Euro Business Guide / European City Guide SCAM

Euro Business Guide sends out spam emails of the following nature:

---

Subject: European company registration 2007/2008

Dear Sirs,

If you like to have your company registered in the registry of European companies;

Please print out the enclosed form (PDF file), fill it and send it back to:

Euro Business Guide
P.O. Box 2021
3500 GA UTRECHT
The Netherlands

Updating is free of charge!!

---

Attached is a PDF form that one can fill out.
Again, you will notice that the form states in bold "Updating is free of charge".


However, when you read the tiny small print, you will see that you are actually signing a contract for 3 years, and they charge you 990 Euro per year, see enlargement here:



This is a variant of the same scam as the "European City Guide".
If you mistakenly signed one of these forms, DO NOT PAY.
As the following web sites show, these scammers are after easy cash and not after law suits, although they use bully tactics to intimiate their victims. Check out Stop The European City Guide and Stop the European City Guide. In fact, they have already been convicted of fraud. To evade the law, they just move from one place to another.

aa419 back, CastleCops under paypal reputation attack

aa419 is back again, though still under DDoS attack, according to their web site on a CastleCops server. CastleCops itself has been and is still under DDoS attack. As of 18.September they are down, but supposedly because of a hardware failure, according to a comment posted in a washingtonpost blog. In that blog they also report that CastleCops is now subject to a different type of attack. The crooks use hijacked PayPal accounts to make donations to CastleCops. To users this makes it look like CastleCops are the crooks. CastleCops is working with the FBI, and they are working on returning the defrauded money.

Cyberwar for real.

aa419 under attack.

aa419 (artists against 419 scams) is under serious DDOS attack, and mostly not accessible. In a cache at google, I found some of the following forum notes:

---

Posted: Tue Sep 04, 2007 11:13 pm
As some of you may have noticed, aa419.org has been under a severe DDOS attack the last days. The attack is still ongoing. Our fabulous tech specialists were able to block thousands of IP addresses. As a result we can keep the website online despite the attack.

We strongly suspect that a Russian crime syndicate is behind this - apparently they are a bit upset about many, many shut down job scam / money mule scam websites. So in a way this DDOS attack is good news, because it certainly means that we cost these people a LOT of money.

We absolutley intend to keep aa419 online and not give in to them. And we think this is a good time to get some more money mule / job scam websites shut down.

---

Posted: Tue Sep 04, 2007 11:42 pm
SumYunGai wrote:
Botnet time is expensive. I suppose you've passed the IP addresses on to ISPs so they can take the appropriate action, whether that's warning the user or shutting down their Internet connection.


Yes, we are passing the IP addresses on to the relevant ISPs. But we are talking about several thousand blocked IP addresses so far.

---

Posted: Wed Sep 05, 2007 4:52 pm
Allright, the hoster temporarily took down our server. The criminals were pounding our server at 400GB/h. That means, they severaly increased the attack after our excellent tech guys were able to keep aa419 online the last days despite the attack.

We will keep you updated.

---

Also, 419eater.com and Scamwarners.com appears to be under attack (see this blog). And according to CastleCops, which is another anti-phising/malware/spam site, several other sites, including CastleCops are under severe ddos attacks.

Virus and Anti-Spam software that gets you...

BBC News had a piece on virus and hacking tools that have become a commercial commodity for criminals to purchase. Apparently all kinds of hacking tools are now offered commercially and as kits. Expect more SPAM, phishing, and other types of attacks in the future.

Another threat to personal computers stems for poor or even fraudulent anti-virus and/or anti-spyware software. There is plenty of anti-spyware software out there that really only makes the problem worse. Bad and dangerous programs posing as security software are certainly not good. Therefore, buy your products only from large, established, reputable companies.
A notorious case of such rogue software is/was SpyLocked or SpyWareLocked. Searches with google turn up lots of sites with instructions how to remove it. See, e.g., these removal instructions.
It even got its own entry on Wikipedia. Another fake program is VirusLocker (see these removal instructions).
The imagination of fraudsters is unlimited. Check out this huge list of bad software sites on the Spyware Warrior Site.

