name, chances are you’ve encountered snail mail letters masquerading as bills for domain or website-related services. Cunningly crafted, these deceptive missives attempt to trick unsuspecting recipients into paying for useless services they never ordered, don’t need, and probably won’t ever receive. This article delves into the most recent incarnation of this scam — DomainNetworks — peeling back the layers of obscurity to shed light on the masterminds behind it.
The Deceptive DomainNetworks Scam
DomainNetworks, in its snail mail letters, often references a domain that was, or is currently, registered under your name and address. While the words “marketing services” may be faintly visible in the upper right corner of the letter, the remainder of the missive is meticulously crafted to resemble an invoice for services already rendered—a classic case of deception at its finest.
DomainNetworks audaciously claims that listing your domain with their promotion services will result in a significant surge in traffic to your website. However, this assertion seems highly dubious when one examines the company more closely. In fact, it becomes apparent that DomainNetworks itself is a figment of someone’s imagination—a phantom entity created solely for the purpose of defrauding unsuspecting victims.
The Elusive Operators of DomainNetworks
A cursory glance at Domainnetworks.com, the website associated with this scam, reveals a business supposedly located in Hendersonville, N.C., and Santa Fe, N.M. Unfortunately, digging deeper into these addresses and phone numbers leads to dead ends. Neither of these entities appears to be a legally registered company in their respective states of residence, as confirmed by each state’s Secretary of State database.
Notably, the Better Business Bureau (BBB) has given DomainNetworks an abysmal “F” rating, with over 100 individuals expressing their anger and frustration at falling victim to these fraudulent snail mail schemes. Interestingly, the BBB sheds light on the fact that DomainNetworks previously operated under a different name: US Domain Authority LLC—an important clue in our investigation.
Tracing the Tracks of US Domain Authority
Delving into the past, we unearth copies of snail mail scam letters from US Domain Authority, a previous incarnation of the scam. These letters originated from the domain usdomainauthority.com, registered in May 2022. Curiously, the US Domain Authority mailers also featured a Henderson, NC address, albeit with a different post office box.
While the usdomainauthority.com website is no longer accessible, it has taken measures to block its pages from being indexed by the Wayback Machine at archive.org. Nevertheless, by searching for a specific snippet of text from DomainNetworks.com related to refund requests, we discovered that this text appears on only one other active website—an intriguing lead. This active website is called thedomainsvault.com, registered in January 2023. However, like its predecessors, thedomainsvault.com conceals its registration details behind privacy services, adding another layer of mystery to our investigation.
The Enigma of Thedomainsvault.com and UBSagency
Thedomainsvault.com, shrouded in secrecy, fails to provide any substantial information about the entity or individuals operating it. Clicking on the “Contact us” link on the site yields a page replete with placeholder Lorem Ipsum text, a contact form, and a suspiciously generic phone number (123456789). Nevertheless, our search for answers leads us to the discovery that the domain instructed incoming email to be directed to [email protected], according to passive DNS records on DomainTools.com.
Further investigation into [email protected] uncovers a connection with UBSagency, a Las Vegas-based Search Engine Optimization (SEO) and digital marketing company. Strangely, the UBSagency website is hosted by A2 Hosting Inc, the same Ann Arbor, Mich.-based hosting firm that hosts thedomainsvault.com. UBSagency’s LinkedIn page claims the company maintains offices in Vegas, Half Moon Bay, Calif., and Renton, Wash. However, attempts to find any concrete information about the people behind UBSagency or the true nature of their business prove futile. Once again, the addresses listed for their offices offer no substantial leads, and neither of these entities appears to exist as legitimate businesses in their alleged states of operation.
Unveiling Sam Alon and His Associates
Determined to peel back the layers of secrecy, we turn our attention to the email address [email protected], linked to multiple accounts associated with a certain “Sammy.” Constella Intelligence reveals that [email protected] shares a highly unique password with a few other email accounts, including [email protected] and [email protected].
[email protected] appears to be connected to a Twitter account registered to a Sam Orit Alon in 2013, who claims affiliation with the Shenhav Group. Interestingly, [email protected] was responsible for registering approximately two dozen domains, including the now-defunct unitedbusinessservice.com, as revealed by DomainTools.
Moreover, [email protected] was utilized to register an account at whmcs.com, a web hosting platform that experienced a data breach in the past. The WHMCS account was registered under the name Shmuel Orit Alon from Kidron, Israel.
Unmasking the Defacement of UBSagency
A visit to UBSagency’s Facebook page reveals a surprising turn of events—someone has defaced the page. Several images have been overlaid or replaced with a disgruntled message from an individual disappointed with Sam Alon. The message explicitly accuses Sam Alon of being a liar, thief, coward, and even makes a personal attack—an unexpected twist in our investigation.
Connecting the Dots: DomainNetworks and UBSagency
Drawing connections between DomainNetworks and UBSagency becomes evident when examining their logos. The logo on UBSagency’s Facebook page bears a striking resemblance to the logo used by DomainNetworks, featuring a magnifying glass with zig-zag lines intersecting bullet points—a unique pattern shared by both entities.
The Wider Implications: Falling Prey to the Scam
It may initially seem implausible that anyone would willingly pay an invoice for a domain name or SEO service they never ordered. However, evidence suggests that these fraudulent bills often slip through the cracks and get processed by unwitting administrative personnel, who assume they owe payment for services already rendered. In 2018, an exposé highlighted the vulnerability of organizations, uncovering that various cities, towns, school districts, and even political campaigns throughout the United States had succumbed to comparable domain invoice scams orchestrated by a company known as WebListings Inc.
Conclusion: Unveiling the Culprits
Our investigation into the convoluted world of domain name scams led us on a trail of deceit, uncovering the existence of DomainNetworks and its dubious practices. The complex web of connections ultimately pointed to UBSagency and its enigmatic figures, including Sam Alon and his associates. Although the true identities and motives of these individuals remain veiled in mystery, this exposé aims to raise awareness and protect unsuspecting individuals and organizations from falling victim to these elaborate scams. Vigilance and skepticism are crucial in navigating the murky waters of the internet, where scams lurk behind seemingly innocent snail mail letters and promises of increased website traffic.
With the threat of domain name scams persisting, it is imperative for individuals and businesses to stay informed and exercise caution when dealing with unsolicited mailers. Remember, reputable domain registrars and service providers do not typically send invoices through regular mail without prior communication or authorization.
In an age where the internet plays a central role in our daily lives, staying alert and informed is our best defense against falling prey to the schemes of scammers and fraudsters.
Source: KrebsOnSecurity
Join the Discussion