Unauthorized Debit

From the look of their website, "www. mcawebtechnology.com" appears to be another "front" used by a criminal syndicate to drain money out of people's accounts via fraudulent "small charges".  They have many U.S. based "mules" so they can use many different "fronts" and bank accounts to spread the fraud out and stay below the radar.  Apparently, it has been operating for several years, siphoning money thru former eastern block channels, possibly to Russia.

Fraudulent charges have been reported from related "fronts" on this site under names such as "myliberia.com", "digismarket.com", etc.  http://complaintwire.org/Complaint.aspx/EL6JDmbjXAAI8gjKEHLtfw

Bob Sullivan reported on this operation back in November, on MSNBC:
http://redtape.msnbc.com/2007/11/chris-jupin-nev.html

See MGD's report here.  Go to the second page, where you will find pictures of websites that look just like "www. mcawebtechnology.com".  You might drop him an e-mail about this new front.
http://www.dslreports.com/forum/r19620593-Ebo ... DigitalAgePluto


They put thru small fraudulent charges, often under $10, using many stolen account number, allegedly for "e-books", "web design", or similar intangible "products", hoping people miss the charges on their statements, or that the banks don't consider it worth it to investigate.  If disputed, they may just reverse the charge, to avoid a charge back, or they may claim they had "authorization", maybe someone stole the card number.  The reality appears to be that the syndicate has access to a large number of stolen account numbers, perhaps thru a payment processor database hack, and uses this mechanism to milk them.

The "mules" appear to have responded to ads for setting up "Internet businesses", and the organization appears to have a complete "package" to guide them in doing so, setting up the website, setting up bank accounts to transfer the money under the mule's business name, arranging for remote control of bank account transfers, and sending "business" their way, etc.

Also note that MGD found that many of the fraudulent charges were to cards that had seldom been used, indicating it is unlikely the numbers are stolen thru some merchant site processing legitimate transactions.  

MGD also reported that there was an indictment of one of the mules in Michigan, back in July:
"July 19, 2007

LANSING -- Attorney General Mike Cox today announced that he has charged Krystal Owens of Detroit with three-counts of identity theft and one-count of conspiring to commit identity theft.

"Identity theft is a devastating crime to its victims," said Cox. "My office will continue to be vigilant in defending Michigan's citizens from having their identities stolen."

Since January 2007, the Michigan Attorney General's Office has received more than 130 complaints from consumers across the country indicating that K.A.T.O. Technology, LLC, also known as K.A.M.K. Technology, LLC, had charged $12.95 against their credit card without their permission. The Attorney General's investigation found that in the summer of 2006, the defendant Krystal Owens conspired with Tomas Lasinkas of POV Web Design Solutions to set up bogus corporations, banking accounts, and other arrangements thereby enabling Lasinkas to make unauthorized charges against consumers credit card accounts using the bogus company names K.A.T.O. Technology, LCC and K.A.M.K. Technology, LLC. From September 2006 to March 2006, Lasinkas made 75 to 100 unauthorized charges, at $12.95 each, on a daily basis, and Owens wired the illegal proceeds to Lasinkas' bank accounts in Bulgaria on a regular basis. Lasinkas and Owens accumulated approximately $200,000 by way of this fraudulent activity during a six month period.
..."

You shouldn't expect to get anywhere calling them.  In fact, you did NOT authorize the charge, not even by "accident", nor was this some individual id thief who got your card number.  The charge was fraudulent from the start, and you should dispute it as such, in writing, with a fraud affidavit, to force a charge-back.  Short of some federal or state level law enforcement connecting the dots, high levels of charge-backs, which can result in termination of their "merchant" account, are the only way a mule is likely to be shut down.

Also, file a complaint with FTC, to get another name reported into their "Sentinal" system.

"Front" names for this same scam, reported on this site:
"smartemarket. com", "myliberia. com", "digismarket. com", "mcawebtechnology. com"

Lots of complaints under various company names and numbers.

