SCAM ALERT - CRS - Central Registration Service
Posted on 12 December 2006 by Darby Sieben
Wow, over the past week, I have received a number of phone calls and emails from clients of mine who have received an invoice from a company called Central Registration Service. The invoice amount is $966US, contains the URL along with the billing address and usually under additional facts contains the phone number.
In bold is the following statement - We have to receive a payment within 21 days, otherwise your domain registration will be deleted.
The item listed on the invoice is for “standard registration via hosting service for” and then displays the URL in a box along. As mentioned, the invoice amount is $966US with a 5% cash discount of $917.30US.
They are asking you to sign and fax to 1-212-627-8877 (a number located in the New York City). The address they list on their invoice is 1133 Broadway, Suite 706, New York, NY 10010. They take credit card via their website (www.central-registration-service.com/payment - which does not work) and their banking account information is through Loyal Bank Limited - Acc. no: 104003940306 Swift: LOYAVCVX.
DO NOT PAY THIS INVOICE - THROW IT AWAY
The #1 question I get - is how does a company like this get my information:
Simple - when you register your domain name that information is publically available. Some domain registrars offer a privacy service, however, the majority of domain name registration information is easily accessible - this is how they get the information.
Here is their WHOIS information - as you can see, the domain name itself was only registered in October of this year:
Domain Name: CENTRAL-REGISTRATION-SERVICE.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: DNS5.NAME-SERVICES.COM
Name Server: DNS4.NAME-SERVICES.COM
Name Server: DNS3.NAME-SERVICES.COM
Name Server: DNS2.NAME-SERVICES.COM
Name Server: DNS1.NAME-SERVICES.COM
Status: REGISTRAR-LOCK
EPP Status: clientDeleteProhibited
EPP Status: clientTransferProhibited
Updated Date: 12-Dec-2006
Creation Date: 11-Oct-2006
Expiration Date: 11-Oct-2007
I did however, find this information on CENTRAL-REGISTRATION-SERVICE.ORG, which appears to be the same individual:
Domain ID:D130595594-LROR
Domain Name:CENTRAL-REGISTRATION-SERVICE.ORG
Created On:12-Oct-2006 07:49:04 UTC
Last Updated On:12-Dec-2006 03:48:29 UTC
Expiration Date:12-Oct-2007 07:49:04 UTC
Sponsoring Registrar:eNom, Inc. (R39-LROR)
Status:CLIENT TRANSFER PROHIBITED
Registrant ID:851FC847AFA02601
Registrant Name:CRS Corp
Registrant Organization:Central Registration Service
Registrant Street1:1133 Broadway,Suite706
Registrant Street2:
Registrant Street3:
Registrant City:New York
Registrant State/Province:NY
Registrant Postal Code:10010
Registrant Country:US
Registrant Phone:+1.2126278877
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:Sebastian_Koenig52@hotmail.com
Admin ID:851FC847AFA02601
Admin Name:CRS Corp
Admin Organization:Central Registration Service
Admin Street1:1133 Broadway,Suite706
Admin Street2:
Admin Street3:
Admin City:New York
Admin State/Province:NY
Admin Postal Code:10010
Admin Country:US
Admin Phone:+1.2126278877
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:Sebastian_Koenig52@hotmail.com
Tech ID:851FC847AFA02601
Tech Name:CRS Corp
Tech Organization:Central Registration Service
Tech Street1:1133 Broadway,Suite706
Tech Street2:
Tech Street3:
Tech City:New York
Tech State/Province:NY
Tech Postal Code:10010
Tech Country:US
Tech Phone:+1.2126278877 < ---- Same Number on the Invoice ---->
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:Sebastian_Koenig52@hotmail.com
Here is another post of this:
A company named CRS is sending out invoices in the amount of $966.00 for domain registration renewal. They invoice you for your domain name, and try to bilk you out of nearly $1000 with an official looking invoice, and payment instructions which include everything from a bank transfer to paypal payments. BEWARE!
Popularity: 28% [?]
December 17th, 2006 at 6:36 pm
I got this letter, but the wierdest thing is that it was sent to a different address to that of my whois information, as I have moved. Can anyone explain this?
