Does the whole Working with people makes you realize how stupid people are include my coworkers

Because

Oh my god

Hackers Sell Access to Bait-and-Switch Empire

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Earlier this week, a cybercriminal on a Dark Web forum posted an auction notice for access to a Web-based administrative panel for an unidentified “US Search center” that he claimed holds some four million customer records, including names, email addresses, passwords and phone numbers. The starting bid price for that auction was $800.

Several screen shots shared by the seller suggested the customers in question had all purchased subscriptions to a variety of sites that aggregate and sell public records, such as dmv.us.org, carhistory.us.org, police.us.org, and criminalrecords.us.org.

A (redacted) screen shot shared by the apparent hacker who was selling access to usernames and passwords for customers of multiple data-search Web sites.

A few hours of online sleuthing showed that these sites and dozens of others with similar names all at one time shared several toll-free phone numbers for customer support. The results returned by searching on those numbers suggests a singular reason this network of data-search Web sites changed their support numbers so frequently: They quickly became associated with online reports of fraud by angry customers.

That’s because countless people who were enticed to pay for reports generated by these services later complained that although the sites advertised access for just $1, they were soon hit with a series of much larger charges on their credit cards.

Using historic Web site registration records obtained from Domaintools.com (a former advertiser on this site), KrebsOnSecurity discovered that all of the sites linked back to two related companies — Las Vegas, Nev.-based Penguin Marketing, and Terra Marketing Group out of Alberta, Canada.

Both of these entities are owned by Jesse Willms, a man The Atlantic magazine described in an unflattering January 2014 profile as “The Dark Lord of the Internet” [not to be confused with The Dark Overlord].

Jesse Willms’ Linkedin profile.

The Atlantic pointed to a sprawling lawsuit filed by the Federal Trade Commission, which alleged that between 2007 and 2011, Willms defrauded consumers of some $467 million by enticing them to sign up for “risk free” product trials and then billing their cards recurring fees for a litany of automatically enrolled services they hadn’t noticed in the fine print.

“In just a few months, Willms’ companies could charge a consumer hundreds of dollars like this, and making the flurry of debits stop was such a convoluted process for those ensnared by one of his schemes that some customers just canceled their credit cards and opened new ones,” wrote The Atlantic’s Taylor Clark.

Willms’ various previous ventures reportedly extended far beyond selling access to public records. In fact, it’s likely everyone reading this story has at one time encountered an ad for one of his dodgy, bait-and-switch business schemes, The Atlantic noted:

“If you’ve used the Internet at all in the past six years, your cursor has probably lingered over ads for Willms’s Web sites more times than you’d suspect. His pitches generally fit in nicely with what have become the classics of the dubious-ad genre: tropes like photos of comely newscasters alongside fake headlines such as “Shocking Diet Secrets Exposed!”; too-good-to-be-true stories of a “local mom” who “earns $629/day working from home”; clusters of text links for miracle teeth whiteners and “loopholes” entitling you to government grants; and most notorious of all, eye-grabbing animations of disappearing “belly fat” coupled with a tagline promising the same results if you follow “1 weird old trick.” (A clue: the ��trick” involves typing in 16 digits and an expiration date.)”

In a separate lawsuit, Microsoft accused Willms’ businesses of trafficking in massive quantities of counterfeit copies of its software. Oprah Winfrey also sued a Willms-affiliated site (oprahsdietscecrets.com) for linking her to products and services she claimed she had never endorsed.

KrebsOnSecurity reached out to multiple customers whose name, email address and cleartext passwords were exposed in the screenshot shared by the Dark Web auctioneer who apparently hacked Willms’ Web sites. All three of those who responded shared roughly the same experience: They said they’d ordered reports for specific criminal background checks from the sites on the promise of a $1 risk-free fee, never found what they were looking for, and were subsequently hit by the same merchant for credit card charges ranging from $20 to $38.

