Showing posts with label DNS Services. Show all posts
Showing posts with label DNS Services. Show all posts

Saturday, February 2, 2013

Sending Invoices for "DNS Services" Without Providing DNS Services - A Marketing Strategy?

I have received more than one report that a company that refers to itself as "DNS Services" has been sending out invalid invoices. In each instance, someone receives a physical letter referring to the recipient's website and 'Managed DNS Backup Services' that are being provided and that need to be paid for.

To grant legitimacy, the letter directly refers to a pair of name servers - ns3.dnssvc.com and ns4.dnssvc.com. The trouble is, those servers are not name servers, and have not been name servers during the month-long period that I reviewed them (late December 2012 - now). The servers do not respond successfully to any requests on port 53. At the time of this writing, they still do not respond to port 53. Its one thing to make a mistake on an invoice, however I have received two complaints, both with the exact same letter specifying the same DNS information that is incorrect. Both complainants say they have never heard of this company before.

DNS Service's website itself looks very professional. It notes the hardware redundancy in place to prevent downtime. Why have the two name servers listed in these invoices been not responding to port 53 for over a month given the complexity of the redundancy in place? (UDP and TCP were tested, sendip using bash is helpful for this purpose)

This is a scan of the 'invoice' that was originally sent as a physical letter. I have redacted the company name and contact information specifying the recipient.




Looking very closely, I found that this letter in fact notes that it is a solicitation and not an invoice.

Click the letter above and see if you are able to locate the "This is a solicitation" message. It is so difficult to find, that it is almost sure to be missed by a casual reader. Having worked in sales myself, I deeply question the notion of starting a business relationship based on tricking a new customer into believing I am 'just another IT expense'.

If you receive this letter, please understand that you are under no obligation to send this company any money, and that they cannot provide the services listed in the invoice.

A set of letters sent seeking remuneration for fraudulent services was recognized by Ken at Popehat.com, who did some excellent work investigating UST Development and stopping the scam. To be clear, several letters sent by UST Development had absolutely no indication they were just solicitations, no matter how hard to identify.

While at this time I do not seek to imply the letters send by DNS Services are fraudulent, the series of articles at Popehat are very insightful and highly recommended reading for understanding the law surrounding this issue.

RAT Bastard

Earlier this week, several servers I maintain were targeted by automated attempts to upload a remote access trojan (RAT). The RAT is a simpl...