highlandcapital-partners.org

The Purpose of this post is to ALERT you that the job you are about to apply for orscamalert may have applied FOR or is CONSIDERING APPLYING FOR is FRAUDULENT. The identities of an individual or a business entity have been stolen along with fund from their bank accounts.

These job postings are an attempt to lure you into accepting and cashing counterfeit checks into your bank accounts. You are being recruited to wire transfer these funds via WESTERN UNION or MONEYGRAM from your bank into a DOMESTIC BANK  or OFFSHORE BANK ACCOUNT.

 Essentially You Become A Money or Repackage Mule

  1. Money Mule Explained 
  2. Understanding The Cyber Theft Ring
  3. Protecting Yourself Against Money Mule
  4. KrebsOnSecurity – Cyberheist
  5. Washingtonpost.com by Brian Krebs
  6. Interview With A Money Mule
  7. Bobbear.co.UK ~ Historical Money Mule Sites

____________________

highlandcapital-partners.biz
highlandcapital-partners.org

Address lookup
canonical name highlandcapital-partners.org

aliases
addresses:204.93.165.26
Domain Whois record

Queried whois.publicinterestregistry.net with “highlandcapital-partners.org”…

Domain ID:D169939085-LROR
Domain Name:HIGHLANDCAPITAL-PARTNERS.ORG
Created On:14-Oct-2013 15:03:52 UTC
Last Updated On:14-Oct-2013 15:06:44 UTC
Expiration Date:14-Oct-2014 15:03:52 UTC
Sponsoring Registrar:Paknic (Private) Limited (R1605-LROR)

Status:TRANSFER PROHIBITED
Registrant ID:PAK13101467496-1
Registrant Name:William Davison
Registrant Organization:William Davison
Registrant Street1:109 Southwark Street
Registrant City:London
Registrant State/Province:London
Registrant Postal Code:SE1 0JQ
Registrant Country:GB
Registrant Phone:+44.20740119
Registrant Phone Ext.:
Registrant FAX:+44.20740119
Registrant Email:tome@highlandcapital-partners.org

One thought on “highlandcapital-partners.org

  1. SFA Reporter November 2, 2013 at 10:18 AM Reply

    Address lookup
    canonical name highlandcapital-partners.org.
    aliases
    addresses 204.93.165.26
    Domain Whois record

    Queried whois.publicinterestregistry.net with “highlandcapital-partners.org”…

    Domain ID:D169939085-LROR
    Domain Name:HIGHLANDCAPITAL-PARTNERS.ORG
    Created On:14-Oct-2013 15:03:52 UTC
    Last Updated On:14-Oct-2013 15:06:44 UTC
    Expiration Date:14-Oct-2014 15:03:52 UTC
    Sponsoring Registrar:Paknic (Private) Limited (R1605-LROR)
    Status:TRANSFER PROHIBITED
    Registrant ID:PAK13101467496-1
    Registrant Name:William Davison
    Registrant Organization:William Davison
    Registrant Street1:109 Southwark Street
    Registrant Street2:
    Registrant Street3:
    Registrant City:London
    Registrant State/Province:London
    Registrant Postal Code:SE1 0JQ
    Registrant Country:GB
    Registrant Phone:+44.20740119
    Registrant Phone Ext.:
    Registrant FAX:+44.20740119
    Registrant FAX Ext.:
    Registrant Email:tome@highlandcapital-partners.org
    Admin ID:PAK13101467496-2
    Admin Name:William Davison
    Admin Organization:William Davison
    Admin Street1:109 Southwark Street
    Admin Street2:
    Admin Street3:
    Admin City:London
    Admin State/Province:London
    Admin Postal Code:SE1 0JQ
    Admin Country:GB
    Admin Phone:+44.20740119
    Admin Phone Ext.:
    Admin FAX:+44.20740119
    Admin FAX Ext.:
    Admin Email:tome@highlandcapital-partners.org
    Tech ID:PAK13101467496-3
    Tech Name:William Davison
    Tech Organization:William Davison
    Tech Street1:109 Southwark Street
    Tech Street2:
    Tech Street3:
    Tech City:London
    Tech State/Province:London
    Tech Postal Code:SE1 0JQ
    Tech Country:GB
    Tech Phone:+44.20740119
    Tech Phone Ext.:
    Tech FAX:+44.20740119
    Tech FAX Ext.:
    Tech Email:tome@highlandcapital-partners.org
    Name Server:NS1.MERXS.SU
    Name Server:NS2.WERMO.SU
    Name Server:NS3.MARSO.CC
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    Name Server:
    DNSSEC:Unsigned

    Network Whois record

    Queried whois.arin.net with “n ! NET-204-93-165-0-1″…

    NetRange: 204.93.165.0 – 204.93.165.255
    CIDR: 204.93.165.0/24
    OriginAS:
    NetName: SCNET-204-93-165-0-24
    NetHandle: NET-204-93-165-0-1
    Parent: NET-204-93-128-0-1
    NetType: Reassigned
    RegDate: 2010-05-26
    Updated: 2010-05-26
    Ref: http://whois.arin.net/rest/net/NET-204-93-165-0-1

