Thread of Shame

[firefly]

It happens from time to time that some of the fraudsters exposed on our forum decide to test us, pretending to be innocent of the frauds exposed here.

It also happens from time to time that the faker makers reported on our forum are contacting us, pretending they are innocent and they have nothing to do with the fake profiles or fake sites associated with their identity.

What they don't know while playing their little mind games is that we don't post anything on this forum without double checking first.

Online fraud has a long history, and the ones scamming innocent victims or facilitating this crime by creating the infrastructure used in fraud have a common point: they all leave traces online. They imagine there is no record left after a while. They believe that once an online profile/account gets removed, or a fraudulent site gets suspended or expires, there is no more evidence connecting them to the fake sites they created, maintained or were associated with. When no evidence is left, they assume they got away cleanly and pretend to be innocent. They deny the fact of the harm done.

Options are available online allowing somebody creating a fake profile or a fake site to protect his identity while registering it. A lot of fraudsters are using this option, while believing they have a complete privacy protection for their fraudulent activities.

More recently, the way the General Data Protection Rules (GDPR) was implemented on May 25, 2018 in the EU doesn't allow a regular Internet user to check the registrant details for a domain name. This is another shield for potential fraud if abused.

We said it before and we say it again: there is no privacy and no protection for online fraudsters.

Until law enforcement manages to solve jurisdictional issues and the regulators involved in how the Internet is working today find a way to mitigate online fraud, we will use any legal option we have for exposing the people involved in online fraud: their fake profiles, their real faces (when we manage to identify them), fraudsters as well as the ones knowingly facilitating the activity of fraudsters defrauding consumers every day.

Fraudsters do not care about the GDPR or the laws.

While being defrauded, victims lose not only money or self esteem, they lose their privacy as well. Their details, obtained by the fraudsters during scams, are part of sucker lists passed from one fraudster to another, and those victims get targeted again and again. The very same details end up on unprotected fake sites pretending to be banks, couriers or similar. Anyone can grab those details and re-use it to defraud those victims further.

The victims have no way to avoid online exposure because of these fraudsters taking advantage of them.

On our forum, we respect the privacy and protect the victims of cyber-crime, not fraudsters. The information posted here is for the benefit and protection of legitimate Internet users and law enforcement.

If you are a fraudster exposed on our forum and you contact us, playing innocent with a fabricated story, it is fair to let you know that you have no protection here and never will have.

[firefly]

Email received:

From: PR-SignOnHost.Com <pr@signonhost.com>
Sent: Wednesday, August 15, 2018 9:43 AM
Cc: ccokoji@gmail.com
Subject: Defamation of character
Importance: High

Dear Sir,

I am the PR to signonhost.com. A webhosting hosting based in Africa.

We noticed you have listed our co-founders email (ccokoji@gmail.com) as a scam email here:

viewtopic.php?f=17&t=68558

Kindly note that this is our SOA record email and it shows up on all the domain hosted on that server.

We want to request that you please, remove that email from the forum, it is attracting too much spam and unsolicited mails and our founder is not happy with that. Moreover, it is a defamation of character.

I am sure also that the phishing site has been suspended.

Thank you for understanding.

Regards,
Peter More
PR, SignOnHost.Com

Let's clarify:

The email address ccokoji@gmail.com was reported first time in 2006, while being associated with two fake sites pretending to be banks; alliedbondbk.com impersonating Allied And Bond Bank, and fangod.net impersonating First Atlantic Merchant Bank Ghana. Since then, another 100 domain names were or are associated with the same faker maker details. Not all the sites associated with his identity are fake, some are built for real businesses in Nigeria, though the ones created, maintained and used for fraud are the majority. These are mostly impersonating banks, couriers and official institutions.

Following a scam attempt reported in https://www.scamsurvivors.com/forum/vie ... =6&t=57318, we investigated the domain name used in that fraud. The result of that investigation is posted at viewtopic.php?f=17&t=68558.

