Select Page
Weekly Alert  |  February 7, 2024

Scam Law Firm? You Be the Judge! Lawyers are important and necessary to help people understand laws, as well as advise and represent them in hundreds of different ways regarding laws. Their help extends far beyond criminal allegations or legal contracts/arrangements. For example, The Daily Scam had the support of a very powerful law firm who came to our rescue a few years ago after a company wrongfully threatened a lawsuit against us for using a single small graphic that was found in the public domain. This firm demanded that we pay an extremely high fee for use of the graphic, or be sued in court for tens of thousands of dollars. This experience literally felt like an extortion scam! But are all lawyers ethical? And are they whom they claim to be? In mid-January, we coincidentally heard from two unrelated U.S. businesses. Each business reported receiving the same email from a lawyer about “trademark infringement” related to their business names. Both businesses found the email somewhat suspicious. When we investigated these nearly identical emails, we were very surprised at what we discovered.  It felt like we were looking at a whole new area of fraud we had never seen before, and going back several years. But we want you to be the judge in this case. Is this all just a sneaky way of drumming up more business, or is this law firm a scam? You decide…

On January 11, two employees of a New England tech support company received the email below from Steven Gebelin, of TrademarkPeak[.]com. And then the next day, one of those employees received the exact same email again, but with one small change. Steven Gebelin changed the phone number listed in the last sentence from 213-4410801 to match the phone number shown in the image of his card: (213) 871-8505. (It’s also important to point out that it is NOT typical in the US to list a phone number in this format: 213-4410801. (Details matter!)

Also, if you read Steven Gebelin’s email carefully, the paragraph that begins with “Time is of the essence…” feels a bit like pressure to do business with him or you’ll risk losing your business name to a competitor! The threat is implied and possible if the business doesn’t act immediately. These points immediately had our attention!

The first thing we did in our investigation was to look up information about Steven Gebelin’s business domain, TrademarkPeak[.]com and use Google to search for anyone else reporting anything suspicious about emails such as these. Results were immediate….

  • The Trademarkpeak[.]com domain was just seven weeks old when we checked it.  It was registered on November 24, 2023. This is very young for any business, making us feel suspicious about its legitimacy.
  • This business was reported multiple times on Scampulse between January 9 – 12. But the reports were about emails from a man named “Alex Bruno” at the Trademark Peak firm and using the telephone number (213) 348-5412.  Alex gave his email as “Alex@trademarkpeak[.]com.”
  • The trademarkpeak[.]com business domain was also reported LOTS of times as a fraud on the  BBB.org website! One of those reports was from someone who noticed this odd discrepancy between the email and the business website. The post said… [Alex] “attached a card saying he is an Intellectual Property Attorney. However, their own website says they are not a legal firm: ‘No, we are not a legal firm, and we do not offer legal advice.’” [Full report on BBB.org’s Scam Tracker]
  • A lawyer on LinkedIn report this as a fraud in his post “Next Level Trademark Scam” (Requires a LinkedIn account to access and read.) 

OK, this is where our story turns bizarre. The employee from the tech company who received two of these emails and noticed the change in phone numbers, decided to call the phone number for Steven Gebelin and was shocked by what she heard. So shocked that she contacted us and urged us to call Steven of Trademark Peak as well!  Here is a recording of the 47 second voice message that greeted us on January 16 when we called (213) 871-8505. We’re certain you’ll also be surprised! Be sure to listen to the very end, and trust us, we did not manipulate this voice message in any way! 

    First of all, this call was NOT made to the US Patent and Trademark Office, which is what the voice message suggests! Second of all, the voice message ends with an evil clown laugh that NO LEGITIMATE business would ever post, unless you were contacting a business like “Hire an Evil Clown” DOT com. OK, we were now convinced that Trademark Peak was not likely a legitimate business and “Steven Gebelin” was probably a scammer! But how far did this scam reach? How pervasive was it? Patent infringement felt like such an odd scam pitch that we figured it wasn’t very wide-spread.  Well, we were wrong! When we looked closely at the similar email forwarded to us by a business in Nebraska, we noticed that “Steven Gebelin” now had a middle name, a new phone number, a NEW website, but the same physical address in Los Angeles!  

      When we looked up this new business domain, TrademarkDynamite[.]com, in a WHOIS tool we discovered that it had just been registered on December 5, 2023 through a proxy service in Sweden! Does ANY of this sound remotely legitimate to you? Even VIrusTotal.com said that a security service had found this website to be malicious! By now, our spidey senses were on high alert and we visited this new trademark protection business for signs of fraud and were, once again, astounded by what we found. 

