First, I won't make a joke of it, but this one looks like an American scam directed to an African. I thought it was important to note because so far it has been scams going the other way around!

I do not have the original of these emails, but I the person who received it says they sent some money. Interestingly enough, the URL brings you to a complicated website that understands the name of the person, amount of the check, etc. In other words, the site is dynamic and working properly.

The URLs looked like this:

https://www.wholesaleshipments.com/crown/v85/weborder.asp?
	sk=GLX89F&fn=******&ln=******&ad1=P.O BOX 123 MALINDI
	&ad2=&ct=MALINDI&st=COA&zp=MALINDI&ph=&
	em=*******@AFRICAONLINE.CO.KE

https://www.wholesaleshipments.com/weborder/optout.asp?sk=123456

https://www.wholesaleshipments.com/privacypolicy.htm

Notice that the person writing me is supposed to live in Malindi. That's a small town in Kenya on the East cost of Africa (East of Congo, North of Tanzania, South of Ethiopia.) His email address is a Kenian address. So that at least does match.

Now the following is the whois on that Wholesale Shipment company. I found what looked like an article about that company in the New York Times. They claim to be in NYC. So it makes sense. However, the whois places them in some unknown city/town/state/country. Well... at least, Google Map could not find that address. And the domain is anyway "hidden" by Domain Discreet. In other words, these people do not want you to know where their company really is. Quite practicle. The area code of 902 would place the company in Canada. Is that still in New York State? The city using 902 749 [5331] is Yarmouth. Ever heard of it? It's not too far from Halifax, Eastern Canada, by the Atlantic Ocean in Nova Scotia which abbreviation is NS, not PR.

whois wholesaleshipments.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: WHOLESALESHIPMENTS.COM
   Registrar: REGISTER.COM, INC.
   Whois Server: whois.register.com
   Referral URL: http://www.register.com
   Name Server: NS1.COVAD.NET
   Name Server: NS2.COVAD.NET
   Status: clientTransferProhibited
   Updated Date: 13-jul-2007
   Creation Date: 07-may-2004
   Expiration Date: 07-may-2009

>>> Last update of whois database: Thu, 18 Sep 2008 20:56:57 UTC <<<

NOTICE: The expiration date displayed in this record is the date the 
registrar's sponsorship of the domain name registration in the registry is 
currently set to expire. This date does not necessarily reflect the expiration 
date of the domain name registrant's agreement with the sponsoring 
registrar.  Users may consult the sponsoring registrar's Whois database to 
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois 
database through the use of electronic processes that are high-volume and 
automated except as reasonably necessary to register domain names or 
modify existing registrations; the Data in VeriSign Global Registry 
Services' ("VeriSign") Whois database is provided by VeriSign for 
information purposes only, and to assist persons in obtaining information 
about or related to a domain name registration record. VeriSign does not 
guarantee its accuracy. By submitting a Whois query, you agree to abide 
by the following terms of use: You agree that you may use this Data only 
for lawful purposes and that under no circumstances will you use this Data 
to: (1) allow, enable, or otherwise support the transmission of mass 
unsolicited, commercial advertising or solicitations via e-mail, telephone, 
or facsimile; or (2) enable high volume, automated, electronic processes 
that apply to VeriSign (or its computer systems). The compilation, 
repackaging, dissemination or other use of this Data is expressly 
prohibited without the prior written consent of VeriSign. You agree not to 
use electronic processes that are automated and high-volume to access or 
query the Whois database except as reasonably necessary to register 
domain names or modify existing registrations. VeriSign reserves the right 
to restrict your access to the Whois database in its sole discretion to ensure 
operational stability.  VeriSign may restrict or terminate your access to the 
Whois database for failure to abide by these terms of use. VeriSign 
reserves the right to modify these terms at any time. 

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
The data in Register.com's WHOIS database is provided to you by
Register.com for information purposes only, that is, to assist you in
obtaining information about or related to a domain name registration
record.  Register.com makes this information available "as is," and
does not guarantee its accuracy.  By submitting a WHOIS query, you
agree that you will use this data only for lawful purposes and that,
under no circumstances will you use this data to: (1) allow, enable,
or otherwise support the transmission of mass unsolicited, commercial
advertising or solicitations via direct mail, electronic mail, or by
telephone; or (2) enable high volume, automated, electronic processes
that apply to Register.com (or its systems).  The compilation,
repackaging, dissemination or other use of this data is expressly
prohibited without the prior written consent of Register.com. 
Register.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.