"Defamation of character", according to the official definition, is "the communication of a false statement that, depending on the law of the country, harms the reputation of an individual". That applies to the situation when what we said is not true. We can prove what we said. If you choose to disagree please contact ABSA bank, who filled an UDRP to regain the control of a domain name created by you while impersonating them: http://www.wipo.int/amc/en/domains/deci ... -1363.html, and the EFCC, who can contact us for details if needed.

[firefly]

Back in 2018, a bank account used in a romance scam attempt was reported in viewtopic.php?f=11&t=66710.

The owner of that bank account contacted us today.

Email received:

Hello,

I was making a random search of my name where I stumbled across a post with my banking details on your website, I have reported to the authorities in my country that I had my bank account compromised by some criminal elements and filed a complaint in this regards to the appropriate authorities, so please I request to have my information taken down from this post unless I will sue for character defamation in the next 3 days if my information is not pulled down from this post.

Below is the link to the post and I will be expecting your express response and action or you will be hearing from my lawyers.

https://scamsurvivors.com/forum/viewtop ... sa#p171294

Best regards,
Kelvin orobosa.

Return-Path: <johnhandler909@gmail.com>
From: John Handler <johnhandler909@gmail.com>
Date: Wed, 17 Jul 2019 14:01:01
Message-ID: <CAMfiftkgC_fD+1KbRfbbiLmiMxSb+eVQPRynVJ6a=cP1K7N5rQ@mail.gmail.com>
Subject: Important!!

He also joined our forum using the registration details:

Kelvin.orobosa
IP : 197.210.8.224
Email address: johnhandler909@gmail.com

We replied:

The bank account you mentioned was used in an online fraud. Please ask the authorities in your country to contact us and confirm that you filed a complaint about this case.

His answer was quick:

That is fine, you will be hearing from my lawyers.

Followed by:

Clearly it doesn’t occur to you that you are infringing On my fundamental human right to privacy and also putting me at risk, if I have my account compromised again I will have you placed as suspects because you are aiding such an unfortunate crime.

While waiting for it, let's clarify:

Kelvin Orobosa claims that his bank account was " compromised by some criminal elements".

He joined our forum from the IP address 197.210.8.224:

Originating IP: 197.210.8.224
Originating ISP: Mtn Nigeria Communication Limited
City: Lagos
Country of Origin: Nigeria

Nevertheless, the email address johnhandler909@gmail.com used to register on our forum and also used to contact us is actively used online with stolen pictures of the same person he impersonated while being reported in the initial topic:

John Handler
Male
Living in United States

Our forum is not a place for small yahoo boys to play games. None of us here is someone you can fool as you want. If you are not happy with our reply, good. You can always contact EFCC, turn yourself in and ask them to contact us, thanking us for exposing yet another fraudster they missed.

[SlapHappy]

Scammer Frank Chilemba writes an email to Big Al: The link to the topic starts here. viewtopic.php?f=6&t=44807#p195693

Hello Big Al, Thanks for accepting me as a member of ''Scam Survivors''. I was shocked to see my company's name and my personal information published on your website by one of your members by the name ''xxx'' who claimed that I am a scammer and my documents are fake.! I want to state this clearly that it is a big lie and I'm ready to challenge him and also take every Legal action against him for damaging my reputation.

I was contacted by DDP Gold and their Agents from Canada and the USA that there was a buyer who wanted to start with a trial of 20/kgs gold supply with a subsequent lift to be increased. DDP couldn't handle the deal in Togo because they do not have an export license to Export from Togo.

xxx asked that I prepare a contract and send it along with my legal documents which he would then later submit to xxx Bank in Dubai to carry out Due diligence on my company. The contract was prepared and all requested documents were sent. After a few days, xxx sent an email saying that his bank had completed their DD and also stating that my company is fake without seeing an official letter from his bank. We requested an official letter from the xxx bank to confirm if actually a DD was done by xxx BANK but he refused which led to a heated argument with the team and I think it's one of the reasons that led to him publishing my information on SCAM SURVIVORS.

