Warning: Fraudulent InterSwitch website at broadadnigeria.com
5August 16, 2010 by Administrator
I want to believe that a fraudulent webpage hosted online is not positive advertisement, as far as a media company and a Nigerian webhosting company are concerned.
This is the mail I got:
In text:
Dear ATM Card User,
This is to hereby notify you of the recent Central Bank of Nigeria Directive to all banks to switch to the new and secured chip ATM cards.
With this directive,all old ATM cards shall be inactivated.With the new Cards,there shall be no more transaction charges when you use your ATM cards and it is more secured.go to the website below to register for your new card;
http://broadadnigeria.com/online/newSecuritys.html
You are getting this mail because you have not updated.
REGARDS
Mr.Tony Ede
Assistant Director,
LAGOS OFFICE
Office Address:Tinubu Square,Lagos
Postal Address:P.M.B. 12194,Lagos.
Fax: +234(1)882 617
Heres a screenshot of the scam interswitch URL:
and here is the file in the /online DIR:
http://broadadnigeria.com/online/newSecuritys.html
The media company Name is: Broad-Ad Audio Visual Production Services.
Registration and hosting services are provided by hostnaija.com:
Address lookup
canonical name broadadnigeria.com.
aliases
addresses 67.222.1.219
Domain Whois recordQueried whois.internic.net with "dom broadadnigeria.com"…
Domain Name: BROADADNIGERIA.COM
Registrar: DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Whois Server: whois.PublicDomainRegistry.com
Referral URL: http://www.PublicDomainRegistry.com
Name Server: NS1.PMVPS-SERVERS01.NET
Name Server: NS2.PMVPS-SERVERS01.NET
Status: clientTransferProhibited
Updated Date: 15-mar-2010
Creation Date: 15-mar-2010
Expiration Date: 15-mar-2011>>> Last update of whois database: Mon, 16 Aug 2010 07:18:33 UTC <<<
Queried whois.publicdomainregistry.com with "broadadnigeria.com"…Registration Service Provided By: HOSTNAIJA.COM
Contact: +234.8035937812
Website: http://www.hostnaija.comDomain Name: BROADADNIGERIA.COM
Registrant:
Broad Ad Nigeria
Kevin Ushi (kevushi@yahoo.com)
Surulere
Lagos
Lagos,23401
NG
Tel. +234.8020308585Creation Date: 15-Mar-2010
Expiration Date: 15-Mar-2011Domain servers in listed order:
ns2.pmvps-servers01.net
ns1.pmvps-servers01.netAdministrative Contact:
Broad Ad Nigeria
Kevin Ushi (kevushi@yahoo.com)
Surulere
Lagos
Lagos,23401
NG
Tel. +234.8020308585Technical Contact:
Broad Ad Nigeria
Kevin Ushi (kevushi@yahoo.com)
Surulere
Lagos
Lagos,23401
NG
Tel. +234.8020308585Billing Contact:
Broad Ad Nigeria
Kevin Ushi (kevushi@yahoo.com)
Surulere
Lagos
Lagos,23401
NG
Tel. +234.8020308585Status:LOCKED
Note: This Domain Name is currently Locked. In this status the domain
name cannot be transferred, hijacked, or modified. The Owner of this
domain name can easily change this status from their control panel.
This feature is provided as a security measure against fraudulent domain name hijacking.
Network Whois recordQueried whois.arin.net with "n 67.222.1.219"…
NetRange: 67.222.0.0 – 67.222.31.255
CIDR: 67.222.0.0/19
OriginAS: AS27645, AS30496
NetName: PRIVATE-1
NetHandle: NET-67-222-0-0-1
Parent: NET-67-0-0-0-0
NetType: Direct Allocation
NameServer: NS2.PRIVATESYSTEMS.NET
NameServer: NS1.PRIVATESYSTEMS.NET
RegDate: 2008-01-29
Updated: 2008-09-29
Ref: http://whois.arin.net/rest/net/NET-67-222-0-0-1OrgName: PrivateSystems Networks
OrgId: KNOWN-1
Address: 1114-100 New Point Blvd. PMB 143
City: Leland
StateProv: NC
PostalCode: 28451
Country: US
RegDate: 2008-01-04
Updated: 2010-01-22
Ref: http://whois.arin.net/rest/org/KNOWN-1OrgAbuseHandle: PNA44-ARIN
OrgAbuseName: PrivateSystems Networks Abuse
OrgAbusePhone: +1-866-332-9894
OrgAbuseEmail: abuse@privatesystems.net
OrgAbuseRef: http://whois.arin.net/rest/poc/PNA44-ARINOrgNOCHandle: NOC2915-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-866-332-9894
OrgNOCEmail: noc@privatesystems.net
OrgNOCRef: http://whois.arin.net/rest/poc/NOC2915-ARINOrgTechHandle: NOC2915-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-866-332-9894
OrgTechEmail: noc@privatesystems.net
OrgTechRef: http://whois.arin.net/rest/poc/NOC2915-ARINRTechHandle: NOC2915-ARIN
RTechName: Network Operations Center