Storm worms enters blogs

The BBC had a report that the Storm worm is now invading blogs. Messages are posted to blogs that link to web sites that try to inject the worm into your computer. Subject lines for these messages are for example:

---

are you kidding me? lol
Dude dont send that stuff to my home email...
Dude your gonna get caught, lol
HAHAHAHAHAHA, man your insane!
I cant belive you did this
LMAO, your crazy man
LOL, dude what are you doing
man, who filmed this thing?
oh man your nutz
OMG, what are you thinking

---

A search with, for example, "HAHAHAHAHAHA, man your insane!" turns up many google blogspot sites. Be extremely careful with such sites. Some of them are just full of Storm Worm spam messages.
However, some of the google sites have now been blocked, most likely by Google or the blog owners, and only registered users can log in.

In any case, this does not bode well at all. This hacker group has now a system of probably over 1 Million infected computers under their control, and I am sure in a short time there will attempts to flood other popular sites.

Insights into 419 advance fee frauds

Here is a Web site, scambusters419.co.uk, that will give you plenty of insights into the workings of 419 advance free fraudsters. If you have some spare time, read how the owner plays and fools with the scammers.

Another Web site with some hilarious pictures of scammers is at 419eater.com. Have a look at this site.

These sites are operated by "scambaiters". They respond to SPAM emails of the advance fee fraud (419) type and make fools of the scammers.
See for example this exchange between a scammer and a baiter, where the scammer claims to be Samuel Eze from a bible ministry. I don't want to give away the punch line, but the pictures the guy sends are hilarious.

Enjoy both sites!

More info on HYIPs and scams

Catty Shaq has more infos and discussions of HYIPs and other online money making scams. It also has information on the e-Gold court case.

HYIPs are essentially scams.

Here is a nice explanation of how the HYIP (High Yield Investment Programs) scams (i.e. Colonyinvest, Wollenberg, SNGInvest, etc.) operate, see WorldLawdirect. It is similar to what you can find on HYIP in Wikipedia.
A simple fact is: "Warren Buffett, one of the world's most successful investors, made around 30% per year during his most successful period." So, any claims of higher profits by HYIPs cannot be real.

Very interesting is also the fact the e-gold, which is used by many HYIP programs as a way to transfer the funds is itself indicted on charges of money laundering, conspiracy, and operating an unlicensed money transmitting business, see WLD forum thread on e-gold.

postcard/e-card and "Membership" SPAM emails are STORM WORM

The Register had yesterday a report that the new series of SPAM emails - the recent "Welcome/Membership" emails - that try to lure you into clicking on a link are attempts to infect your computer with malicious software. They are new permutations of the previous ecard/postcard SPAM emails. If the reader goes to the web site, he is prompted that an applet (little program) needs to be installed for secure login. This program is called "applet.exe", runs on Windows machines (not Mac Os X or Linux), and creates a backdoor on the computer that allows hackers to take over the machine. This piece of malware or Trojan is known as "Storm", "Zhelatin" or W32/Newar. It changes and adapts rapidly, in fact so fast that many antivirus software packages do not yet recognize it intially. This is an extremely dangerous Trojan going around. Between January and May 2007 2817 infected hosts were detected, but this has skyrocketed to 1.7 million infected machines now. F-Secure has a list of Sender and Subject lines that the recent SPAMs use.

New phishing or virus attack by email SPAM

New variations of the postcard / e-card spam emails are showing up that try to lure you into clicking on a provided link. This time the spam emails pretend to be a confirmation for a membership registration, or something along those lines, and they try to trick you into clicking on the link. Most likely the given web site will inject a virus into your computer system. Here are some examples:

---

Subject: Membership Details
From: "Web Players"
Sender: User viqlpkkvxut

New Member,

Are you ready to have fun at Web Players.

