An investigation into attempted fraud

Published on July 3, 2020 by

We are publishing information about a user who attempted to defraud us. As outlined in previous blog posts and tweets, we are going to aggressively publish the information about anyone trying to attack, hack or defraud us.

The person tried to use alleged stolen credit cards to purchase an Intelligence X subscription.

Email addresses and IPs used by the fraudster:

  • support@droneitallcreations.com on 2020-06-25 20:00:39
    • IP 2600:6c64:607f:eccb:25a7:930a:863a:800
  • b8nkccartel@pm.me on 2020-06-25 20:01:18 and B8nkCcartel@protonmail.com
    • IP 176.113.72.169
  • sue.rielly010@gmail.com on 2020-07-03 18:09:53
    • IP 2600:6c64:607f:eccb:f0e9:ed94:18e3:c15b

The domain droneitallcreations.com (now defunct) was registered on 2020-06-15 and had the website title “Drone It All Creations – Central Massachusetts Aerial Cinematics Offer top quality photos-Prints – and one of a kind drones.”. It was an apparent copy of a legitimate website https://drone-it-all.business.site/.

We have notified the user that we are sharing the information with law enforcement and got a nice all-caps email in response:

Privacy

As always, it is worth noting that we are fully compliant with privacy laws as well as our own privacy policy. On signup the user agreed that information about attacks may be collected and shared with the public and law enforcement.

Intelligence X will continue to publish information about attacks affecting our company and service.

Related articles

List of buckets

Published on May 5, 2022 by

At Intelligence X we categorize data sources into buckets. Buckets can be used as filters and to broadly identify the source of individual search results. For example, the bucket “Darknet Tor” indicates the result origins from some a Tor hidden service (.onion domain) and was collected by our Tor crawler. Buckets have human readable names


Adding support for new top-level domains

Published on April 6, 2022 by

We just added support for an additional 152 top-level domains (TLDs), increasing the support to 511 TLDs in total. Support means that you can search for those domains across intelx.io and APIs, and internally that our backend supports processing them. While you can start searching for them immediately, it will take some time until our


A word of #OPSEC @theguardian

Published on March 7, 2022 by

Earlier today at 11:24 The Guardian Journalist Shaun Walker posted the security procedure and the security token used to pass makeshift checkpoints in Ukraine related to the Russian Ukrainian war: This is a reminder to journalists – and the public – to take OPSEC (operations security) seriously and not endanger people on the ground. Posting


Search the blog: