By Rupert Goodwins, 2 December 2003 09:55
NEWS A website that purportedly offers cheap mobile phones is still online more than six weeks after efforts began to close it down for what is believed to be fraudulent activity.
The site, unlockedPhones-UK.com, has been discovered to be displaying fake security certificates from security companies VeriSign and TRUSTe, and is using the address of an unconnected legitimate UK mobile phone company called mPhone. UnlockedPhones-uk.com is not registered as a UK company.
MPhone said it had been aware of the fake website for a month and a half, but despite reporting it to the Metropolitan Police - who said that the FBI would be informed - and Yahoo, the company hosting the site on its $8.95 a month Premium Geocities services, it had been unable to either get the site taken down or to get in contact with the registered owner.
A source within mPhone said: "All the authorities are trying to track them down, and we are working very hard on it. We're getting so many phone calls it's not funny."
The fake site uses a succession of tricks to disguise its lack of authenticity. Clicking on the VeriSign seal brings up an apparently valid certificate registered to the non-existent company and produced by VeriSign's own computers. However, the certificate is generated by the fraudulent site itself, and the credit card checkout system is hosted on a different site with a valid certificate. Also, the website asks for credit card orders to be accompanied by a fax of both sides of the card.
Emails to the contact address went unanswered on Monday, and the Californian address and phone number of the registered domain administrator R. B. Nail apparently are not valid.
John Kerr of VeriSign UK, said: "They've basically ripped off our site seal and hosted it on their website. In normal circumstances, if they were hosting the checkout on the same site, they'd get a security error, but they're hosting it on another. Users should double-click on the yellow padlock icon on the bottom right of their browser screen when they're in the checkout, and make sure the name displayed there matches the company you're buying from."
Rupert Goodwins writes for ZDNet UK
Comments
There are 3 comments. Join the discussion
1. anonymous
Very interesting! What really grabbed my attention though was the very last sentence relating to double clicking the "lock" at the bottom of my browser and comparing the resulting information with who you think you are dealing with. That should be in BOLD, CAPS & UNDERSCORED!
2. Jay Schlackman
I'm not surprised it's still there - I've reported several sites to their hosts (although not the police) for breaches of T&C's such as spamming and virus distribution. Even "reputable" hosters such as BT will promise to investigate and then do nothing.
However, this more serious breach, involving monetary fraud, is beyond the realms of laziness on the part of the hosting company. Geocities could, and should, have the site shut down in minutes. I'll bet if the site was offering copyright-infringing DVD decryption software, the site would be gone faster than you could say DMCA lawsuit.
3. Paul
The site has now been taken down. There are procedures to follow and when these are followed this results in the correct action being taken.