Account Number: 828285335
Temorary Login: user3090
Password ID: yg141

For security purposes please login and change the temporary Login ID and Password.

Use this link to change your Login info: http://xxx.xxx.xxx.xx

Thank You,
Confirmation Dept.
Web Players

---

Subject: Member Confirm
From: "Free Ringtones"
Sender: User twcenwfunwi

Dear Member,

Thank You for Joining Free Ringtones.

Membership Number: 28189574868359
Temorary Login: user4810
Your Password ID: qu845

Please keep your account secure by logging in and changing your login info.

Follow this Link: http://xxx.xxx.xxx.xxx
Enjoy,
Confirmation Dept.
Free Ringtones

---

Subject: Registration Confirmation
From: "Office Antics"
Sender: User neojqgl

New Member,

We are glad you joined Office Antics.

Membership Number: 81718539734
Temp Login ID: user8300
Temorary Password: ch274

Please keep your account secure by logging in and changing your login info.

Use this link to change your Login info: http://xxx.xxx.xxx.xx
Thank You,
Membership Support Department
Office Antics

---

Subject: Dated Confirmation
From: "Online Hook-Up"
Sender: User wcrdzwrbl

Welcome Member,

Here is your membership info for Online Hook-Up.

Confirmation Number: 94429852
Login ID: user8191
Password ID: da684

Your temporary Login Info will expire in 24 hours. Please login and change it.

Use this link to change your Login info: http://xxx.xxx.xxx.xx
Enjoy,
Welcome Department
Online Hook-Up

---

Subject: Your Member Info
From: "Free Web Tools"
Sender: User fwunefx

Welcome,

Are you ready to have fun at Free Web Tools.

Account Number: 6179795186753
Your Temp. Login ID: user8774
Password ID: gl565

Please keep your account secure by logging in and changing your login info.

Click on the secure link or paste it to your browser: http://xxx.xxx.xxx.xx
Thank You,
Welcome Department
Free Web Tools

Wollenberg International (www.wollenberginternational.com), part 2

Wollenberg International claims to be based in Panama. The address they give is (click for larger picture):



Searching with this address, one finds that this is exactly the same address used by another fraudulent investment web site: Scandinavian Networking Group (www.snginvest.com), which has been exposed at sng-scam.info. Here is an excerpt of the Panamanian documents of SNG (taken from moneymakergroup):


As one will notice, the address is the same as for Wollenberg. So, either Wollenberg ING copied it from SNG, or they are the same operation. In either case, this looks like a scam.

The same address is used by what looks like yet another dubious investment site, siaminvestcorp.com (Siam Gain S.A.):



Siaminvestcorp has links to Hatfield Oak International, which in turn had links with SNGinvest (see sng-scam.info).

Then there is a representative of the a3union.com based in this apartment:


Furthere, we find an application form under vmover.com listing Hatfield Oak's address in the same place:

although Hatfield seems to have another address:


Vmover.com itself is an advertisement board for such sites as AmityFunds, SNGInvest, A3Union, ExclusiveCircle, FantasticPay, FeederFund, FX Club and more.

Sewercash has previously exposed Amityfunds as also being located in the same place Findings on Amityfunds

And people involved in Amityfunds and SNGinvest are prosecuted:


If you look at the Torre Cosmos Floor plans, the apartment tower where the address is, you will find that it contains 2- and 3-bedroom apartments, and four 2-bedroom penthouses on top. Apartment A on the 13th floor is a 3-bedroom apartment.
Well, well, this little apartment in Panama is pretty crowded...

Hence, Wollenberg is lying about being in Panama, or it's part of the SNGinvest/Amityfunds circle of fraudulent companies.

Escrow fraud, modul-transport

I've come across two more useful web sites, scamfraudalert.com and escrow-fraud.com (see links on the side).