      Our investigation showed…

      • Though the business was listed as “Trademark Dynamite” we found a footer on their About Us page that called themselves both “Trademark Swift LLC” and “Trademark Omega.”  They even had an email address listed as info@trademarkswift[.]com on the trademarkdynamite[.]com website. The physical street address was the same 610 S Broadway Los Angeles CA, as seen on all communications.
      • The “About Us” web page for trademarkdynamite[.]com had 9 bizarre blog entries with photos that had NOTHING to do with this law firm or their business! For example, we found a sentence in one blog that began with “When, while the lovely valley teems with vapour around me.” When we searched for this exact sentence in Google, it showed us links to thousands of websites around the world. And many of them in the first couple of Google results pages looked very sketchy, and not credible.

        This had us thinking that maybe, just maybe, these “intellectual property attorneys” represented a much deeper and more extensive amount of fraud targeting businesses across the US. We went back to TrademarkPeak[.]com and found a unique sentence on their website and used Google again to search ONLY for this sentence as written. (This is done by putting quotes at the beginning and end of our search characters.)  Google showed us this exact sentence on LOTS more websites that had been registered in the last two years, including websites that VirusTotal reported as phishing scams! Even our friends at Scamadviser reported one of these older sites with a low trust score! The site was called trademarkzenesa[.]com.

        All totalled, we discovered 10 malicious or highly suspicious websites claiming to protect the trademarks of businesses.  Their motto is “We fight you win. Protect Your Brand with Trademark Registration.”  Some of our readers may think this is just some “niche” scam, very limited in scope but we disagree. We now believe this is a very widespread fraud, likely impacting thousands of businesses across the United States, and likely other countries as well. More evidence to support our claim comes from a quote from someone named “John Donald,” the “CEO at Foxes Travel.”  This quote appeared on the TrademarkDynamite[.]com website. He is quoted as saying “A massive Thank You to Steven Gebelin and the team for a very fast and efficient filing.” When we conducted a Google search for THIS EXACT SENTENCE, we discovered another 3 Trademark business websites that were recently registered….

        We asked YOU to be the judge about Steven Gebelin’s emails. Based on our findings, do you think these intellectual property attorneys are to be trusted? By now, you know EXACTLY what we think! It is so easy to deceive others online! For any businesses reading our newsletter and who are interesting in real trademark protections, here are a few worthwhile resources from the US Government:

        Legitimate United States Patent and Trademark Office: https://www.uspto.gov/

        https://www.uspto.gov/trademarks/protect/caution-misleading-notices

        https://www.ftc.gov/business-guidance/resources/scams-your-small-business-guide-business

        Unmasking the Truth About Noortimer[.]com: Avoid the Scam! Came across text messages containing a link to noortimer[.]com recently? Watch out; it’s a scam! Check out on it and protect yourself with this 100% FREE, all-in-one tool

        Saying Goodbye to Our Partnership — Dear Scamadviser and Daily Scam readers, After nearly two and half years in the collaborative effort to produce this newsletter we have decided to create two separate newsletters. The newsletter that you have been reading for the last 127 issues will once again become The Daily Scam and will be available starting next week. Scamadviser will produce their own newsletter and it will be emailed monthly, and if you’re reading this, you don’t have to do anything, you’re already on that mailing list. The Daily Scam Newsletter is free and available via this sign-up page or at TheDailyScam.com. It’s been a wonderful 2+ year collaborative effort and both teams at SA and TDS are grateful for this partnership.

        Last week we brought attention to the risks that come from having lots of personal information available for sale online through nearly 200 data brokers. We just read about an insane scam that targeted a man via a QR code displayed on his TV after hackers gained access. The man said that the hackers new lots of his personal information, including the last 4 digits of his social security number! (Read about this scam on WSVN News.) Little did we know that personal information is also gathered and used by our own Government agencies. Check out this article recently posted on CNN.com claiming that the National Security Agency is also buying Internet data about Americans. In last week’s article, we also didn’t point out the fact that companies and government agencies around the world have been found to collect data about the public.  One example is Tik Tok. There have been many concerns whether or not the company that makes Tik Tok collects and shares data with the Chinese government. According to this Forbes article published last June, they likely do because it has been revealed that some of the data about users is stored on servers in China! And in case you didn’t know, the Chinese government heavily controls and monitors data about people. These are just two more small points concerning the amount of data that is collected about people across the world.