I also pinged several customer support email addresses tied to the data-broker Web sites that were hacked. I received a response from a “Mike Stef,” who described himself as a Web developer for Terra Marketing Group.

Stef said the screenshots appeared to be legitimate, and that the company would investigate the matter and alert affected customers if warranted. Stef told me he doubts the company has four million customers, and that the true number was probably closer to a half million. He also insisted that the panel in question did not have access to customer credit card data.

Nevertheless, it appears from the evidence above that Willms and several others who were named in the FTC’s 2012 stipulated final judgment (PDF) are still up to their old tricks. The FTC has not yet responded to requests for comment. Nor has Mr. Willms.

I can’t help express feeling a certain amount of schadenfreude (schadenfraud?) at the victim in this hacking case. But that amusement is tempered by the reality that the hundreds of thousands or possibly millions of people who got suckered into paying money to this company are quite likely to find themselves on the receiving end of additional phishing and fraud attacks (particularly credential stuffing) as a result of their data being auctioned off to the highest bidder.

Terra Marketing Group’s Web developer Mike Stef responded to my inquiries from an email address at the domain “tmgbox.com.” That message was instrumental in identifying the connection to Willms and Terra Marketing/Penguin. In the interests of better informing people who might wish to become future customers of this group, I am publishing the list of the domains associated with tmgbox.com and its parent entities. This list may be updated periodically as new information surfaces.

In case it is useful for others, KrebsOnSecurity is also publishing the results of several reverse WHOIS lookups for historic domains tied to email addresses of several people Mike Stef described as “senior customer support managers” of Terra Marketing, as these also include some interesting and related (albeit mostly dead) domains.

Reverse WHOIS on Peter Graver and Jesse Willms ([email protected])

Reverse WHOIS on [email protected]

Reverse WHOIS on Jason Oster ([email protected])

Public records search domains associated with Terra Marketing Group and Penguin Marketing:

memberreportaccess.com publicrecords.us.org dmvrecords.co dmv.us.org courtrecords.us.org myfeeplan.com police.us.org warrantcheck.com myinfobill.com propertysearch.us.org homevalue.us.org carinfo2.com backgroundchecks.us.org arrestrecords.us.org propertyrecord.com criminalrecords.us.org jailinmates.us.org vehiclereportusa.com dmvinfocheck.com carrecordusa.com carhistoryindex.com autohistorychecks.com mugshots.us.org trafficticket.us.org prison.us.org reversephonelookup.us.org deathrecords.us.org deathrecord.com deathcertificates.us.org census.us.org phonelookup.us.org vehiclehistoryreports.us.org vinsearchusa.org

from Amber Scott Technology News https://krebsonsecurity.com/2019/03/hackers-sell-access-to-bait-and-switch-empire/

Hackers Sell Access to Bait-and-Switch Empire

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Earlier this week, a cybercriminal on a Dark Web forum posted an auction notice for access to a Web-based administrative panel for an unidentified “US Search center” that he claimed holds some four million customer records, including names, email addresses, passwords and phone numbers. The starting bid price for that auction was $800.

Several screen shots shared by the seller suggested the customers in question had all purchased subscriptions to a variety of sites that aggregate and sell public records, such as dmv.us.org, carhistory.us.org, police.us.org, and criminalrecords.us.org.

A (redacted) screen shot shared by the apparent hacker who was selling access to usernames and passwords for customers of multiple data-search Web sites.

A few hours of online sleuthing showed that these sites and dozens of others with similar names all at one time shared several toll-free phone numbers for customer support. The results returned by searching on those numbers suggests a singular reason this network of data-search Web sites changed their support numbers so frequently: They quickly became associated with online reports of fraud by angry customers.

That’s because countless people who were enticed to pay for reports generated by these services later complained that although the sites advertised access for just $1, they were soon hit with a series of much larger charges on their credit cards.

Using historic Web site registration records obtained from Domaintools.com (a former advertiser on this site), KrebsOnSecurity discovered that all of the sites linked back to two related companies — Las Vegas, Nev.-based Penguin Marketing, and Terra Marketing Group out of Alberta, Canada.

