By Michael Dorausch, D.C.
As annoying as it may seem (I’m sure it’s no fun for you guys to see these posts over and over again) when scammers try to take advantage of chiropractic classifieds users, actually enjoy the satisfaction I get when we trace them down.
Were not even done with the investigation on Martins Gilbert and already there is someone else using the name Martins in a scam noticed earlier this morning. What’s cool about this one as it doesn’t look like the scammer bothered to use a proxy (the last one was using AT&T out of Texas) and the IP address was coming straight out of Nigeria.
Update: Forgot this info earlier. In case anyone is searching for someone pulling 419 scams…
Was the information being used. Branch Martins is quite close to Martins Gilbert and I suspect it could be the same individual.
It’s actually very easy to check up on who owns IP addresses. A chiropractor contacted me earlier this morning and forwarded an e-mail he had received from someone wanting to purchase his equipment. In that e-mail is a particular number I always look for, the sender IP address. In this case the address was 220.127.116.11 which gave me enough information to do a simple lookup using domain tools (whois.domaintools.com/18.104.22.168).
Checking that number gave us the following information… Suburban Telecom in Nigeria Lagos. Sweet, looks like that’s our guy. I then went and checked the log files for Planet Chiropractic and luckily this guy had made it really easy for us to trace his activity.
He landed on the home page at 4:11 AM and at 4:25 AM conducted a search for classifieds directly from the home page. At 4:27 AM he visited the help page and it looks like he read up on the site scam policy. I found that pretty funny being that I thought most scammers went directly to the classified ads themselves.
At 4:31 AM he made his first attempt to contact somebody, sending a poorly spelled e-mail in an attempt to begin interaction with the seller. This wasn’t an e-mail like we’ve seen in the past, it was a pretty simple attempt to make contact.
The person who was contacted e-mail me at what would have been 4:56 AM, which was only 15 minutes after the first scam attempt was made. Thanks to the individual paying attention and forwarding the message on to me, we were able to shut it down rather quickly.
I like that.