DOCUMENTS:
All my documents are legit and I'm legally operating under the company's code of Ghana and a registered license holder of PMMC Ghana. Kokrans was legally registered in 2016. If my documents were fake, How did I open an account with Access Bank Ghana under this Kokrans Mining Company which is still active and operating? If my documents were fake, How did I get the PMMC license? If my documents were fake, how did I passed the police background check?.

a lot of companies and businesses in Africa and even in the middle east prefer using a cell phone as a contact point than landline phone because they want to keep in touch with their customers and also we are small scale miners. we are most of the times at mining sites than the office. (Scammer implied that because the victim's website was not working, that he was the scammer!)

I will stop here for now and I want you to please look into this matter.


Regards,

Nana

Your account has since been deactivated, Frank

You have no claim of "damaging my reputation." The fact is you ARE a scammer, it has been proven in the topic above, and he is ready for your "legal action" should you try that avenue, as you know your claim of legitimacy is false.

Your documents ARE fake, Frank. They are obviously RSOT photoshopped garbage, and we have seen them many times before. Your pictures are fake, your passport is fake, too.

Your claim that DDP could not handle the deal because they had no export license, is just more bogus made up crap.

The victim had his bank do due diligence on you and found out that you and your company are fake.

We requested an official letter from the xxx bank to confirm if actually a DD was done by xxx BANK but he refused which led to a heated argument with the team and I think it's one of the reasons that led to him publishing my information on SCAM SURVIVORS.

Sorry, Frank. Scammers do not get official letters (that can be photoshopped and used against other victims.) And the victim did a real service to others by coming here to report you as a scammer.

Your documents fake. There is no "company code of Ghana," which is another scammer lie. You are not a registered holder of PMMC Ghana. Legally registered? No. How did you open an account? Accounts can be opened in any name.
How did you pass a police background check? Show me the police report....

You lose, Frank and are now a member of the Hall of Shame. You came here, trying to fool us.

By the way, your newest fake "company" and your LinkedIn profile have now been exposed as well. viewtopic.php?f=6&t=44807&start=20#p198007

kokrans
kokransgold2011@gmail.com
41.242.137.41
City Accra
Country Ghana
Country Code GH
ISP SURFLINE_GHANA_AS
Organization SURFLINE_GHANA_AS
State Greater Accra Region
State Code AA
Timezone Africa/Accra

The chicken digs out the knife that kills it.

[firefly]

Email received:

Office of the MD - RINJAcom <jonathan@rinjacom.net>
Attachments
Mon, Sep 30, 7:55 PM (23 hours ago)
to me, legal

I was on the internet and i saw you have posted my pictures, as well as
tag me with many fraudulent activity.

i am not and do not support fraudulent activity.

i have as well sent this to my lawyers. i give you 24hr. to pull down
this information and render apology the same way you have done. or we
will take you on.


i do clean business,

THIS IS A WARNING. I WILL TAKE YOU ON IF THIS IS NOT REMOVED AFTER 24HR

https://scamsurvivors.com/forum/viewtop ... 84&start=0

--
==========================================
IN GOD WE TRUST
==========================================
MD
Ph: +233 (0)200185895
Ph: +233 (0)553758449
E: jonathan@rinjacom.net
Loc: Dansoman Last Stop,
Opp: Las-pamas
------------------------------------------------------
Website Development |Software Development| Mobile apps Development |
Social media Marketing | E-Commerce website Development | Web-based
application Development. etc.

Let's clarify how you "do clean business".

