Bitcoin Forum

I have learned today that someone has created a fake Casascius Physical Bitcoins website at http://casascius.net.  The operator of this site is also emailing the MtGox leak list.  It takes orders you'll never receive.

The real Casascius Physical Bitcoins site is at https://www.casascius.com.

I don't suppose there's a whole lot I can do about it.  It's flattering and to be expected I suppose, but alarming nonetheless.

I don't understand these people.

With the skill set and effort involved in making that fake site,  they could just as easily provide a real good or service that people want, and make an honest living.

A few years back I had a similar problem with www.memorydealerS.com vs www.memorydealer(no S).com

For a few thousand dollars ICANN was able to reassign the domain to myself.

It might also be worth it in your case.

There are lots of lawyers that do this kind of thing.

http://www.dnattorney.com/ (http://www.dnattorney.com/)

The bitcoin address it provided after filling out the form with junk info was: 1GHRsryckBsSfKgv6zbun5egbxq8GCT8f1

I see no coins sent to it yet.   Hopefully that is a static address given out to all and thus nobody got defrauded so far.

I suspect this could be taken down with a DDoS fairly easily though that would be a violation of the law in my jurisdiction so I couldn't participate.

Slashdot it; it's legal, and as efficient as DDoS.
(the problem if you do that is that .com too will be slashdotted)

So if we take your logic to its natural conclusion, there must be some other incentive to doing this.  Occam's Razor says its some kiddie scammer.  But my conspiracy theory side thinks this is part of ongoing attempts to undermine bitcoin itself.  Coming from whom/what organization/person?  No evidence.

I would have suggested a DMCA takedown notice, but looks like the site is in Russia, so that wouldn't help.

I agree with Roger,  take down will work...  any .com, .net, or .org (as well as most other non-country) extensions the registrar must support the agreement.

 Same suggestion and agree it might be usless in other countries. Though, it kinda depends on the host in RU and how convincing(preofessionl sweet talk) you can be with the company.

  That aside, its pretty fugged up for someone to do....  Any of our usual Internet Detectives have any info on source?

   Cheers

Reported the site here:

http://www.google.com/safebrowsing/report_phish/

If others do as well, it should help to get the site blacklisted by google, chrome, and probably other browsers as well

 +1 and submitted.

Well, host is http://www.clodo.ru so that might be a good place to start.  Site is all in Russian though, so I can't make heads or tails of it.

http://translate.google.com/translate?hl=en&sl=ru&u=http://clodo.ru/&ei=avimTq2UDZGDtge6z4T4Dw&sa=X&oi=translate&ct=result&resnum=1&sqi=2&ved=0CB8Q7gEwAA&prev=/search%3Fq%3Dhttp://www.clodo.ru/%26hl%3Den%26biw%3D1920%26bih%3D907%26prmd%3Dimvns

 Bitcoinwatch has a link to this post in there latest news already, which is good atleast.

Down-rating the site on the Web Of Trust is also a good plan: http://www.mywot.com/en/scorecard/casascius.net

I got the same payment address when using junk info for the form as well, just FYI. Sadly I'm seeing 33.64 BTC in that address in block explorer currently.

That's too bad.

I reported the site to google as well. Hopefully if a bunch of people report it, it'll get blacklisted sooner.

I would have been surprised to see a reputable merchant using the Mt.Gox leak list...

Anyway, casascius.net seems to redirect to www.casascius.com for me, so you got to fix the problem?

Yours
David

No, the scammer still controls casascius.net, and did that redirect, and is asking me for a ransom.  Attacker could change it anytime.

One thing make sure you don't make the bad site an actual link (in forum postings which auto generate links).  It will drive up search engine results because the site is more "popular".

  LOL, out of curiosity, what are the terms? 

  I'd contact his domain registar, a company in the Bahamas. And the dns provider. I am not sure that the .bs company could blacklist the dns for it or revoke the registration or that they would give a crap, but its worth a try.

All internetbs.net will do is to forward all mails to him. They are a nice registrar ;) Altho they have offices in the UK if I'm not mistaken. Maybe the UK company will comply with lawful requests.

Offer him 50 bucks for the domain.  I know it only cost him $8 or so, but it would be worth it to you to have control of the domain.  Also buy the .org version asap and redirect it to your main site.

Doesn't it have to be at least 60 days old first before it can be transferred?

  Not real sure on the minimum time for transfer but as long as they handed over the login credentials for controling the site and dns you could chnage them and lock it down. They would still have some limited capacity to regain control IF they have verifiable details with the registrant.

Who issues .net domains? I doubt they like scammers, so there should be some way to take the domain away, no?

I disagree with btc_novice. Do not *ever* negotiate with someone like that, unless to somehow trick him. Doing that can be considered worse than scamming itself, as it helps making such actions profitable. If I was you, I'd be extremely pissed and try to track the scammer. Maybe pay someone adept at security stuff a few BTC to scan him for mistakes that reveal his identity.

The only way to confront scammers in an open market is to retaliate. These guys live off the fact that their shit does not fall back to them, just like everywhere else. If we'd manage to hit one of them, the whole community would benefit. Nothing illegal necessary, just figure out their name and report them to nearby police -- or post a lot of google-ranking information linking their identity to the crimes they did if their country's police turns out unusable. The hatred of Bitcoin users alone should do the job in that case.

If he's talking to you, log everything you can get a hold on, and think outside the box to look for clues.

I think it's safe to assume the scammer reads this thread, so keep that in mind when posting on plans or reactions.

Anyway, it's all game theory; the important point is to deal more damage to the scammer on average than his profits on the activity are. If that means pushing him to use extreme security measures, it's a good start.

That's actually a very good point. I agree.

is it safe to order coins from https://www.casascius.com??

Yes, https://www.casascius.com (the dot com) is indeed safe.

gr8 i'm going to buy some soon!

The scammer appears to have recently spent some of the funds as of Dec 11.  Anyone recently received a payment of 15.00 BTC?

http://blockexplorer.com/tx/dcd754ba30dddf55c5c2c6fdad1155fdfdb15035823b7705e5e45d2a64907d33

(the 0.25 was more likely the change output, because if it weren't, it wouldn't have combined both of these inputs)