Information below is extracted from here:
http://800notes.com/Phone.aspx/1-805-275-2235


Amount  phone number  "Company"
$10.65  805-275-2235  MV WEB TEMPLATES    
11.85  805-275-2235  Sensate Tech CA        
10.65  626-310-0668  ATALA DESIGNS        
 9.85  312-265-8407  Valence Internet Technoloy IL    
11.85                WWW.ILICSolutions.com
11.85  805-275-1967  SENSATE TECHNOLOGY INC
 8.65  404-474-2550  Infinity and Sons GA
10.65                ULCsolutions.com scottsdale AZ
                     Digital River
                     Free Merchant.com
                     Sensate Technology, Ventura, George Berremans
10.65   312-265-8407  ventura internet tech
10.65   623-444-2173  MCATemplates.com
11.85                 Atala Designs St Paul Park MN
10.65                 Crystal Clear Designs
8.95   866-298-7560  Libra USA
8.95   866-305-8808  Eureka
       202-558-7562  hottemplatesites.com
       312-235-6926  ilicsolutions.com  ALEN ILIC INC
       214-594-4188  ataladesigns.com
       
"Latvian connection":            
REPRESENTATIVE OFFICE OF GE MONEY BANK AB (SWEDEN) IN THE REPUBLIC OF LATVIA
G. ASTRAS STREET 8b, RIGA LV-1082, Latvia
tel 67110000 fax 67110506
email dmitry.tsymber@ge.com


Typical reported bank response:
"Natalie - 25 Dec 2007
I had the exact same response from Washington Mutual. In fact the guy laughed and said "well maam I see that they refunded you the $10.65 so you got your money back". I reminded him that this was only done because I kept calling and threatening to contact the attorney general and the police. That they only reluctantly gave it back to me because they wanted to avoid the charge back fee and hassle. That the money was stolen to begin with. This was no mistake. That this came from a company that is set up for no other purpose that to steal our money. They couldn't care less. I was horrified actually. I was even further horrified to learn that if they give you back the money they so blatantly stole from you, the case is dropped by the bank because you got your money! ..."

"DDubbb - 27 Dec 2007
I just contacted Bank of America about the 10.65 charge on my CC and was referred to the billing dispute department. Apparently they do not handle internet charges less than 500.00 as fraud, they are handled as billing disputes instead. They removed the charge as "a courtesy" but did not seem to have any interest in tracking down the root of the problem. ..."

How they set up the mules:
"I found an advertisement on craigslist for a company looking for someone to fill a management position.  When I sent them my resume ligtimately seeking employment I got a response telling me what they're "business/employment opportunity" was.

They ask independent 3rd parties, such as myself, to set up our own companies (Corp or LLC) to act as an "affiliate reseller" of Atala's products.  I was told that my only responsibilites would be to set up the corp or LLC with the state, then open and manage company bank accounts (including a merchant account to collect people's payment).

The product of course is website templates.  The company, Atala Designs, Inc., is supposedly based out of Latvia.  They use the story that they are using subsidiary companies in order to break into the North American market.

The email with which I've been corresponding is visvald_salguss@ataladesigns.com

I hope this posting helps some of you looking for more information on this scam.

God Bless"

Responses to attempts to file complaints:
"Brenton - 12 Dec 2007
...
called Digital River - they said they will check into the issue and get back with me.

I called the Ventura CA Sheriffs dept. - they told me to "call my bank they don’t really do anything about that."

I then filled an IC3 report on the FBI.gov website. (They say it can take several weeks for anyone to even look at the report.)

I called the FBI office in Lima Ohio (where I am located) they told me to file a 1C3 report on the FBI website.
..."

Another "small ACH charges fraud" shows up in mid December.  Similar timeframe, perhaps taking advantage of the "Christmas rush":
http://800notes.com/Phone.aspx/1-866-575-0260
http://www.complaintsboard.com/complaints/idins-c39257.html

31.98   866-575-0260   IDINS   theftprotectsupport.com  idprosup.com
       FAX: 213-291-8170

http://www.complaintsboard.com/complaints/idins-c39257.html
"2 days ago by Cindy Gardner  
This is exactly what I am dealing with. I don't even know who they are! I reverse charged this through the bank, I got credited for $31.98, then IDINS debited my account for $31.98, under a different name, www.idprosup.com
BEWARE! My bank says they can't stop the debits as long as they keep changing their name, they can even up the amount! There is no end in sight! I messed up and subscribed to Bid Fuel, they have given my info to SEVERAL other scams...SurplusAlert, EasyAuction123...These are the SAME company...IDINS, BSM, 200cash.com, big ltd, GFC, CFCSpeedpay, and even more I can't remember without my bank statement. I have been taken for over one thousand dollars so far! I am desperate to stop this! I can't keep a + amount in my bank! My bank won't stop it, and they won't let me close my account! "

identity theft support
6335 w. hampton ave
Milwaukee, Wisconsin
United States
Phone: 414-312-7241

VEXEDLE AZ
866-883-4987
866-575-0260  <--- match to IDINS!
IDCARD.COM


IDINS
Oklahoma City, Oklahoma
United States
Phone: 405 552-5233

May be negative-option "membership" scam, getting their account informatino from other sites (as opposed to "blind" fraudulent small charges in typical "ebook/webdesign" scams.
" Anyway, this woman told me that I applied for something and it turned into somekind of package deal. "

Expand on other linked names:
http://www.complaintsboard.com/complaints/bsm ... ant-c37315.html
BSM Grant Search Assistant
Posted: 2007-12-04 by Herbert W Peet
Unauthorized withdrawal from my account!

BSM
6922 chatham rd
Medina, Ohio
United States
330-721-9227


Appears to be some "adult" site, or they use a common "support" organization.  This shows the same toll free number and FAX number as IDINS and VEXEDLE.
http://www.activesitesupport.com/termsofservice.php
also datingsitesupport.com
FAX: 213-291-8170 <--- IDINS?
925-264-3473
866-883-4978      <---- VEXEDLE?

Address may be a mail drop/answering service.

http://www.golfwinetravel.com/contact.php
Golf and Wine Travel
10869 North Scottsdale Road
Suite 103
Scottsdale, Arizona, USA 85254
888 607 1717
480 607 1717

http://www.campdepot.com/camps/c18782.html
International Tennis USA Summer Camp - Tampa
Off Season Administrative Address:
 10869 North Scottsdale Road
 Suite 103-178
 Scottsdale, Arizona 85254
 Tel: 480-510-7170
 Fax: 480 607 1771

Above "IDINS" scam appears to be unconnected to original reported "ebook" scam.  Only similarities are small charges, and increasing activity in December.

I received a charge on my checking account from MCA Webtechnology for $11.85. As with you I got a recorded message when I called and received the following response when I e-mailed:

Hello,

I represent MCA Webtechnology.
We got an email from you reporting a charge on your credit card.

Thank you for reporting about this situation promptly.

First I guess I should explain everything to you.
Our company produces webdesign and templates - primary web pages
with no content. The price of each template is $8,65-$11.85 so that
your
card was charged for the price of a template bought on our website.

I have a very important question for you:
Are you sure that nobody but you has access to your credit card
information(name and number)? You see that if your card was charged
and you didn't know about that somebody does have your card
information and can use it. Please check it.

We have already removed the charge you reported. The refund will be
stated in the account within three or four business days.

Nevertheless I strongly recommend you to call your bank and ask them
to issue another card for you. Because if your card was once charged
without your notification there's no guarantee of that the person
having access to the CC information wouldn't use it again.
It is also possible that some banking error occured and your card
was charged by mistake but still please call them and talk it over.

Sincerely,
Support Team.

This is obviously a scam. I sent a copy to my bank and the FTC fraud division. Has anyone else had any luck in reporting them? Does anyone know how they got my information? Should I close my account and open a new one?

Others have reported that exact same type of response, appearing to be a "responsible" reply to a disputed charge.

It is no doubt true that "somebody" has your card information, and also true that if you don't change your card number, you could get further charges.

As noted above, their website appears the same as several other "companies" engaged in the same pattern of unauthorized charges.  The differences are changes in the "company name", contact information, etc.  See the snapshots of those other sites here, for example:  "valencetemplates.com", "ilicsolutions.com", "mcatemplates.com", "mvwebtemplates.com", "ccdtemplates.com", "sensatech.com", "naturalordertemplate.com", "infinitysonstemplates.com", "websitemaster", "123gettemplates.com", "mcawebtechnology" (reported 1-7-08):
http://www.dslreports.com/forum/r19620593-Ebo ... DigitalAgePluto

Here is another report, of the response to disputing an unauthorized charge from "ccdtemplates.com".  Not only are the websites canned and "cookie-cutter" generated, but so are the dispute responses.  Does this look familiar?  
http://www.beckett.com/BeckettForum/Default.aspx?g=posts&m=11861662

"juanfatj  Posted: Sunday, December 23, 2007 1:10:59 AM  

Rank: New Member
Groups: Member

Joined: 4/28/2007
Posts: 90
If anyone got hit by Interactive Designs, here is the email addy that i was able to get my refund through(support@ccdtemplates.com). Also posting the email I got from them.


Hello Mike,

I represent Interactive Designs, LLC.
We got an email from you reporting a charge on your credit card.

Thank you for reporting about this situation promptly.

First I guess I should explain everything to you.
Our company produces webdesign and templates - primary web pages
with no content. Your card was charged for the price of a template
bought on our website.

I have a very important question for you:
Are you sure that nobody but you has access to your credit card
information(name and number)? You see that if your card was charged
and you didn't know about that somebody does have your card
information and can use it. Please check it.

We have already removed the charge you reported. The refund will be
stated in the account within three or four business days.

Nevertheless I strongly recommend you to call your bank and ask them
to issue another card for you. Because if your card was once charged
without your notification there's no guarantee of that the person
having access to the CC information wouldn't use it again.
It is also possible that some banking error occured and your card
was charged by mistake but still please call them and talk it over.

Sincerely,
Support Team."

I had had the same problem with ilicsolutions.com as of today.  I recently had a new debit card mailed to me.  Is this a common thread for anybody else?

There has been some discussion trying to determine their source of access to account numbers, trying to determine if there is a connection to recent usage at particular merchants.  

Hypotheses of Equifax as the source, or even Amazon, may simply mean that people who do a lot of on-line transactions often do transactions with both.  Some discussion has also surrounded a company called "freemerchant" or "Digital River" that is apparently a payment processor used by a number of small on-line merchants.  PayPal has also been mentioned.

See here, for example:
http://www.dslreports.com/forum/r19620593-Ebo ... DigitalAgePluto
http://www.cjupin.com/2007/09/13/credit-card-scam-digismarketcom
http://800notes.com/Phone.aspx/1-805-275-2235


As a general security precaution, you should NOT use, carry, or activate debit cards, as they allow direct access to your bank account with resulting possible repercussions on other legitimate payments (your mortgage check might bounce) or overdraft fees even if the bank eventually restores stolen money.

Credit cards are safer, as the banks seem to respond quicker to fraud when they see their own money stolen.  In fact, there are a number of reports of charges from these scammers being blocked by banks, but only when they were made using credit card numbers.  

The VISA and MasterCard systems have some degree of fraud detection in place, while the ACH system used to process checks, EFT, or electronic checks appears to have little fraud detection, depending only on customers finding fraudulent charges and disputing after the fact.  Criminals have discovered this fact and taylored their attacks accordingly.  

We are breeding a population of scam operations that matches the vulnerabilities created by the banks' security and fraud investigation (or non-investigation) policies, much like we can breed antibiotic resistant bacteria by ineffective treatment with antibiotics.

If you have had ANY fraudulent or unauthorized charge on an account, you need to close that account immediately.  This is far easier to do with a credit card (they just block it immediately with your phone call and send you a new card), than with a checking account where you have to order new checks, some checks haven't cleared yet, etc.  

In fact, you should probably shut off any existing debit cards, maybe keeping only an ATM card, requiring a PIN, for cash, to be used ONLY at your bank's own ATM machines, and use credit cards for everything else.  Limit checks to payments to creditors you know and have an on-going business relationship with:  rent, mortgage, CC bills, utilities, etc.  Never use checks or your bank account information for on-line purchases, and never pay anyone with a check who you have no reason to trust, like that kid selling magazines door to door.

Where has your new debit card been used?

Did you request your new debit card, or did your bank just send it to you?  Was it about to expire, or was it perhaps your bank responding to a known security breach, but just not telling you?

I requested it, the old one could no longer be processed because the magnetic strip was bad.  The number was the same, but it appears that the mail was probably not the problem and, more than likely, it is a leak from an online merchant.

Do NOT use debit cards.  Cancel any that you have.

Use one credit card for in person charges, and a different one for on-line purchases.  This simplifies catching errors, since you know what type of charge to expect on each card, and unauthorized charges will stand out better.

One high likelyhood source for account information leaking to this scam appears to be Equifax:
http://complaintwire.org/Complaint.aspx/EL6JDmbjXAAI8gjKEHLtfw

I just had a charge from this same company for $12.79.  I had already called my bank and had it flagged while it was still pending.  It posted today but I'm guessing I should be ok.  I also had the bank cancel my debit card that was used for this transaction.