Back in 2015, you registered jessemillsattorneys.com as:

Registrant Name: JONATHAN AMENYAH
Registrant Organization: RINJACOM
Registrant Street: DANSOMAN LAST STOP
Registrant City: ACCRA
Registrant State/Province: ACCRA
Registrant Postal Code: 00233
Registrant Country: GH
Registrant Phone: +233.200185895
Registrant Email: SALES@RINJACOM.NET

After that domain expired, it was registered again with the same content a year later, using the registrant details:
Registrant Name: JOHN P ODONOHUE
Registrant Organization: Not Acceptable
Registrant Street: 734 Glenburry Way
Registrant City: San Jose
Registrant State/Province: California
Registrant Postal Code: 95123
Registrant Country: US
Registrant Phone: +1.9162768210
Registrant Email: jobsdave9@gmail.com
Name Server: ns1.rinjacom.net

In and between you registered domain names as:

Admin Name: jonathan amenyah
Admin Organization: RINJAcom
Admin Street: Dansoman Last Stop
Admin City: accra
Admin State/Province: Accra
Admin Postal Code: 00233
Admin Country: GH
Admin Phone: +233.200185895
Admin Email: nester.amenyah@gmail.com

Since then, sales@rinjacom.net was used to register:
- muokfieldlegal.com - Muokafield Solicitors & Advocates LLB (fake lawyer)
- thelawpractitioner.com - The Law Practitioner (fake lawyer)
- greengoldattorneys.com - Greengold Attorneys (fake lawyer)
- oceancomindustries.com - Ocean Com Industries (bogus company)
- twshipping.ne - Trance World Shipping (fake courier)
- globalinvestmentb.com - Global Investment Bank (fake bank)
- bsgbonline.com - SGB Online BSGB Online (spoof of a real bank)

Another of your email addresses, nester.amenyah@gmail.com, was used to register:
- xpressshippingltd.com - Xpress Shipping Ltd (fake courier)
- pubtenderboard.com - Tender Board - Kingdom of Saudi Arabia (fake tender - procurement website, abusing stolen content from the real website of Kingdom of Bahrain Tender Board)
- moriahospital.com - Moria Hospital (website pretending to be a hospital in South Africa)
- miltonchambers.com - Milton Chambers Law Firm (fake lawyer)
- armyko.us - Army Knowledge Online (spoofing a US website for military romance scams)
- citadeltrustcapital.com - Citadel Trust Capital Bank (fake bank).

I hope your lawyers are real and not like the ones you registered fraudulent websites online for.


Did I forgot something? Oh, yes, the apology.

I am sorry that you are a fraudster that has gone undetected for at least 4 years now. I am sorry that victims all over the world are left penniless because of your activity. I am also sorry that you don't get the justice you deserve, but I hope this will change soon. It is the time for all Yahoo boys face consequences for their actions. If exposing you and other fraudsters like you helps getting you into court, we are happy to oblige.

[firefly]

Email received:

Unuraye Michael <unurayemichael@gmail.com>
Attachments
Fri, Dec 20, 1:39 PM
to me

My attention has just been drawn to my pictures on your website as scammer. I should make it clear that i have never scammed anyone in my life neither have i been involved in any dubious activity. My phone was stolen march 17th 2015 along with my bag on my way from work on that faithful day, before i could even report to the bank the next day the little money i had in my account was withdrawn, and before i could gather to get another phone, i discovered my facebook account was gone too. So me seeing this on your website is totally unacceptable. My name is Unuraye michael and i attach screenshots below.

He also joined our forum posting this:

Mistaken Identity
Postby Michaelunu » Sat Dec 21, 2019 5:00 am

My attention has just been drawn to my pictures on your website as scammer. I should make it clear that i have never scammed anyone in my life neither have i been involved in any dubious activity. My phone was stolen march 17th 2015 along with my bag on my way from work on that faithful day, before i could even report to the bank the next day the little money i had in my account was withdrawn, and before i could gather to get another phone, i discovered my facebook account was gone too. So me seeing this is totally unacceptable, i know some Nigerians are bad, but i will state it again that i have never being involved in anything online fraud, i applaud the efforts of the admins in fighting scam as it’s a menace to our society, and i will lend my voice in getting our country rid of it, but you can’t go about it destroying innocent people’s image, i have sent several email to the admin and no response, i’m pleading once again for my pictures to be take down, as it’s a wrong identity
Michaelunu

In fact, as it can be seen above, there were no several emails, there was just one.