Both of these entities are owned by Jesse Willms, a man The Atlantic magazine described in an unflattering January 2014 profile as “The Dark Lord of the Internet” [not to be confused with The Dark Overlord].

Jesse Willms’ Linkedin profile.

The Atlantic pointed to a sprawling lawsuit filed by the Federal Trade Commission, which alleged that between 2007 and 2011, Willms defrauded consumers of some $467 million by enticing them to sign up for “risk free” product trials and then billing their cards recurring fees for a litany of automatically enrolled services they hadn’t noticed in the fine print.

“In just a few months, Willms’ companies could charge a consumer hundreds of dollars like this, and making the flurry of debits stop was such a convoluted process for those ensnared by one of his schemes that some customers just canceled their credit cards and opened new ones,” wrote The Atlantic’s Taylor Clark.

Willms’ various previous ventures reportedly extended far beyond selling access to public records. In fact, it’s likely everyone reading this story has at one time encountered an ad for one of his dodgy, bait-and-switch business schemes, The Atlantic noted:

“If you’ve used the Internet at all in the past six years, your cursor has probably lingered over ads for Willms’s Web sites more times than you’d suspect. His pitches generally fit in nicely with what have become the classics of the dubious-ad genre: tropes like photos of comely newscasters alongside fake headlines such as “Shocking Diet Secrets Exposed!”; too-good-to-be-true stories of a “local mom” who “earns $629/day working from home”; clusters of text links for miracle teeth whiteners and “loopholes” entitling you to government grants; and most notorious of all, eye-grabbing animations of disappearing “belly fat” coupled with a tagline promising the same results if you follow “1 weird old trick.” (A clue: the “trick” involves typing in 16 digits and an expiration date.)”

In a separate lawsuit, Microsoft accused Willms’ businesses of trafficking in massive quantities of counterfeit copies of its software. Oprah Winfrey also sued a Willms-affiliated site (oprahsdietscecrets.com) for linking her to products and services she claimed she had never endorsed.

KrebsOnSecurity reached out to multiple customers whose name, email address and cleartext passwords were exposed in the screenshot shared by the Dark Web auctioneer who apparently hacked Willms’ Web sites. All three of those who responded shared roughly the same experience: They said they’d ordered reports for specific criminal background checks from the sites on the promise of a $1 risk-free fee, never found what they were looking for, and were subsequently hit by the same merchant for credit card charges ranging from $20 to $38.

I also pinged several customer support email addresses tied to the data-broker Web sites that were hacked. I received a response from a “Mike Stef,” who described himself as a Web developer for Terra Marketing Group.

Stef said the screenshots appeared to be legitimate, and that the company would investigate the matter and alert affected customers if warranted. Stef told me he doubts the company has four million customers, and that the true number was probably closer to a half million. He also insisted that the panel in question did not have access to customer credit card data.

Nevertheless, it appears from the evidence above that Willms and several others who were named in the FTC’s 2012 stipulated final judgment (PDF) are still up to their old tricks. The FTC has not yet responded to requests for comment. Nor has Mr. Willms.

I can’t help express feeling a certain amount of schadenfreude (schadenfraud?) at the victim in this hacking case. But that amusement is tempered by the reality that the hundreds of thousands or possibly millions of people who got suckered into paying money to this company are quite likely to find themselves on the receiving end of additional phishing and fraud attacks (particularly credential stuffing) as a result of their data being auctioned off to the highest bidder.

Terra Marketing Group’s Web developer Mike Stef responded to my inquiries from an email address at the domain “tmgbox.com.” That message was instrumental in identifying the connection to Willms and Terra Marketing/Penguin. In the interests of better informing people who might wish to become future customers of this group, I am publishing the list of the domains associated with tmgbox.com and its parent entities. This list may be updated periodically as new information surfaces.

In case it is useful for others, KrebsOnSecurity is also publishing the results of several reverse WHOIS lookups for historic domains tied to email addresses of several people Mike Stef described as “senior customer support managers” of Terra Marketing, as these also include some interesting and related (albeit mostly dead) domains.

Reverse WHOIS on Peter Graver and Jesse Willms ([email protected])

Reverse WHOIS on [email protected]

Reverse WHOIS on Jason Oster ([email protected])

Public records search domains associated with Terra Marketing Group and Penguin Marketing:

memberreportaccess.com publicrecords.us.org dmvrecords.co dmv.us.org courtrecords.us.org myfeeplan.com police.us.org warrantcheck.com myinfobill.com propertysearch.us.org homevalue.us.org carinfo2.com backgroundchecks.us.org arrestrecords.us.org propertyrecord.com criminalrecords.us.org jailinmates.us.org vehiclereportusa.com dmvinfocheck.com carrecordusa.com carhistoryindex.com autohistorychecks.com mugshots.us.org trafficticket.us.org prison.us.org reversephonelookup.us.org deathrecords.us.org deathrecord.com deathcertificates.us.org census.us.org phonelookup.us.org vehiclehistoryreports.us.org vinsearchusa.org

from https://krebsonsecurity.com/2019/03/hackers-sell-access-to-bait-and-switch-empire/

Hackers Sell Access to Bait-and-Switch Empire

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Earlier this week, a cybercriminal on a Dark Web forum posted an auction notice for access to a Web-based administrative panel for an unidentified “US Search center” that he claimed holds some four million customer records, including names, email addresses, passwords and phone numbers. The starting bid price for that auction was $800.

Several screen shots shared by the seller suggested the customers in question had all purchased subscriptions to a variety of sites that aggregate and sell public records, such as dmv.us.org, carhistory.us.org, police.us.org, and criminalrecords.us.org.

A (redacted) screen shot shared by the apparent hacker who was selling access to usernames and passwords for customers of multiple data-search Web sites.

A few hours of online sleuthing showed that these sites and dozens of others with similar names all at one time shared several toll-free phone numbers for customer support. The results returned by searching on those numbers suggests a singular reason this network of data-search Web sites changed their support numbers so frequently: They quickly became associated with online reports of fraud by angry customers.

That’s because countless people who were enticed to pay for reports generated by these services later complained that although the sites advertised access for just $1, they were soon hit with a series of much larger charges on their credit cards.

Using historic Web site registration records obtained from Domaintools.com (a former advertiser on this site), KrebsOnSecurity discovered that all of the sites linked back to two related companies — Las Vegas, Nev.-based Penguin Marketing, and Terra Marketing Group out of Alberta, Canada.

Both of these entities are owned by Jesse Willms, a man The Atlantic magazine described in an unflattering January 2014 profile as “The Dark Lord of the Internet” [not to be confused with The Dark Overlord].

Jesse Willms’ Linkedin profile.

The Atlantic pointed to a sprawling lawsuit filed by the Federal Trade Commission, which alleged that between 2007 and 2011, Willms defrauded consumers of some $467 million by enticing them to sign up for “risk free” product trials and then billing their cards recurring fees for a litany of automatically enrolled services they hadn’t noticed in the fine print.

“In just a few months, Willms’ companies could charge a consumer hundreds of dollars like this, and making the flurry of debits stop was such a convoluted process for those ensnared by one of his schemes that some customers just canceled their credit cards and opened new ones,” wrote The Atlantic’s Taylor Clark.

Willms’ various previous ventures reportedly extended far beyond selling access to public records. In fact, it’s likely everyone reading this story has at one time encountered an ad for one of his dodgy, bait-and-switch business schemes, The Atlantic noted:

“If you’ve used the Internet at all in the past six years, your cursor has probably lingered over ads for Willms’s Web sites more times than you’d suspect. His pitches generally fit in nicely with what have become the classics of the dubious-ad genre: tropes like photos of comely newscasters alongside fake headlines such as “Shocking Diet Secrets Exposed!”; too-good-to-be-true stories of a “local mom” who “earns $629/day working from home”; clusters of text links for miracle teeth whiteners and “loopholes” entitling you to government grants; and most notorious of all, eye-grabbing animations of disappearing “belly fat” coupled with a tagline promising the same results if you follow “1 weird old trick.” (A clue: the “trick” involves typing in 16 digits and an expiration date.)”