December 18th, 2006 at 12:30 pm
As a local New Yorker, I found out first hand that CRS has nothing to do with the NYC address noted on this blog, which is truly unfair for the companies at this address. Let’s keep in mind that blogging is simply hearsay which can be damaging to legitimate companies / people. In essence blogging is cyber-gossip.
I mention the above because after receiving this invoice myself, a local attorney, and being only 15 minutes away from the listed address, a colleague and I decided stopped by the office to inquire about the invoice and charges.
It so happens that the company located at the address has absolutely nothing to do with CRS nor were they previously aware that their company’s address was being victimized and vandalized by CRS. The company located at this address happens to be a well established and reputable Corporation conglomerate listed with major corporate credit bureaus, State affiliations and Departments of Commerce.
Apparently, CRS got the address from a N.Y. State company registry listing and proceeded to use the official company’s address fraudulently. This incident has since been addressed by the tenant Company; the Company has also reported CRS’ to their (CRS) domain hosting company. As a consequence it seems that CRS has ceased from criminally using the NYC Company address on web-based contact boards and has now moved on to using a different address.
These characters (CRS) are now using the following address:
8939 S. Sepulveda Blvd
Westchester, CA 90045
US
Apparently CRS was using the NYC office location on these invoices to look legitimate but anticipated the unsuspecting public would pay these invoices via their established website portal for payment where they would also probably have direct access to payee’s information.
After reviewing how our office first got this bogus invoice, I have to admit I’m a little embarrassed. Obviously, thinking it over, a company sending out fake invoices would not be listing their own contact office address on these invoices – duh; shame on me for not thinking straight.
December 18th, 2006 at 12:35 pm
As a local New Yorker, I found out first hand that CRS has nothing to do with the NYC address noted on this blog, which is truly unfair for the companies at this address. Let’s keep in mind that blogging is simply hearsay which can be damaging to legitimate companies / people. In essence blogging is cyber-gossip.
I mention the above because after receiving this invoice myself, a local attorney, and being only 15 minutes away from the listed address, a colleague and I decided stopped by the office to inquire about the invoice and charges.
It so happens that the company located at the address has absolutely nothing to do with CRS nor were they previously aware that their company’s address was being victimized and vandalized by CRS. The company located at this address happens to be a well established and reputable Corporation conglomerate listed with major corporate credit bureaus, State affiliations and Departments of Commerce.
Apparently, CRS got the address from a N.Y. State company registry listing and proceeded to use the official company’s address fraudulently. This incident has since been addressed by the tenant Company; the Company has also reported CRS’ to their (CRS) domain hosting company. As a consequence it seems that CRS has ceased from criminally using the NYC Company address on web-based contact boards and has now moved on to using a different address.
These characters (CRS) are now using the following address:
8939 S. Sepulveda Blvd
Westchester, CA 90045
US
Apparently CRS was using the NYC office location on these invoices to look legitimate but anticipated the unsuspecting public would pay these invoices via their established website portal for payment where they would also probably have direct access to payee’s information.
After reviewing how our office first got this bogus invoice, I have to admit I’m a little embarrassed. Obviously, thinking it over, a company sending out fake invoices would not be listing their own contact office address on these invoices – duh; shame on me for not thinking straight.
December 29th, 2006 at 1:39 am
We received the same letter here in Europe. With the NY address on the invoice, but the envelope was sent from a PO Box in Prague (Czech Rep). We informed our (real) domain-registrar and hopefully they will look into this and maybe take legal action against them here in Europe.
January 9th, 2007 at 10:57 am
I called the fax #12126278877, it was answered by fax..I hung up.. Moments later I got a call in from #9737853000 and when I answered they hung up, my thought was that possibly the person calling me had gotten my # from their caller ID and returned the call to see who had called their fax#
August 14th, 2007 at 7:51 am
The information is probably obtained by bots scraping whois information. Be sure to signup for the privacy option when purchasing a new domain.
July 10th, 2008 at 6:56 pm
I read similar article also named , and it was completely different. Personally, I agree with you more, because this article makes a little bit more sense for me