   Registrant: 
      Domain Discreet
      ATTN: wholesaleshipments.com
      Avenida do Infante 50 
      Funchal, Madeira 9004-521
      PT
      Email: 77260e520a14115100725de24281b336@domaindiscreet.com

   Registrar Name....: REGISTER.COM, INC.
   Registrar Whois...: whois.register.com
   Registrar Homepage: www.register.com 

   Domain Name: wholesaleshipments.com

      Created on..............: Fri, May 07, 2004
      Expires on..............: Thu, May 07, 2009
      Record last updated on..: Fri, May 23, 2008

   Administrative Contact:
      Domain Discreet
      ATTN: wholesaleshipments.com
      Avenida do Infante 50 
      Funchal, Madeira 9004-521
      PT
      Phone: 1-902-7495331
      Email: 77260e4d0a14115100c342f7a72e1cc9@domaindiscreet.com

   Technical Contact:
      Domain Discreet
      ATTN: wholesaleshipments.com
      Avenida do Infante 50 
      Funchal, Madeira 9004-521
      PT
      Phone: 1-902-7495331
      Email: 77260e530a141151007d82ed7ef610fd@domaindiscreet.com

   DNS Servers:

   ns2.covad.net
   ns1.covad.net
   

Visit AboutUs.org for more information about wholesaleshipments.com

AboutUs: wholesaleshipments.com

Register your domain name at http://www.register.com

Okay. So... so far, this is really bad. Now what? Well! I checked the home page (weird idea, right?) And I got an error. I thought that any one company that would want to make money would make sure that their home page works just fine.

And if you noticed, the site is supposed to be secure. At least, it uses the HTTPS protocol. The interesting thing is that I did not get an error telling me that the site was not good. In other words, they have to have a registered certificate with someone. And they do, but somehow NONE of their information is available. I wonder what kind of a certificate that is!!! Illegally used, for sure. Below are the certificate info as shown by FireFox. As a side note, the Opt Out page also tried to open a popup window. Did not try to look at it.

The "bad" certificate is as follow:

PKCS #1 MD5 With RSA Encryption
Size: 128 Bytes / 1024 Bits
20 4b 5a ef 01 7e 80 3e a6 5f da 08 ba e9 c8 d0 
c9 c1 f5 57 03 c0 7a 30 78 2f da 7a a7 93 13 f2 
f6 0b e1 16 cf 87 32 ca 3f 5a 20 33 22 44 ab 3a 
b3 bf 09 ff 30 8b 5d c4 3a ed c6 ed 5a 3e c9 60 
47 97 ab 7d 61 bd d3 04 ec e5 5d b2 89 f0 5e 52 
55 21 02 29 4c e9 20 e2 59 78 13 c0 02 37 20 05 
48 de 06 5c b4 b0 e3 38 cc 60 43 54 f7 f5 ed 73 
30 c8 14 18 0a ec 4b 84 a0 b1 20 95 97 74 68 1d

Finally, I have taken the page where these people ask you for your credit card info. Of course, there is no seal since you do not get one with the Quick Certificate from Equifax "Secure" Inc. This page you can see it by clicking here

Note that just in case I signaled on http://www.geotrust.com that the company was using the certificate illegally. The following is their answer below. We live in a good world. I think I'll buy certificates like crazy and use people's credit card all the time as I need, you know.

(#5947-000386-5764\3865764)

Dear Alexis, 

This website does appear to be using a valid GeoTrust certificate. When you see a GeoTrust
Certificate, you would have the assurance that GeoTrust has authenticated the ownership, or exclusive
rights, of the domain and that proper use of the certificate allows for all information sent to the
web site is sent over an encrypted (https) link. We do not vouch for business practices. 

The type of product these websites contain (wholesaleshipments.com and 5staroutlet.com) do not contain
an address. They only contain that the website is secured by GeoTrust. The address shows on the
certificate depending on what product the customer purchases.



If you have any questions, please contact us via live chat at
https://www.geotrust.com/support/index.asp

Thank You,
**********

				Date: 09/17/08
			****** *******
****** ******, Your immediate response qualifies you to definitely receive a 61" Sony Big Screen TV or a Bank Cashier's Check for US $2,741.88 made payable to you or one of the valuable items as listed.
Consignees are advised that the parcel contents described herein were pre-determined by specific criteria; consignees may determine parcel contents in advance by consulting the information listed as in the Terms & Conditions Approved executed by. This advertisement is being sent to you from: Crown Imports International 580 South Research Place Central Islip, NY 11722, USA To unsubscribe from receiving further emails from us, please click here: Unsubscribe Please read the privacy policy by clicking on Privacy Policy Click here to view the Terms & Conditions