A Toronto-based firm has reached a settlement with the Federal Trade Commission (FTC) for allegedly defrauding thousands of U.S. small businesses out of millions of dollars.
The “Canadian con artists” posed as domain name registrars and preyed on small businesses and not-for profit organizations, according to the FTC. The firm sent fake invoices that listed the domain name of the consumer’s Web site with a slight change (replacing “.com” with “.net” for example) that appeared to come from an organization’s existing registrar. It instructed to send payment for “WEBSITE ADDRESS LISTING” and claimed to offer a “Search Optimization” service.
The U.S. civil communications authority settled with Internet Listing Service Corp. Aug. 9 after a judgment of $4,261,876 by Chicago federal district court judge Robert Dow Jr. The judge also ordered the firm to halt all operations permanently.
Defendants Isaac Benlolo, Kirk Mulveney, Pearl Keslassy settled and will pay $10,000 in fines each. Defendant Steven E. Dale is on the hook for the full amount of more than $4.2 million.
Charges against Mississauga, Ont.-based Data Business Solutions Inc. and its director Ari Balabanian were dismissed.
“We got dragged into this civil lawsuit based on mailbox rental and United States postal account usage, which is part of our service that we allow all of our clients to utilize as needed,” Balabanian told ITBusiness.ca. “This is the industry standard.”
The FTC originally thought Balabanian was the president of Internet Listing Service, and that Data Business Solutions was the same company as the con artists, according to court filings. But his name was later cleared when it became obvious the businesses were separate entities.
“We amended our complaints and separated them out as two companies,” says Marissa Reich, the FTC attorney on the case. “They are simply a printing and mailing company. He was doing the printing for the other defendants.”
Data Business Solutions has been in business for a decade and has about 100 clients, Balabanian says. He provided printing and mailing services for Internet Listing Service, and also provided a Chicago mailing box location where the firm collected payments.
But he never thought the letters, mailed since August 2004, were fraudulent. He remains doubtful about those claims.
“The FTC claimed there was fraud going on, I don’t know if that’s necessarily the case,” he said. “I wouldn’t call them invoices. We always referred to them as solicitations.”
This type of fraud isn’t an isolated incident, says Mark Jeftovic, president of Toronto-based EasyDNS Technologies Inc., a legitimate Web registrar. Anyone who registers for a Web domain name can expect to receive a similar scam attempt.
“When your domain name is registered, one of the rules is we have to publish the contact details in the WHOIS database,” Jeftovic explains. “These companies just harvest that database and that’s where your personal information comes from.”
In Canada, a recent change to registering dot-ca domains allows individuals to keep WHOIS information private, but corporations must allow the information to be public. Small businesses are often a target for fraudsters because they often lack hard-and-fast processes to handle invoices, and are often without an IT department.
Fraudsters conducting these scams are so common, the practice has become known as “domain name slamming” in the industry, Jeftovic says. The con artists are a bane to legitimate registrars that often must clean up their mess when small businesses suddenly find their Web page offline.
“Over the years you get these frantic phone calls asking ‘where is my Web site?’” he says. “We’re doing a constant campaign of information.”
While paying con artists, small businesses sometimes let their real Web site registration lapse. Or sometimes the businesses are conned into switching their domain to a temporary registrar that shuts down without any warning.
It’s no wonder Jeftovic isn’t pleased with shops like Internet Listing Service.
“I found it a little bit ridiculous they were only fined $10,000 for a case like that,” he says.
But the court order does have an “avalanche clause” that allows the FTC to go after more money if any of the defendants were misrepresenting their finances. Since the FTC is a civil body, there was no chance of jail time as punishment.
The FTC worked with Canadian authorities to prosecute the case. The Toronto Police Fraud Squad, Ontario Provincial Police Anti-Rackets unit, and Royal Canadian Mounted Police all contributed to the investigation.
Spot “domain name slamming” fraud
Small businesses should protect themselves from becoming fraud victims by creating one point of contact that deals with all Web site related business, Jeftovic says. Then make sure any invoices are run past that person or department.
Con artists target “a small or medium-sized organization where this comes across a person’s desk that may or may not have real entrenched polices to follow when they receive an invoice,” he says.
Firms can also renew their domain for multiple years up front, instead of on an annual basis.
“It’s kind of kicking the can down the street,” Jeftovic says. “You don’t provide an opportunity for these companies to scam you every year.”