ESP Logo
 Elliott Sound Products Scams & Ripoffs 

Copyright © 2005 - Rod Elliott (ESP)
Page Created 07 March 2005, Updated 06 October 2010


Spam, Scam & Security Index
Main Scam Index
Main Index


6.0 - Trademark Publisher (TMP)

Just like the WorldWideWeb Register, this is another scam designed to look like an official invoice, but is simply a way of separating businesses and companies from their money. This bunch of crooks can be found (allegedly) in Austria at the following address ...

Trademark Publisher GMBH
A-1190 Wien, Postfach 73

office@trademarkpublisher.info

Or in Sydney Australia ...

TRADEMARK PUBLISHER
Suite 65
Seabridge House
377 Kent Street
Sydney NSW 2000

Note that this pack of thieving swine also go by the name of IDRTM - International Database of Registered Trade Marks. They should simply change their name to 'Thieving Swine' so that we all know what they do before wasting time, but this is unlikely .

No phone number is provided, but for your amusement and to allow possible harassment (entirely justified), I have reproduced the document that was sent to me - see below. I have also included the domain name registration details for these bastards (the phone number is available from the domain name info). The more information that is available to people the better, since it may encourage further investigation to track down the perpetrators. According to the info I have available, Wolfgang Kurz and Roland Kreutzer of Tripple Internet Services in Austria seem to be the ones to target. Also a very good reason to avoid Tripple Internet as a service provider or anything else Internet related.

A complete scan of the document is shown below (including some changes I made for privacy reasons). While it looks innocuous enough at a quick glance, you quickly discover the real agenda buried in the fine print on the reverse side of the form.

TMP Scam
Trademark Publisher GMBH Document

There's no 'legally binding signature' required for this scam, just send your money to them and get bugger all that's of any use to man or beast in return. They will almost certainly include your trade mark in their database, but this does you no good at all. Every bit of information they publish is available from the official trademark registers held by each country targeted by their nasty little ploy.

The website is nicely crafted (although it has many HTML warnings), but the amount of information provided about the company is woeful. For this pathetic 'service', they ask the measly sum of AU$1,450.00 (plus GST of AU$145.00), but this is not included in the amount shown). The miserable bastards don't even have the basic courtesy to include a reply paid envelope, so the sucker pays postage as well. Mind you, if a reply paid envelope was provided, I'd promptly post it back to them stuffed with old newspaper .

However, to avoid postage costs entirely, they have kindly included their bank details. Needless to say, these details are now available for all to enjoy.

While the document does state that payment does not replace or extend a trademark registration with IP Australia (the Australian Patents and Trademarks office) and includes information that they hope makes it legal in Australia, it is quite clear that the form is intended to be misinterpreted by busy company accounting personnel, and be paid as if it were a legitimate invoice. I did a double-take when it arrived, and it took a few seconds before I realised that it was nothing more than a scam.

TMP Scam
Trademark Publisher GMBH Fine Print

How generous of them ... for no additional fee, they will include my website URL, email address, FAX and phone number. Goodness me - and to think that Google, Yahoo, MSN and various other search engines do that for nothing too, and I don't have to pay them $1,595.00 for the privilege.


6.1 - How the TMP (Trademark Publisher)/ IDRTM (International Database of Registered Trade Marks) Scam Works

This is almost identical to the WorldWideWeb Register Scam, and is simply a way to try to get the unsuspecting company or webmaster to commit to paying these scoundrels 695 Euros (or AU$1595 at the time of writing) for a 3-year registration to an utterly worthless database. The people running this are nothing more than unscrupulous thieves, and it is important that as many people as possible know about them.

There doesn't seem to be much that's easily found about this scam on the Net, but a search using your favourite search engine will almost certainly give you some results. There was a sit in France that showed an almost identical form, and had the same complaints that I do, but I can't find it any more.

In addition, IP Australia has a warning about TMP/ IDRTM along with many others doing the same thing, and there are a few others if you know where to look. A search using Google finds a few, but you need to dig a little deeper to get much that's worthwhile.


7.0 - Domain Renewal Group (DRG)

The letter below arrived by post just a few days ago. My first reaction was "who are these people?" since I know I've never registered a domain name with them. A quick read of the letter told me everything I needed to know. Be very careful of this one, because legally, you may not have a leg to stand on.


Front of the DRG Letter

The letter looks harmless enough, but is close enough to an invoice to fool anyone who doesn't look too closely at the details. A web search reveals that quite a few people have been caught, and as a result are paying at least 4 times more for their domain name than would normally be the case. It's the back of the form that had me in disbelief!


The Fine Print !

As you can see, there is a vast amount of fine print, and quite frankly I can't even imagine how they could have dreamed up that much drivel. As if there isn't enough there, it's suggested that you visit their website for "further details on the terms and conditions". Good grief!

Essentially, their fine print states that you absolve them of everything, regardless of what happens to anything, anywhere, for any reason. They also disclose the raft of fees they might charge you if you should have the temerity to initiate a credit card charge-back (which you will naturally do once you realise you've been had). By then it's too late - they have your domain name, and will claim ownership of it if you don't pay the yearly renewal fee plus a 'reinstatement' fee.

And just to rub salt into the wound, by signing the front, you have agreed that if you or anyone else attempts to sue the DRG, you may be expected to pay for their legal fees as well as your own ... in advance! This could become a very costly exercise.


7.1 - How the Domain Renewal Group Scam Works

This is a nice simple one. They send a document that looks like an invoice, but they do include a note to say that it is not an invoice - this gets around the laws of most countries and states, because they appear to be upfront about what they do. They also imply that their multi-year registration represents a significant saving. It is a saving compared to DRG's 'normal' rates, but is anything but a saving compared to other registrars. Normally, you would not expect to pay more than about US$15.00 to renew a domain name (and even that's fairly expensive).

Some time ago all domain names cost the same ... US$70 to register the name for the first two years and US$35 a year thereafter. Today, increased competition means you'll pay much less to register a domain name. Some registrars charge less than $10 per domain name, and may charge even less if you buy more than one domain name at a time.

The main problem is (of course) that a busy accounts department will be unlikely to read the document and are unlikely to check prices elsewhere. They will probably assume that it actually is an invoice and make the payment. No-one will read the fine print on the back which is unbelievable - you need a magnifying glass to read it. This is the finest fine print I think I've ever come across.

The perpetrators of this scam have apparently become quite irate at being called scammers (by people who've been caught), and say that they aren't doing anything illegal. Perhaps not, but it is certainly immoral and is clearly designed to catch the unwary. There are many things that may not actually be illegal, but are designed to trick or deceive nonetheless. DRG is operating one such business, and there are many complaints on the Net about their practices.


8.0 - Australian Taxation Office (ATO)

Not sure if anyone would be naive enough to fall for this, especially since the 'reply to' address is a free email server in Germany. The ATO has warnings on its site, but it's worth repeating here. Government departments don't send broadcast emails to people requesting all your personal ID, bank details and copies of your photo ID. As for it being a 'secure' email (highlighted by an obscure symbol that supposedly 'proves' the security of the email, needless to say it's nothing of the sort. It's a bog standard plain text email.

The image location is https://developer.mygateglobal.com/images/logos/3D.jpg - Call me paranoid if you must, but that doesn't look like it's anything the Australian Tax Office would use to me .


The Email Details

This is another 'phishing' exercise, and is not even especially clever. However there will be people who don't understand what is and what is not 'normal' government behaviour. It goes without saying that if you respond to this (or anything similar) you are likely to have your identity stolen. The consequences can be dire in the extreme. If you happened to be caught by this, I suggest that you contact your bank, the ATO and the police, who should be able to advise you further. You probably also need to contact Medicare and the issuer of the photo ID that you provided.


9.0 - orderconfirmation6763456.com

Much like the Domain Renewal Group, this is another attempt to separate you from you money by stealing your credit card details. Unlike DRG (above) though, you most probably will get absolutely nothing in return - no domain renewal, none of the 'benefits' they claim to offer, but you will have a violated credit card. What a bargain. The website is hosted in China, and has the IP address 220.164.140.185 and I'm going to publish everything I can find about them ...