In a separate lawsuit, Microsoft accused Willms’ businesses of trafficking in massive quantities of counterfeit copies of its software. Oprah Winfrey also sued a Willms-affiliated site (oprahsdietscecrets.com) for linking her to products and services she claimed she had never endorsed.

KrebsOnSecurity reached out to multiple customers whose name, email address and cleartext passwords were exposed in the screenshot shared by the Dark Web auctioneer who apparently hacked Willms’ Web sites. All three of those who responded shared roughly the same experience: They said they’d ordered reports for specific criminal background checks from the sites on the promise of a $1 risk-free fee, never found what they were looking for, and were subsequently hit by the same merchant for credit card charges ranging from $20 to $38.

I also pinged several customer support email addresses tied to the data-broker Web sites that were hacked. I received a response from a “Mike Stef,” who described himself as a Web developer for Terra Marketing Group.

Stef said the screenshots appeared to be legitimate, and that the company would investigate the matter and alert affected customers if warranted. Stef told me he doubts the company has four million customers, and that the true number was probably closer to a half million. He also insisted that the panel in question did not have access to customer credit card data.

Nevertheless, it appears from the evidence above that Willms and several others who were named in the FTC’s 2012 stipulated final judgment (PDF) are still up to their old tricks. The FTC has not yet responded to requests for comment. Nor has Mr. Willms.

I can’t help express feeling a certain amount of schadenfreude (schadenfraud?) at the victim in this hacking case. But that amusement is tempered by the reality that the hundreds of thousands or possibly millions of people who got suckered into paying money to this company are quite likely to find themselves on the receiving end of additional phishing and fraud attacks (particularly credential stuffing) as a result of their data being auctioned off to the highest bidder.

Terra Marketing Group’s Web developer Mike Stef responded to my inquiries from an email address at the domain “tmgbox.com.” That message was instrumental in identifying the connection to Willms and Terra Marketing/Penguin. In the interests of better informing people who might wish to become future customers of this group, I am publishing the list of the domains associated with tmgbox.com and its parent entities. This list may be updated periodically as new information surfaces.

In case it is useful for others, KrebsOnSecurity is also publishing the results of several reverse WHOIS lookups for historic domains tied to email addresses of several people Mike Stef described as “senior customer support managers” of Terra Marketing, as these also include some interesting and related (albeit mostly dead) domains.

Reverse WHOIS on Peter Graver and Jesse Willms ([email protected])

Reverse WHOIS on [email protected]

Reverse WHOIS on Jason Oster ([email protected])

Public records search domains associated with Terra Marketing Group and Penguin Marketing:

memberreportaccess.com publicrecords.us.org dmvrecords.co dmv.us.org courtrecords.us.org myfeeplan.com police.us.org warrantcheck.com myinfobill.com propertysearch.us.org homevalue.us.org carinfo2.com backgroundchecks.us.org arrestrecords.us.org propertyrecord.com criminalrecords.us.org jailinmates.us.org vehiclereportusa.com dmvinfocheck.com carrecordusa.com carhistoryindex.com autohistorychecks.com mugshots.us.org trafficticket.us.org prison.us.org reversephonelookup.us.org deathrecords.us.org deathrecord.com deathcertificates.us.org census.us.org phonelookup.us.org vehiclehistoryreports.us.org vinsearchusa.org

from Technology News https://krebsonsecurity.com/2019/03/hackers-sell-access-to-bait-and-switch-empire/

Original Post from Krebs on Security Author: BrianKrebs

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Earlier this week, a cybercriminal on a Dark Web forum posted an auction notice for access to a Web-based administrative panel for an unidentified “US Search center” that he claimed holds some four million customer records, including names, email addresses, passwords and phone numbers. The starting bid price for that auction was $800.

