[Fwd: Reminder - SSL Certificate for *.startcom.org expires in 10 Days]
Eddy Nigg
already contacted Godaddy with an abuse complaint. What else?
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: star...@startcom.org
Blog: https://blog.startcom.org
-------- Original Message --------
Subject: Reminder - SSL Certificate for *.startcom.org expires in 10 Days
Date: Sun, 21 Dec 2008 23:59:39 GMT
From: Certstar <sup...@certstar.com>
Reply-To: sup...@certstar.com
To: webm...@startcom.org
Dear Webmaster,
*** Expire Notice for SSL Certificate issued to *.startcom.org ***
Your SSL certificate will expire in 10 Days! It is important that you purchase a new certificate to ensure that the security of your website or application is maintained. If you are not the webmaster please forward this message to the appropriate person in your organization.
Current Certificate:
Cert Type.: Standard SSL (or similar)
Valid from: 2008-01-01
Expires...: 2008-12-31
Hostname..: *.startcom.org
Renew with Certstar: http://www.certstar.com/renew/startcom.org/
One to five year terms available starting at just $29 per year.
This email is sent as courtesy reminding you to replace your SSL certificate before it expires and does not indicate customer relationship. Replacing/renewal services for certificates are offered by a multiple providers we do however you will trust Certstar for your certificate needs.
If you require support or would like to discuss your options with a sales representative, please use the contact details below.
--
Sincerely,
Certstar Client Services
sup...@cerstar.com - http://www.certstar.com/
We respect that not all Internet users appreciate our reminders and ask you to reply to this
is email with the word "remove" in the subject (leave message body intact) to be taken off
our reminder list. This email was sent to you by Cerstar ApS a security firm providing secure
socket layer related services in more than 180 countries.
Eddy Nigg
> Has anybody an idea how to prevent those spam and scam attempts? I
> already contacted Godaddy with an abuse complaint. What else?
>
Apparently this site is connected to Comodo. I went all the way and paid
for a certificate in order to find out who is responsible for this scam.
I'm contacting the reps from Comodo, contacted Paypal which they also
use for payment processing, Entrust which issued their site certificate,
Godaddy which sold the domain.
Gen Kanai
On Dec 22, 2008, at 9:49 AM, Eddy Nigg wrote:
> On 12/22/2008 02:09 AM, Eddy Nigg:
>> Has anybody an idea how to prevent those spam and scam attempts? I
>> already contacted Godaddy with an abuse complaint. What else?
>>
>
> Apparently this site is connected to Comodo. I went all the way and
> paid for a certificate in order to find out who is responsible for
> this scam. I'm contacting the reps from Comodo, contacted Paypal
> which they also use for payment processing, Entrust which issued
> their site certificate, Godaddy which sold the domain.
Eddy,
Can you provide us a little more background here as to what you just
experienced?
Thank you in advance,
Gen
Eddy Nigg
I received today the email which I forwarded to the list. Apparently
they operate a robot scanning for secured sites and send a "reminder"
message prior to expiration of the certificate, pretending and
resembling our own messages which we send out to our own legitimate
users and customers.
The email is clearly an attempt to trick our customers and that of
others believing that they have to renew their certificate (which I
received exactly 10 days before expiration of the installed certificate)
and by clicking at the link. The name certstart.com resembles that of
our own sites cert.startcom.org and startssl.com.
Once using the link, the site lists the domain name and pretended
further to renew the SSL certificate for domain startcom.org.
I tried to find out who is behind this scam, but nowhere is the CA
listed. The site itself is secured by an Equifax certificate. So I went
all the way through, registered * and ordered one of their certs for our
domain, paid via Paypal and received a shiny certificate for 45 US$ from
Comodo. I retained all evidences of the emails, screen shots, Paypal
payments, certificates, etc.
I contacted all parties involved including my contact at Comodo. I also
had contact with the operator of this site himself and requested
immediate cessation of all activities including the web site itself.
* During "Renewal" the site requests "New username", further giving the
impression as if one already had previously a username.
Kyle Hamilton
> On 12/22/2008 04:15 AM, Gen Kanai:
>>
>> Can you provide us a little more background here as to what you just
>> experienced?
>>
>
> The site itself is secured by an Equifax certificate. So I went all the way
> through, registered * and ordered one of their certs for our domain, paid
> via Paypal and received a shiny certificate for 45 US$ from Comodo. I
> retained all evidences of the emails, screen shots, Paypal payments,
> certificates, etc.
>
> I contacted all parties involved including my contact at Comodo. I also had
> contact with the operator of this site himself and requested immediate
> cessation of all activities including the web site itself.
Why does it matter? We've already seen that the former CEO of the
Mozilla Corporation won't remove anything from the cert store, even if
there are valid complaints against the CA's business or trust.
-Kyle H
Eddy Nigg
Not sure if this is a reason to disable a root, but it's certainly
illegal business practice. Hopefully we can settle this with Comodo
directly in appropriate manner.
Ian G
> Not sure if this is a reason to disable a root, but it's certainly
> illegal business practice. Hopefully we can settle this with Comodo
> directly in appropriate manner.
Seems like the business is in Denmark, and claims Danish law and courts.
Which law are you claiming is breached? Just curious...
iang
Eddy Nigg
Unfortunately I can't comment any further on this matter what legal
issues concerns...