RTechPhone: +1-866-332-9894
RTechEmail: noc@privatesystems.net
RTechRef: http://whois.arin.net/rest/poc/NOC2915-ARINRAbuseHandle: NOC2915-ARIN
RAbuseName: Network Operations Center
RAbusePhone: +1-866-332-9894
RAbuseEmail: noc@privatesystems.net
RAbuseRef: http://whois.arin.net/rest/poc/NOC2915-ARINRNOCHandle: NOC2915-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-866-332-9894
RNOCEmail: noc@privatesystems.net
RNOCRef: http://whois.arin.net/rest/poc/NOC2915-ARIN
DNS recordsname class type data time to live
broadadnigeria.com IN MX
preference: 0
exchange: broadadnigeria.com
14400s (04:00:00)
broadadnigeria.com IN SOA
server: ns1.pmvps-servers01.net
email: princemorpheus.gmail.com
serial: 2010071202
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
broadadnigeria.com IN NS ns1.pmvps-servers01.net 86400s (1.00:00:00)
broadadnigeria.com IN NS ns2.pmvps-servers01.net 86400s (1.00:00:00)
broadadnigeria.com IN A 67.222.1.219 14400s (04:00:00)
219.1.222.67.in-addr.arpa IN PTR host.pmvps-servers01.net 86400s (1.00:00:00)
TracerouteTracing route to broadadnigeria.com [67.222.1.219]…
hop rtt rtt rtt ip address fully qualified domain name
1 1 0 0 70.84.211.97 61.d3.5446.static.theplanet.com
2 0 0 0 70.87.254.1 po101.dsr01.dllstx5.theplanet.com
3 0 0 0 70.85.127.105 po51.dsr01.dllstx3.theplanet.com
4 0 0 0 70.87.255.37 25.ff.5746.static.theplanet.com
5 0 0 0 4.59.32.29 xe-8-1-0.edge4.dallas3.level3.net
6 0 0 0 4.69.145.136 ae-3-80.edge3.dallas1.level3.net
7 4 1 2 8.9.232.74 colo4-dalla.edge3.dallas1.level3.net
8 2 2 2 206.123.64.30 ge-1-2.core2.colo4dallas.net
9 1 1 1 67.222.0.137 vz37-tx.privatesystems.net
10 1 1 1 67.222.1.219 host.pmvps-servers01.net
Trace complete
Heres a ping response from domain name: broadadnigeria.com and hostnaija.com. Both are on the same server.
THe question I have is: who is scamming who?
Is Mr. Kevin Ushi responsible for placing a newsSecurity.html page in the /online DIR of his own website, or are the servers of hostnaija.com compromised such that /online/newSecuritys.html is created by default.
Beware!
Nigerian web hosts have really got to stop looking @ making fast money and start monitoring what sites are hosted on their servers.
[…] all owe a responsibility to the public, to prevent them from falling victims of scams such as the Fraudulent Interswitch website @ BroadNigeria. I’m aware it can be a tasking effort to monitor all websites on your servers BUT at least do […]
This is the reason why some Nigerian Hosting Companies are now insisting that anyone that desire to buy a domain or hosting package from them must present a photo ID. If HOSTNAIJA has done that, they will be able to absolve themselves of any blame on this particular issue.
DISCLAIMER FROM BROAD-AD PRODUCTIONS LIMITED
===============================================
This is to inform the General Public and security agents that Broadadnigeria.com is not aware of this misleading allegation posted in this blog..
Broad-Ad Audio-Visual Productions run legitimated businesses and NEVER engages in ANY fraudulent activity.
We hereby state that our company is duly registered with CAC and that we do not know nor have any dealings whatsoever with any individual or company that distributes fraudulent information and we DO NOT HAVE ANY FRAUDULENT CONTENT OR MATERIAL NOR HOST ANY INTERSWITCH WEBSITE on servers.
GENERAL PUBLIC: Kindly disregard any further missive from this source or report to the appropriate security authority.
BLOG OWNER: PLEASE, KINDLY REMOVE THIS MISLEADING POST IMMEDIATELY.
For further information, please visit http://www.broadadnigeria.com
Thanks you
Kevin Ushi
for BROAD-AD PRODUCTIONS LIMITED
@Mr. Kevin Ushi,
it would be better if you get across to your domains administrator so that he can take necessary technical precautions against such an occurence whereby there is a URL within your hosting account that you guys didn’t put there /aren’t aware of.
As much as I want to believe that Broad Ad productions Ltd didn’t put the page there, the account was possibly compromised and whoever did it was just having a good time using your hosting account to propagate his own malicious idea.s
regards
NairaKbps.