Emailsupervision@xinnet.com (is associated with ~2,206,240 domains)
anyong311@hotmail.com (is associated with ~17 domains)
Registrant Orgxiong bing (is associated with ~19 other domains)
RegistrarXIN NET TECHNOLOGY CORPORATION
Registrar Statusok
DatesCreated on 2015-01-07 - Expires on 2016-01-07 - Updated on 2015-01-07
Name Server(s)F1G1NS1.DNSPOD.NET (has 1,747,936 domains)
F1G1NS2.DNSPOD.NET (has 1,747,936 domains)
IP Address220.164.140.185 (4 other sites hosted on this server)
IP LocationChina - Yunnan - Kunming - Chinanet Yunnan Province Network
ASNChina AS4134 - CHINANET-BACKBONE No.31,Jin-rong Street (registered Aug 01, 2002)
Domain StatusRegistered And Active Website

On the same day, these five domain names were registered ...

orderconfirmation1287656.com
orderconfirmation4598563.com
orderconfirmation6763456.com
orderconfirmation7587435.com
orderconfirmation7894323.com

Why ????


orderconfirmation6763456 Email Contents

The web page claims to use 128 bit encryption, but since it's not https (secure http) this is obviously untrue. To try to make themselves look more 'legitimate' (or is that 'less illegitimate'?) the unsubscribe address is in the US and even claims to be CAN-SPAM compliant. That's really rich coming from a direct spammer with no credentials whatsoever, and a website owned and operated from China.


The 'Secure' Website (Which Is Not Secure)

It comes as no surprise that the prices quoted are well above the industry average (by a factor of as much as 10!), but that doesn't even matter because it's extremely doubtful that the domain name will be re-registered by them anyway. Since the name they are trying to scam me for is already registered until 2016, this is no bargain even if they did what they claimed. Which they won't.

This is a phishing exercise, and the aim is to get gullible website owners to provide their credit card details. There is little chance that anything will change for the domain name, but your card will have to be destroyed and re-issued.

Needless to say, there's nothing you can do other than have your card cancelled and reissued if you fell for this. If you own a domain name, the original registrar should be the only organisation that will contact you for renewal. Anyone else who offers to renew your domain (with or without other claimed 'benefits') is a spammer and most probably a complete fraud.


10.0 - PayPal / Apple

Apparently, I paid Apple $599.99 AUD according to this email. Needless to say I didn't, and it will come as no surprise at all that the link in the email points to a website that isn't PayPal at all. The email came from security@advisor.webssl.com - that fills me with confidence!

Note that the email is addressed to "Dear User ID - %Email%" and does not include your PayPal ID. That's because they don't know it and are hoping you'll fill that void in their knowledge. I also liked the exchange rate shown, where 1 AUD = 0.0000 AUD. Really? I though it was worth at least something.


PayPal / Apple Scam

To visit the website would be unwise, because it points to http://98.111.197.8/sl/pap/ert/temp/index.php and not PayPal in any way, shape or form. The site is hosted in the US, and appears to be owned by someone taking advantage of 'web privacy' so their details are not available. I took a risk and visited the site, and the result is seen below. This is a phishing exercise, designed in an attempt to get you to provide your PayPal username and password.

If you have been caught, change your password immediately, otherwise you really might find some unwanted charges against your account. Kaspersky Anti Virus reports the following ...


What Kaspersky Has To Say ABout The Site

This is proof yet again (and as if any proof were needed) that having good anti-virus and protection software on you machine is absolutely essential.

Just because this particular forgery/ phishing exercise has been reported and is known, that doesn't mean that it won't be moved to another site and the whole process repeated. These thieves don't give up in a hurry, and when one of their scams is exposed it simply morphs a little and is re-launched. There is some evidence on the Net that this scam has already changed several times - there's obviously money to be made by ripping people off, and they won't go away. For more information, see ...

PayPal Users Hit with "Apple Store Receipt" Phishing Emails

Spam, Scam & Security Index
Main Scam Index
Main Index

Copyright Notice. This article, including but not limited to all text and diagrams, may be freely distributed in the interests of helping to prevent fraud, scams and spam. Please include a link to this page if you use the info elsewhere. Note that the ESP® logo is the registered trade mark of Elliott Sound Products, and may not be reproduced without permission from Rod Elliott.
Page created and copyright © 07 Mar 2005./ Updated - 27 Nov 2007./ 28 Jul 2009 - added DRG info.