Several screen shots shared by the seller suggested the customers in question had all purchased subscriptions to a variety of sites that aggregate and sell public records, such as dmv.us.org, carhistory.us.org, police.us.org, and criminalrecords.us.org.

A (redacted) screen shot shared by the apparent hacker who was selling access to usernames and passwords for customers of multiple data-search Web sites.

A few hours of online sleuthing showed that these sites and dozens of others with similar names all at one time shared several toll-free phone numbers for customer support. The results returned by searching on those numbers suggests a singular reason this network of data-search Web sites changed their support numbers so frequently: They quickly became associated with online reports of fraud by angry customers.

That’s because countless people who were enticed to pay for reports generated by these services later complained that although the sites advertised access for just $1, they were soon hit with a series of much larger charges on their credit cards.

Using historic Web site registration records obtained from Domaintools.com (a former advertiser on this site), KrebsOnSecurity discovered that all of the sites linked back to two related companies — Las Vegas, Nev.-based Penguin Marketing, and Terra Marketing Group out of Alberta, Canada.

Both of these entities are owned by Jesse Willms, a man The Atlantic magazine described in an unflattering January 2014 profile as “The Dark Lord of the Internet” [not to be confused with The Dark Overlord].

Jesse Willms’ Linkedin profile.

The Atlantic pointed to a sprawling lawsuit filed by the Federal Trade Commission, which alleged that between 2007 and 2011, Willms defrauded consumers of some $467 million by enticing them to sign up for “risk free” product trials and then billing their cards recurring fees for a litany of automatically enrolled services they hadn’t noticed in the fine print.

“In just a few months, Willms’ companies could charge a consumer hundreds of dollars like this, and making the flurry of debits stop was such a convoluted process for those ensnared by one of his schemes that some customers just canceled their credit cards and opened new ones,” wrote The Atlantic’s Taylor Clark.

Willms’ various previous ventures reportedly extended far beyond selling access to public records. In fact, it’s likely everyone reading this story has at one time encountered an ad for one of his dodgy, bait-and-switch business schemes, The Atlantic noted:

“If you’ve used the Internet at all in the past six years, your cursor has probably lingered over ads for Willms’s Web sites more times than you’d suspect. His pitches generally fit in nicely with what have become the classics of the dubious-ad genre: tropes like photos of comely newscasters alongside fake headlines such as “Shocking Diet Secrets Exposed!”; too-good-to-be-true stories of a “local mom” who “earns $629/day working from home”; clusters of text links for miracle teeth whiteners and “loopholes” entitling you to government grants; and most notorious of all, eye-grabbing animations of disappearing “belly fat” coupled with a tagline promising the same results if you follow “1 weird old trick.” (A clue: the “trick” involves typing in 16 digits and an expiration date.)”

In a separate lawsuit, Microsoft accused Willms’ businesses of trafficking in massive quantities of counterfeit copies of its software. Oprah Winfrey also sued a Willms-affiliated site (oprahsdietscecrets.com) for linking her to products and services she claimed she had never endorsed.

KrebsOnSecurity reached out to multiple customers whose name, email address and cleartext passwords were exposed in the screenshot shared by the Dark Web auctioneer who apparently hacked Willms’ Web sites. All three of those who responded shared roughly the same experience: They said they’d ordered reports for specific criminal background checks from the sites on the promise of a $1 risk-free fee, never found what they were looking for, and were subsequently hit by the same merchant for credit card charges ranging from $20 to $38.

I also pinged several customer support email addresses tied to the data-broker Web sites that were hacked. I received a response from a “Mike Stef,” who described himself as a Web developer for Terra Marketing Group.