One example of a fraudulent escrow service is Modul Transport (modul-transport.com). They made the name very similar to another logistics company, www.modultransport.com. However, as their contact address they list yet another, legitimate logistics company (Pro-Logistics, daughter of AIRLOG GROUP) located in Helsingborg, Sweden. In their contact section they only modified the phone numbers slightly to some other phone number.



Further, modul-transport.com copied the CEO and employee images from the Contact section of the real company AIRLOG GROUP (http://www.airlog.se/), changed the names and put them on their web site. Here are the fake images (compare with the real ones
at Airlog:

New variants of the postcard/e-cards

New versions of the spam emails pretenting to be postcards/e-cards from friends/colleages etc. are spreading. Here are some examples:

---

Colleague(xxxx@xxxxx.org) has created Animated postcard for you at birthdaycards.com.

To see your custom Animated postcard, simply click on the following Internet address (if your mail program doesn't support this feature you will need to COPY and PASTE the address into your browser's address box):

http://xxx.xxx.xxx.xxx (IP removed)

Send a FREE greeting card from birthdaycards.com whenever you want by visiting us at:
http://birthdaycards.com/
This service is provided and hosted by birthdaycards.com.

---

Colleague has created a greeting ecard for you at E-Cards.Com,
the Internet's most popular greeting card service.
Your greeting card ID is: xxxxxxxxxxxxx
To see your custom greeting card, simply click on the link below:
http://xxx.xxx.xxx.xxx (IP removed)

Send greeting cards from E-Cards.Com whenever you want by visiting us at: http://E-Cards.Com/
Copyright (c) 1996-2007 E-Cards.Com All Rights Reserved

---

The aim of these emails is to guide you to a web site that will infect your computer with a virus.
Particularly, if you use a version of the Windows operating system, it is highly recommended that you keep your computer updated with the latest patches and with the latest anti-virus and anti-spyware software.
It is also helpful to use alternative Web browsers, such as Firefox or Opera, instead of Internet Explorer.

Another fraudulent investment scheme: Wollenberg International

While looking at colonyinvest, I also came across another suspect site: www.wollenbergfunds.com. This "company" has now undergone a substantial overhaul and markets itself as Wollenberg International marketing group (ING) at www.wollenberginternational.com. In an "advertisement" on one of the quick money scheme web forums, they claim "new ceo, new staff, totally new concept":






Let's look at the whois data of the old site, pretty much all information about www.wollenbergfunds.com seems to have been erased, but the whois data is still available:

---

The new whois entry for www.wollenberginternational.com is this:




As one can see, the first administrator was Krzysztof Giemza in Tarnow, Poland, who registered the web site in Australia??!
The second administrator is now an "Arnold Wollenberg". However, as you will notice, this person is also in Tarnow, Poland, and the telephone number (+48 502 683982) is the same. Arnold Wollenberg is Krzysztof Giemza! The overhauled domain is simply the attempt to hide who he really is.








Now, we can find out more about Mr Giemza. Using the phone number to search, we find that he posted an advertisement to do house sitting in London! So, the successful investement company CEO is looking for housesitting jobs?!!












He provides a client testimonial on the sitecube.com web site, the flash software he used to develop the new wollenberginternational web site:


Also, on a web site in Poland, he listed his credentials looking for jobs:


We can see he speaks English and German, was a fitness instructor for 12 years, and a martial arts instructor for 19 years, and insurance agent for 1 year, and working in trading/enterprise for 4 years. Worked as English translator for 15 years. He also had some computer courses. Now he is operating an investment company supposedly based in Panama, but all contacts are in Poland? This sounds all very fishy. This is all in line with someone trying to make some fast money, not through investment, but with other people's money. Stay away!

More shady dealings of colonyinvest in Vietnam, part5

A Vietnamese newspaper tracked down the local representative of colonyinvest. See their article at
www.thanhniennews.com/features/?catid=10&newsid=30717.
How shady is it for a supposedly reputable business with investments yielding 100 percent gains per month to distribute info in a photocopy shop?! And to meet a representative of colony investment the newspaper had to go to a coffee shop. It is also very revealing that the colonyinvest representative claims that they get their money from investments in casinos, foreign exchange, and normal stock markets (high-tech/blue-chip). This clearly shows that this business cannot be legitimate, since, for example, no deals in foreign exchange currencies can yield such profits. It is very clear however, that the top colonyinvest representatives at this meeting get their money from the investment of other people. The normal “investor” is left with e-money that supposedly increases in a computer account. The real problem will start when they want to withdraw some real money… Tellingly, when the journalists wanted to borrow some e-money, the colonyinvest representatives said “no”. If Colony Invest can generate money so easily with their scheme, why can’t they lend a little e-money? Clearly, this is all about cheating people out of their real money. Stay away from this fraud!

Several taken down schemes: Phoenixsurf.com, FrancSwiss, SwissCash

While fraudulent schemes pop up everywhere, government agencies are making progress to catch them. The more people report them, the faster they will fall.

Here is a report on Phoenixsurf.com:

---

SEC Charges Operators of Phoenixsurf.com Web Site With Conducting a Massive Internet Ponzi Scheme

FOR IMMEDIATE RELEASE
2007-141
Washington, D.C., July 24, 2007 - The Securities and Exchange Commission today filed securities fraud charges against the operators of an Internet-based Ponzi scheme that raised $41.9 million in just four months from more than 20,000 investors worldwide.

---

For the full report see www.sec.gov/news/press/2007/2007-141.htm

Or for FrancSwiss internet fraud see http://newsinfo.inquirer.net/breakingnews/infotech/view_article.php?article_id=75039

And for SwissCash or Swiss Mutual Fund Web frauds (www.swissmutualfund.biz.) see http://www.todayonline.com/articles/167644.asp . Of course, a Swiss company based in the Commonwealth of Dominica should have raised alarm bells with investors.

Also, check out the Web site of the Monetary AUthority of Singapore, the maintain a list of fraudulent sites:
http://www.moneysense.gov.sg/check_our_list/Consumer_Portal_IAL.html . But because of the fast changing nature of these fraud internet sites, such list will never be complete.

Colony Invest fraud moves around, part4

Colony Invest (colonyinvest) operates also at colonyinvest.net. Their other - identicial - web site, www.colonyinvest.com, is presently not responsive. No reputable company would keep their ".com" down or inactive. They could reroute to the other. Perhaps they are on the move to hide from old investors.
Also, it seems they moved their blog entry to colonythailand.blogspot.com to attract Thai people into their scam. Colonythailand is the same fraud! They also have a web site geared towards Vietnamese at http://music.easyvn.com/colonyinvest/. The contact person associated with this Web site is a Nguyen Kinh Luan. It has a nice description of their pyramid scheme:



As one can see, this is a rather overcomplicated scheme, nobody is really supposed to understand the details, all that matters is that it promises extra percentages of profit for each new member that you can recruit. No investment company would offer such a pyramid scheme. In fact Colony Invest is both a pyramid and Ponzi scheme. This is illegal and does not work (see for example the Wikipedia entries: http://en.wikipedia.org/wiki/Pyramid_scheme, http://en.wikipedia.org/wiki/Ponzi_scheme).

Perhaps some people will get some money, but most will loose. Do not invest!

More fake greeting cards, ecards, postcards, Virus warning

Recently, many more of these fake phising ecards, postcards, greeting cards have appears. They always look exactly the same, the only thing that changes is how they are addressed: Friend, family member, mate, class-mate, worshippper, etc., and from which web service the come from, i.e. american greetings, e-cards.com, all-yours.net, 2000greetings.com, freewebcards.com, vintagepostcards.com, 123greetings.com, riversong.com, postcards.com, greet2k.com, netfuncards.com, hallmark.com etc.
They sure made a nice little program to randiomize the senders and the greetings to try to fool you into clicking on their links.
DO NOT CLICK ON THE LINKS!

Here is a recent list of such emails in my junk box:

Phishing using Greeting cards/ecards, Virus warning

Recently, I got e-greeting cards in my email, one apparently from a neighbor, one from a friend. However, I didn't expect any cards. A careful check of the IP addresses on which one was supposed to click showed that they are not the same as the one from the company from which the e-greeting was supposed to come.

Here are the two examples:

---

....
Subject: Celebrate Your Nation
....

Hi. Friend has sent you a greeting ecard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your card's direct www address below while you are connected to the Internet:

xxx.xx.xx.xxx (IP number removed for security reasons)

Or copy and paste it into your browser's "Location" box (where Internet addresses go).



PRIVACY
2000greetings.com honors your privacy. Our home page and Card Pick Up have links to our Privacy Policy.

TERMS OF USE
By accessing your card you agree we have no liability. If you don't know the person sending the card or don't wish to see the card, please disregard this Announcement.

We hope you enjoy your awesome card.

Wishing you the best,
Mail Delivery System,
2000greetings.com

---

...
Subject: You've received a greeting postcard from a neighbour!
Date: Mon, 2 Jul 2007 14:22:06 +0200
...

Good day.

Your neighbour has sent you a greeting postcard from Hallmark.Com.

Send free ecards from Hallmark.Com with your choice of colors, words and music.

Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.

To view your ecard, choose from any of the following options:

--------
OPTION 1
--------

Click on the following Internet address or
copy & paste it into your browser's address box.

xxx.xx.xx.xxx (IP number removed for security reasons)

--------
OPTION 2
--------

Copy & paste the ecard number in the "View Your Card" box at xxxxx (removed)

Your ecard number is
xxxxx (removed)

Best wishes,
Mailer-Daemon,
Hallmark.Com

---

These emails are BOGUS, FAKE, neither of the IPs (deleted above) pointed to 2000greetings or hallmark.
I found further information on this type of fraud also at purportal.com/spam/1852/ and www.scambusters.org/ecards.html.
The sole purpose of these emails is to direct the reader to a fraudulent web site, with the purpose of infecting your computer with spyware or viruses, or otherwise obtaining information from you to exploit.

This threat is very, very insidious (dangerous), because a simple click to this bad web site can already cause problems if
your computer is not protected from the latest viruses or spyware!!

So, beware! Do not click on the links!!

Colonyinvest Fraud, part3

Well, each time you look at that site, you just find more lies. The testimonials are all written in poor English, definitively not by a native English speaker. Further, this testimonial says they used this company for 6 months! What a lie. If you look in my first post, you will see that the Web site is up only since the middle of March 2007.

Forget these fraudsters...

Colonyinvest Fraud, part2

Colonyinvest is even running their own blog here on blogspot (or at least used to). Does it surprise me that they only have one post, advertising their schemes? Of course not.

At least this gives us the opportunity to look at their claims.


So, for 1000$ investment, at 3% interest per day put into a separte account, you get 1000$ in 33 days. You are supposed to gain 3000$ to 4000$ (it's not quite clear how this strange scheme is counting) in the short time of 100 days. Impossible with the investment sources (stock market, commodities) they cite on their Web page.
They clearly want to cheat unsuspecting people from SouthEast Asia. They offer low investment limits (just 100$ gets you started), and they have a strange online keyboard for entering information. This only makes sense if one thinks about possible entry problems caused by keyboards and alphabets in different countries.
They want to lure as many people as possible in a short time, therefore the network and friend-to-friend bonuses. Clearly this is an illegal pyramid scheme.

www.colonyinvest.com could be shut down any moment, and the only one who profits is the Web operator who collected all the money. Perhaps he will pay out some interest to the first investors to generate a positive feedback, and keep the money coming in, but at some point, this Web site and the money will just disappear. Since this seems to have started in April, it could stop any day.
Again, just keep away from such sites.