    CustName: Mochanin Corp.
    Address: 2880 Zanker Rd.
    Address: # 203
    City: San Jose
    StateProv: CA
    PostalCode: 95134
    Country: US
    RegDate: 2010-05-26
    Updated: 2011-03-19
    Ref: http://whois.arin.net/rest/customer/C02507066

    OrgTechHandle: NETWO1779-ARIN
    OrgTechName: Network Operations
    OrgTechPhone: +1-312-829-1111
    OrgTechEmail: support@servercentral.com
    OrgTechRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN

    OrgNOCHandle: NETWO1779-ARIN
    OrgNOCName: Network Operations
    OrgNOCPhone: +1-312-829-1111
    OrgNOCEmail: support@servercentral.com
    OrgNOCRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN

    OrgAbuseHandle: ABUSE1669-ARIN
    OrgAbuseName: Abuse Department
    OrgAbusePhone: +1-312-829-1111
    OrgAbuseEmail: abuse@servercentral.net
    OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1669-ARIN

    RTechHandle: NETWO1779-ARIN
    RTechName: Network Operations
    RTechPhone: +1-312-829-1111
    RTechEmail: support@servercentral.com
    RTechRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN

    RAbuseHandle: ABUSE1669-ARIN
    RAbuseName: Abuse Department
    RAbusePhone: +1-312-829-1111
    RAbuseEmail: abuse@servercentral.net
    RAbuseRef: http://whois.arin.net/rest/poc/ABUSE1669-ARIN

    RNOCHandle: NETWO1779-ARIN
    RNOCName: Network Operations
    RNOCPhone: +1-312-829-1111
    RNOCEmail: support@servercentral.com
    RNOCRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN

    DNS records
    name class type data time to live
    highlandcapital-partners.org IN TXT v=spf1 a mx ip4:55.11.65.20/2 ip4:90.2.123.112/2 ip4:176.33.87.19/2 ip4:212.63.89.33/2 ?all 120s (00:02:00)
    highlandcapital-partners.org IN NS ns2.wermo.su 120s (00:02:00)
    highlandcapital-partners.org IN NS ns1.merxs.su 120s (00:02:00)
    highlandcapital-partners.org IN SOA
    server: ns1.highlandcapital-partners.org
    email: hostmaster@highlandcapital-partners.org
    serial: 6
    refresh: 300
    retry: 120
    expire: 86400
    minimum ttl: 60
    120s (00:02:00)
    highlandcapital-partners.org IN NS ns3.marso.cc 120s (00:02:00)
    highlandcapital-partners.org IN MX
    preference: 10
    exchange: mx.highlandcapital-partners.org
    120s (00:02:00)
    highlandcapital-partners.org IN A 204.93.165.26 120s (00:02:00)
    26.165.93.204.in-addr.arpa IN PTR c133.vz31.my-virtual-panel.com 3600s (01:00:00)
    165.93.204.in-addr.arpa IN SOA
    server: ns1.servercentral.net
    email: dns@servercentral.net
    serial: 1383412500
    refresh: 16384
    retry: 2048
    expire: 1048576
    minimum ttl: 2560
    86400s (1.00:00:00)
    165.93.204.in-addr.arpa IN PTR c136.vz31.my-virtual-panel.com 3600s (01:00:00)
    165.93.204.in-addr.arpa IN RRSIG
    type covered: NSEC (47)
    algorithm: RSA/SHA-1 (5)
    labels: 5
    original ttl: 10800 (03:00:00)
    signature expiration: 2013-11-12 12:02:01Z
    signature inception: 2013-11-02 12:02:01Z
    key tag: 36452
    signer’s name: 204.in-addr.arpa
    signature:
    (1024 bits)

    21C420AA6A113F0CC50E52D27B0D22BD
    D1249AB0C2971C6BD0A45D83708FC526
    08BE3D2CF0C2A9F28EDA0ACA75A03270
    4EFF4144D3F474C76396E4781F88E0A5
    57A4C9D3CD1A7BED2C8370FA74030F34
    76C735DBB6E57F9171C3D5CB9534390D
    E1A623BF6975EE2A92513847920A5EA6
    3BED9F163DCCA06DDE2E4737721470E5

    10800s (03:00:00)
    165.93.204.in-addr.arpa IN NSEC
    next domain name: 166.93.204.in-addr.arpa
    record types: NS RRSIG NSEC
    10800s (03:00:00)
    165.93.204.in-addr.arpa IN NS ns2.scservers.com 3600s (01:00:00)
    165.93.204.in-addr.arpa IN NS ns3.scservers.com 3600s (01:00:00)
    165.93.204.in-addr.arpa IN NS ns1.scservers.com 3600s (01:00:00)

    — end —

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: