Since 1999, this site has been hosted by Addr.com, a small Web-hosting operation out of San Jose, California — its administration is now in Denver — and like a lot of low-end hosts, it offers a heck of a decent price and not a whole lot of tech support. For advocates of "You get what you pay for," this is not much of an issue. On the other hand, the service has had some frustrating failures from time to time, and while they always were eventually cleared up, getting through to the actual staff has proven to be more difficult than anyone might like.
During a couple of those difficult periods, email came in from something identified as "Expert Hosting", which offered to switch my domain (and presumably others) over to their servers. Inasmuch as I was paid up for a year, I didn't bite.
Then, early this spring, MSNBC reported that a chap from the Netherlands had hacked into the Addr.com database and obtained the customer password (and associated credit-card) list. Presumably to demonstrate his prowess, the thief furnished a few dozen entries from the database to MSNBC, which contacted the customers in question and verified that yes, this is real data. Expert Hosting, true to form, was back in my mailbox with a link to the MSNBC story, and offering, once again, to switch me over. I was otherwise occupied — cancelling a credit card, as a matter of fact — and didn't bite.
Since that time, MSNBC has added a few more details to the story, though it is currently not on their site. Addr.com is now charging that Expert Hosting is nothing more than a front for a credit-card theft operation, which EH denies. And there's more to come. Expert Hosting (along with Dotcom Avenue, another operation at the same street address) is apparently owned and operated by one Peter Francis-Macrae, aka David Jarvis, a British youngster (not yet twenty, I am given to understand), the former operator of True Hosting, whom some would argue is about the worst excuse for a service provider in all of dotcom-dom. Letters similar to the ones I received have been sent to aggrieved customers of other Web hosts on behalf of Dotcom Avenue, which suggests a fairly standard modus operandi for the lad.
And then, Thursday night, came this email:
Dear Addr.com customer,
Due to the unfortunate events that have occured during the past week, we are unable to continue operations at Addr.com. You have previously been advised that a hacker obtained a partial database of client information, including credit card details. Addr has been working closely with Visa and Mastercard and has given its full co-operation to assist them in minimizing consumer fraud as a result of this incident.
However, our merchant bank has decided not to continue to allow Addr to accept credit card payments from Visa and Mastercard customers in the future, and to freeze all recent payments made within the last 30 days by clients. Our management team have been working around the clock to try and secure a resolution to this situation but unfortunately we have been unsuccessful.
The freezing of a large amount of working capital and the bank's decision not to allow us to accept future payments has resulted in our inability to maintain service to our clients beyond this week. This decision has taken the financial future of Addr out of our hands.
All servers will be turned off by our provider between Saturday 14th April and Monday 16th April.
We apologize for the severe inconvenience this will no doubt cause you. Please do not try and contact our company via telephone as they are no longer being operated. If you would like to request a refund for unused service fees you have prepaid then please make your request in writing to the following address:
Addr Refund Requests 3031 Tisch Way Floor 10, Suite 1006 San Jose, CA 95128
If you need to contact us by email then please use the following address: addr_help@yahoo.com. Our website and email at the addr.com domain will be discontinued shortly and will not function. We cannot reply to email from our domain.
Addr.com will attempt to make a refund of all unused service fees if possible, when funds are made available by our bank. We cannot guarantee that a 100% refund will be available, but will make every effort to reimberse all clients as far as possible.
Sincerely, Addr.com Management =====================
I read this over twice, and the first time it seemed to make sense, but the second one yielded up some oddities. For one thing, why would an American company use a typically-British phrase like "our management team have been working"? "Team" is generally plural in this context in British usage, but Americans would say "our management team has been working".
And then a coworker who also has a site at Addr.com advised me that the phones are indeed working, contrary to claims, so the first order of business was to pull this email out again and look at the message headers:
Return-Path: <addr_help@yahoo.com>
Received: from proxy1.addr.com (addr.com [209.249.147.248]
(may be forged) by addr.com. (8.9.3/8.9.1) with ESMTP
id TAA52226 for <dustbury@addr.com> Thu, 12 Apr 2001
19:55:05 -0700 (PDT) (envelope-from addr_help@yahoo.com)
Received: from get.freewire.net (get.freewire.net
[195.184.229.250]) by proxy1.addr.com (8.9.3/8.9.1)
with ESMTP id TAA45638 for <dustbury@addr.com>; Thu,
12 Apr 2001 19:55:03 -0700 (PDT) (envelope-from
addr_help@yahoo.com)
Received: from yahoo.com (d231-220.dial.mistral.co.uk
[195.184.231.220]) by get.freewire.net (8.8.7/8.6.9)
with SMTP id DAA19907 for <dustbury@addr.com>; Fri,
13 Apr 2001 03:40:42 +0100
Message-Id: <200104130214.TZQ5156@yahoo.com>
The obvious question, of course, is why a California (or Colorado) company would have to send mail through a dialup in the United Kingdom (dial.mistral.co.uk).
So the reports of Addr.com's death are greatly exaggerated, and then some, and while it hasn't been proven as yet that Peter/David/Expert Hosting had anything to do with it — or, for that matter, with the original hacking of the Addr.com database (though I refuse to believe that someone who can't spoof an email header could possibly gain root on a Unix server) — this reeks of scammage, and not good scammage at that. As this story unfolds, I'll pass along the details.
Update, 28 December 2001: The following email notice from something identified as <management@dotcomavenue.com> was received here today:
Your website at http://www.dustbury.com/vent/vent241.html contains false and misleading information about Dot Com Avenue and its American subsidiary, Expert Hosting.
The above information must be removed within 24 hours otherwise further action will be taken.
Inasmuch as the sender was unable or unwilling to state exactly which information contained herein was "false and misleading", I read over the material, and found some dead links which could, I suppose, be considered "false and misleading", since they no longer pointed to sources of corroboration. The links have since been corrected. In addition, one particularly-ragged sentence has been spruced up somewhat to clear up any ambiguity as to who holds the opinions indicated in the linked pages.
You're welcome.
Update, 14 December 2002: Another horror story or two to report.