Fake Universities

Well, well. The Web is an endless source of fraud. BBC just had a news bit on "Corruption that is damaging education" (http://news.bbc.co.uk/2/hi/uk_news/education/6729537.stm). One part of this was Fake Universities on the Web (http://news.bbc.co.uk/2/hi/uk_news/education/3369567.stm). Some universities mentioned in the article are "Shepperton University", University of Dorchester", "GM University", "Greater Manchester University Ltd". A check of the still active Web site of "Shepperton University" reveals a page for International Students that says "All tuition and fees must be paid in U.S. currency and all checks drawn on U.S. banks." All other tuition fees are also in US$. Yeah, sure, for an English university in England, you need to pay in Pounds.
But another key way of detecting the fraud is the Web address: From BBC "The website addresses of the bogus institutions are a quick giveaway, because they cannot obtain the bona fide ".ac.uk" domain - though it has been known for some to use ".ac", the Ascension Islands domain." In other countries, like the US, academic institutions usually end in ".edu". In other countries it may be more difficult to get a list of real universities, as there is no system such as "ac.uk", or ".edu". Still, it should not be too difficult to find real institutions with proper Web sites that list addresses, faculty members, etc.

Scam Investment Schemes: ColonyInvest part1

There are plenty of fraudulent investment schemes out there. If a scheme sounds too good to be true, well, indeed, it's probably not true. Artists against 419 (419 is also known as Nigerian fraud) has a database of fake Banks (http://db.aa419.org/). Alas, this list is not complete, new schemes pop up all the time.
Let's have a look at a recent scheme: www.colonyinvest.com.

Can this be real? They apparently advertise their business mainly on Asian webboards (e.g. Malaysia), and seem to rely on word to word propaganda to sign up people, apparently in a pyramid scheme.
So, let's examine the Web site. The "About Us" section:



They claim to be the online investment branch of a major Investment company "Colony Invest Management Inc. ".
Web searches do not reveal any company by that name. Further, they are supposed to be based in Rochester, NY, but a check in the list of supervised institutions at the "State of NY Banking Department" http://www.banking.state.ny.us/supinst.htm" does not reveal any such company.
Most revealing is that nowhere in the Web site is any real adress or phone number listed. Highly suspicious.
Look at the supposed list of directors, many of the places they supposedly worked at cannot be found on the internet:
Estine Development Group, London Tucks Development Agency, Smith Simpson College, Barbra Capital Partners, Clinton, Dubbier & Rice, Inc. There is a "Simpson College" without "Smith", but why should a "reputable" company make such a mistake... Anyway, this whole list is just made up to look impressive.

What about the links to the companies they invest in, the references? You will notice that these are just links to other Web Sites, and none of these other Web Site ever mention or link back to ColonyInvest.

So, where is the Web site registered? A search on http://www.whois.net/ brings us to the registrar godaddy.com (where you can register a web site for 10$ a year). The information there yields:



Wow, a single person in Fremont California (whatever happened to Rochester, NY?) is listed as administrator and technical expert, and he has a yahoo email address in China! How fishy is that?
A reverse lookup of the phone number at http://www.whitepages.com/ gives us the following information for the same phone number:



Ibi synergy (http://www.ibisynergy.com/) is an importer of condoms for NR Synergy in Malaysia. This seems to be a little legitimate business. You can make another lookup for this Web address and find another owner listed for this phone number. But clearly, this is very different from what ColonyInvest is supposed to be.

Finally, let's look at some of the fine print of ColonyInvest. In their FAQ:

To deposit money into an account of theirs, they charge 5%!. To withdraw money, they charge 10%. So, according to the example given, you deposit 1075$, and when you want to withdraw it later, you get 860$ back. So, together with fees, they take 20% of your money, what a rip-off. No reputable bank will do that. And nowhere do they promise you any garanteed profits... For each transaction in the market they charge you 50$. A search for "online banking" will give you many online banks that allow you stock market trading for less than 10$ per transaction.

So, in conclusion, just stay away...