Stef said the screenshots appeared to be legitimate, and that the company would investigate the matter and alert affected customers if warranted. Stef told me he doubts the company has four million customers, and that the true number was probably closer to a half million. He also insisted that the panel in question did not have access to customer credit card data.

Nevertheless, it appears from the evidence above that Willms and several others who were named in the FTC’s 2012 stipulated final judgment (PDF) are still up to their old tricks. The FTC has not yet responded to requests for comment. Nor has Mr. Willms.

I can’t help express feeling a certain amount of schadenfreude (schadenfraud?) at the victim in this hacking case. But that amusement is tempered by the reality that the hundreds of thousands or possibly millions of people who got suckered into paying money to this company are quite likely to find themselves on the receiving end of additional phishing and fraud attacks (particularly credential stuffing) as a result of their data being auctioned off to the highest bidder.

Terra Marketing Group’s Web developer Mike Stef responded to my inquiries from an email address at the domain “tmgbox.com.” That message was instrumental in identifying the connection to Willms and Terra Marketing/Penguin. In the interests of better informing people who might wish to become future customers of this group, I am publishing the list of the domains associated with tmgbox.com and its parent entities. This list may be updated periodically as new information surfaces.

In case it is useful for others, KrebsOnSecurity is also publishing the results of several reverse WHOIS lookups for historic domains tied to email addresses of several people Mike Stef described as “senior customer support managers” of Terra Marketing, as these also include some interesting and related (albeit mostly dead) domains.

Reverse WHOIS on Peter Graver and Jesse Willms ([email protected])

Reverse WHOIS on [email protected]

Reverse WHOIS on Jason Oster ([email protected])

Public records search domains associated with Terra Marketing Group and Penguin Marketing:

memberreportaccess.com publicrecords.us.org dmvrecords.co dmv.us.org courtrecords.us.org myfeeplan.com police.us.org warrantcheck.com myinfobill.com propertysearch.us.org homevalue.us.org carinfo2.com backgroundchecks.us.org arrestrecords.us.org propertyrecord.com criminalrecords.us.org jailinmates.us.org vehiclereportusa.com dmvinfocheck.com carrecordusa.com carhistoryindex.com autohistorychecks.com mugshots.us.org trafficticket.us.org prison.us.org reversephonelookup.us.org deathrecords.us.org deathrecord.com deathcertificates.us.org census.us.org phonelookup.us.org vehiclehistoryreports.us.org vinsearchusa.org

Go to Source Author: BrianKrebs Hackers Sell Access to Bait-and-Switch Empire Original Post from Krebs on Security Author: BrianKrebs Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S.

A Guide to Vertical Lists

A recent post described how to organize and format in-line lists, those that occur within a sentence. This one explains the proper use of vertical lists, which are organized by setting the items on the list (following an introductory phrase or sentence), apart from each other, distinguished by numbers, letters, or other symbols, on consecutive lines.

Vertical lists are best employed in place of in-line lists when the list is long and/or the items consist of longer phrases or even complete sentences (or even more than one sentence). However, vertical lists are often useful in contexts in which guidance or instruction is being offered, though they are most effective when they are concise, and extended list items are not advised. If list items consist of more than one sentence, the information might be better displayed as regular text.

The following vertical list (too simple to be formatted as such but used here for illustrative purposes), is offered as a basic example:

The colors of the American flag are

red,

white, and

blue.

(Note: This and other correct lists in this post are formatted in boldface.) Just as is the case with an in-line list, if one or more items in a vertical list itself requires a comma, each item should be set off from the others by a semicolon.

Note that despite the vertical-list formatting, because the introductory phrase and the list constitute a syntactically organized sentence, the introductory phrase is not punctuated, but terminal punctuation follows the final item. (Some publishers, however, simplify this format by omitting especially the conjunction and perhaps the commas as well.)

