Network News

X My Profile
View More Activity

Phishy Investment Plans

Was chatting the other day with Johannes Ullrich from the SANS Internet Storm Center and he mentioned that the anti-phishing toolbar he's using from Web site security firm Netcraft flagged an investment site he found as a phishing scam.

I've been meaning to install this toolbar for quite some time, and was glad I did. It provides links you can use to find out how long a site has been online, which companies are hosting it, who owns it -- that sort of thing. The toolbar also sports a color-coded "risk rating" that red-flags sites with suspicious traits, like if it has a newly registered domain name or is on a network known for hosting fraud sites.

When I visited -- the investment site Johannes mentioned -- the toolbar popped up a warning:

"The page you are trying to visit has been blocked by the Netcraft Toolbar because it is believed to be part of a fraudulent phishing network. Do you still want to go there?"

I clicked "Yes" because I wanted to poke around some more (for the record, unless you really know what you're doing, it is best just to avoid known or suspected scam sites altogether.) Netcraft dug up a bunch of information on the site, including records indicating that the site domain name was associated with a host named "" (Nice touch, I thought. Gee, no, that's not phishy at all.)

With a few hours of research, I soon discovered that there are literally hundreds if not thousands of these sites online at any given time, advertising high-yield investment plans (HYIPs) that claim to offer quick profits through a variety of poorly explained methods usually related to day-trading or buying foreign currencies or stocks.

The advertised rate of return varies by site, but the rates offered usually are far in excess of what most legitimate investment vehicles offer, promising anywhere from 1 to 2 percent per day to 130 percent over 30 days.

I suppose it's possible some of these sites are legit, but it appears that most are little more than old-fashioned Ponzi schemes gone virtual. The funds may pay out in the beginning, but eventually they will attract more investors than they can reasonably pay off with the money they're taking in. When that happens, the fund inevitably closes down and lots of investors are left without anything.

All of the funds require investors to make their deposits via some type of virtual gold-backed currency like eGold or E-Bullion. Such payment methods are largely outside the control of U.S. financial regulators and are "non-repudiable," meaning once money has been sent there is no way to reverse the transaction.

Most of the sites allow people to invest anywhere from $1 to $10,000, with claims of "guaranteed payouts." But from browsing one of many HYIP forums dedicated to tracking the lifespan and performance of these high-risk investments, it seems the majority pay back only a fraction of what people pay into them., for example, has been active for 20 days and collected $2,710 in deposits, but paid out just $313. Some HYIP sites are already closed after just a few weeks in operation, suggesting they are little more than take-the-money-and-run type scams. Still others -- such as IfYouWant.Biz -- appear to have angered someone enough to attract denial-of-service attacks that render them unreachable to other would-be investors.

Netcraft's anti-phishing toolbar assigns a medium or high risk rating to most of the sites, including one called "" Many on that list -- such as the Universal Commercial Group of Companies -- also earned high-risk ratings and are rife with grammatical and spelling errors of the sort commonly found in fly-by-night spam and phishing sites.

The Treasury Department has a very thorough primer on the risks posed by these types of investment vehicles, as well as buzzwords associated with them that should raise red flags for any would-be investor.

The bottom line for anything having to do with your money should always be: If it sounds too good to be true, it probably is. This goes double for anything too-good-to-be-true that you may read about online.

By Brian Krebs  |  October 31, 2005; 9:45 AM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Patch Checking for Popular Windows Apps
Next: Apple Patches Five Holes


If you plan on investing make sure to check out on the broker, broker service, or professional advisor record. You can see if they are actually registered and if they had any criminal or other marks against their records.

Posted by: Steven | October 31, 2005 12:34 PM | Report abuse

Another good site for checking on HYIP scammers

Posted by: Al | October 31, 2005 7:12 PM | Report abuse

Good hyip monitor where I always seach scammers

Posted by: Sergey | April 6, 2006 12:46 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company