The exposure happened in viewtopic.php?f=11&t=40417, back in Nov 18, 2015.

None of the profiles exposed there are from Facebook. All are from various dating sites and skype, where the "innocent" pretended to be a white male, a woman and himself while also pretending to be from Texas, United States; Nova Scotia, Canada; Federal Capital Territory, Nigeria; Benin-City, Nigeria.

i know some Nigerians are bad, but i will state it again that i have never being involved in anything online fraud

I should make it clear that i have never scammed anyone in my life neither have i been involved in any dubious activity.

If pretending to be someone else while contacting people on dating sites is not a dubious activity, I would very much like to know what it is.

We didn't expose you as a scammer because you are Nigerian, we exposed you as a scammer because you lied while hunting for romance victims online.

If someone stole your identity and used it to commit fraud, please contact the EFCC, report the case and ask them for a case number to be forwarded to us.

Not that we buy this excuse, but it's fair to give you a chance to prove us wrong, even if that will likely not be happening in this case.

[firefly]

Email received:

Harryson Daniels <danielorazulike@gmail.com>
Thu, Jun 11, 9:22 AM
to me

Hello,
Top of the day to you. Recently I was on google, then i saw that you had listed my name, email address and facebook profile as a scammer on scam survivor, from a post dated since 2016 - 2017; viewtopic.php?t=63815

Please I do want to make this clear that I am not a SCAMMER. I am only a programmer and as of 2016, I started a small hosting business; I only resold cpanels and helped people (most I had NEVER met before) to get domains to make ends meet. Some of the sites you posted, i had no idea what they were used for until i started getting reports on my reseller services to block these sites, which i did. There was no way I could possibly monitor all the cpanels i sold as at that time, so all I did was wait until any was reported before I could suspend them. Infact, none of those sites are on my hosting site any longer.

I lost a huge SAS job because my internet marketer client saw your post. Please i do apologise for all the evil any of my clients did with my hosting but they were never my intentions and i have never SCAMMED anyone all my life. If I was a scammer I wouldn't have been transparent enough to let people get access to me or my profile.

Kindly take down that post. It has affected me a great deal. I have lost a job for a sin I know nothing about. I am just like every other hosting reseller out there. I shouldn't be held responsible for something I have no idea about.

Thank you!

Sorry for taking so much time for getting back to you. Last time when we checked your activity was 3 years ago, when you left your trademark on 30 domain names, from websites used in WhatsApp / Facebook lotteries to military romance scams, fake banks and couriers.

In the meantime, it looks like you were busy, since we have identified over 150 malicious domain names all related to you... and we are still going. Not a single one of those domain names is legit.

all I did was wait until any was reported before I could suspend them. Infact, none of those sites are on my hosting site any longer.

The reality is you never took any pro-active measures to act upon the fraud - all the websites you created were suspended by the Registrars and hosters after we reported them.

If I was a scammer I wouldn't have been transparent enough to let people get access to me or my profile.

Let's face it: you never imagined that someone will spend time to find you and associate you with all the fraudulent domain names you registered.

I lost a huge SAS job because my internet marketer client saw your post.

I kinda doubt it. The SAS people know how to use Google and your trademark is all over the Internet, associated with fake websites, not only on our forum.

I have lost a job for a sin I know nothing about. I am just like every other hosting reseller out there. I shouldn't be held responsible for something I have no idea about.

If you check "Aiding_and_abetting" on Wikipedia you will see how much of a value that excuse has.

Ultimately, you registered domains and provided hosting to malicious parties knowing something was amiss, waiting for us to report each one - and you are still doing it.

Unfortunately, what we said still holds true and we cannot entertain any arguments on this matter.