However, compare the previous example with a version in which the introductory phrase constitutes a complete independent clause:

The colors of the American flag are as follows:

red

white

blue

Here, the introductory phrase and the list do not constitute a sentence, so the list items are not punctuated. Terminal punctuation is included, however, and first word of each list item is capitalized, if the items are themselves self-contained sentences:

Although the colors of the American flag did not have any official meaning when it was designed, the colors on the Great Seal represent the following virtues:

White signifies purity and innocence.

Red signifies hardiness and valor.

Blue signifies vigilance, perseverance, and justice.

Note how the sentences in the list are organized consistently. In the following examples, the list items must be revised to make the list syntactically consistent:

According to our survey, the top three factors are

lax enforcement of budgets and savings being spent in other areas,

invalid savings assumptions or changes in the assumptions used to calculate savings, and

realized savings are not being effectively tracked.

Note how the first two items follow the syntactical structure of the introductory phrase but the third one is an independent clause. The list can be rendered consistent in two ways:

According to our survey, the top three factors are

lax enforcement of budgets and savings being spent in other areas,

invalid savings assumptions or changes in the assumptions used to calculate savings, and ineffective tracking of realized savings.

According to our survey, these are the top three factors:

Budget enforcement is lax and savings are being spent in other areas.

Savings assumptions are invalid or there are changes in the assumptions used to calculate savings.

Realized savings are not being effectively tracked.

Avoid producing vertical lists in which to or more list items begin with the same word or words, as in this example:

In this session, you will learn

how to get business processes and systems to scale to business growth,

how to build out a financial team to drive and support growth,

how to build these important pillars within an audit/business controls mind-set, and

securing/managing financing to support corporate growth strategy.

To revise, incorporate the recurring word or phrase into the introductory phrase and revise any list items that begin with different wording so that they conform with the others, as shown here:

In this session, you will learn how to

get business processes and systems to scale to business growth,

build out a financial team to drive and support growth,

build these important pillars within an audit/business controls mind-set, and

secure/manage financing to support corporate growth strategy.

Note, too, that any symbol may be used in place of bullets, but the same symbol should be employed throughout not only a single vertical list but also all such lists throughout a document or publication. If one or more items in a vertical list marked by bullets are followed by subsidiary items of their own, a distinct symbol (such as a hollow bullet) should be used for those items, which should also be indented farther than the primary list items.

Sometimes, no symbols are used at all, but this strategy is best employed if the items are brief and numerous, such as in a vocabulary list consisting of one- or two-word items. (In addition, a vertical list in which items are short can be formatted into two or more narrow columns if the width of the printed or online page is wide enough to accommodate them.)

Also, numbers and letters may be substituted for bullets, but numbers are recommended only when the items in the list should be read in a particular order, such as when outlining a procedure or ranking the list items. Letters are appropriate primarily for multiple-choice test items, for example, or when the text includes frequent cross-references such as “See item d.”

A basic outline-style vertical list can be organized using a simple hierarchy of Arabic numerals and lowercase letters. For a complex outline, the recommended hierarchy of numbers and letters varies according to various style manuals and writing handbooks, but The Chicago Manual of Style advises the following sequence: Roman numerals (I, II, III, and so on), capital letters (A, B, C, and so on), Arabic numerals (1, 2, 3, and so on), lowercase letters (a, b, c, and so on) followed by a close parenthesis, Arabic numerals enclosed in parentheses, lowercase letters enclosed in parentheses, and lowercase Roman numerals (i, ii, iii, and so on) followed by a close parenthesis.

Another outline format is the decimal outline, as shown below (appropriate indentation not used here): 1. 1.1 1.1.1 1.1.2 1.1.3 1.2 1.2.1 . . . 1.3 1.3.1 . . . 2. 2.1 . . .

Ultimately, the goal of any list organization is clarity.

Click here to get access to 800+ interactive grammar exercises! Publish your book with our partner InstantPublisher.com! Professionally printed in as few as 7 days.

Original post: A Guide to Vertical Lists from Daily Writing Tips https://www.dailywritingtips.com/a-guide-to-vertical-lists/