        We have been expressing concern about the use of AI tools, like ChatGPT and many others, to be used by criminals to target people. In this election year in the USA, we sincerely hope that our readers remain skeptical about the things they see, hear and read online! LOOK CAREFULLY AT THE SOURCE OF INFORMATION!  Unless the source is extremely credible, don’t believe it just because someone shares it, it appears in your feed or you find it on websites that are heavily biased one way or another.  For example, did you know that an audio recording of President Biden was used to call lots of voters just prior to the New Hampshire primaries last month. His voice message told Democratic voters it wasn’t necessary for them to vote. But it was a fake recording created by AI tools! (You can read more details about this call on NBC News, a highly credible news source!) The impact of fake images, audio recordings and even videos on the public can be devastating! It is reported that a deep fake audio recording cost a top candidate the election in recent voting in Slovakia. (Source: CNN.com article about election deep fake threats.) CNN also recently reported that a firm in Hong Kong lost $20 million in a fraud that was the result of a Zoom call in which AI was used to create company employees in the meeting! Multiple US government agencies have proven that several countries, including Russia, were heavily involved in DISINFORMATION campaigns to sway our elections. Though we have no proof, we suspect that they, and other countries and political groups, are likely to ramp up these efforts again as we get closer to November. Stay open minded and remember to look carefully at the source of your information!

        Speaking of fake information, check out this extortion threat that dropped into our email inbox at TDS.  It was spoofed to appear that we had sent it to ourselves.  The real sender claimed to have installed malware on our device that enabled him to record us masturbating to “controversial porn videos.” It is complete nonsense! DO NOT BELIEVE THESE LIES! Where’s the proof? Show me a photo? We know these are fake threats.  (And we used to get them weekly!)

        Professional Scambaiter Rob sent us a recent exchange he had with an advance-fee scam and the LAST response he got from the scammer was so priceless that we want to share it with you!  This exchange began on Sun, Jan 28, 2024 at 5:45 PM when Rob randomly got this email from Eco-Bank Western Union, using an email address in France: western_union2500@live.frThe sender wrote:

        Hello,

        I have to contact you, because i discovered unpaid payment file of US$1.5m on your name, here in our head office. I wait for your response.

        Karl  Adams

        After thirteen “lovely” exchanges with Karl, Rob finally called the sender out as a scumbag scammer!  This was the response that came back: “You should know better, It’s not possible to do scam is U.S”  Yeah, right. In that case, we have land to sell you in Atlantis.

        Here are several interesting articles that came to our attention in the last week….

        SIM Card Swap Scam reported on this Channel 7 News feed last week (YouTube)

        https://www.amlintelligence.com/2024/01/the-romance-scam-that-cost-me-1m/

        https://www.nytimes.com/wirecutter/blog/ios-17-3-stolen-device-protection/

        https://www.cnn.com/2024/01/29/tech/catfishing-explained-what-to-do-as-equals-intl-cmd/index.html

        https://www.nbcnews.com/tech/internet/sextortion-yahoo-boys-snapchat-tiktok-teen-wizz-rcna134200

        https://www.consumeraffairs.com/news/credit-cards-to-get-a-lot-safer-and-harder-for-you-to-be-scammed-012624.html

        Most Geek Squad scam emails come from criminals in India.This one came from a Indian man living in Queens, NY and he got caught!

        https://www.audacy.com/wcbs880/news/local/queens-man-arrested-for-scamming-thousands-from-li-victims

        Peacock, Amazon and iCloud Accounts! Often we can’t help but laugh out loud at the language scammers use in their scams!  Check out this bogus email telling you that your Peacock account has been suspended. Of course, it didn’t come from the real domain, peacocktv.com! And the links point to the misused Googleapis.com service.  Cybercriminals have been HEAVILY misusing this Google service for phishing scams and malware threats! But enjoy the line at the very bottom of this smelly phish! We promise that it will put a smile on your face!

        The first thing to notice in this next rotten phish is that the email came from a server in France, and not Amazon! (Notice that the email address ends with “.fr”) Also, notice how poor is the resolution of the image in this email. Oh, and of course, no where in this email does it even have the recipient’s name!  The links in this clickbait point to a hacked website for a marketing agency in Norfolk, Virginia. Deeeeeleeeeete!

        There are SOOOOO many things wrong about this last phishing threat. It tells you that malware/viruses were detected in your iCloud account. However, we want to point out that the links in this phish don’t point to a named server. They point to an IP Address!  That is almost CERTAINLY a sign of fraud!  This particular IP address actually sits on a server in the Netherlands.  Does that sound like Apple’s iCloud services to you?

        Delete!

        Report your smelly phish!  https://safebrowsing.google.com/safebrowsing/report_phish/

        Freedom Assistance Program, Elon Musk Heater, & Grandparent MistakesEver heard of the “Freedom Assistance Program?”  We hadn’t until one of our readers sent us a voicemail left on her phone from “Jake.” He told her that she could be eligible for $38,000 in assistance, and without an extensive credit check.  LOTS of people have been reporting this robocall lately and believe it is a scam. This includes this post on 800notes.com, this post on Robokiller.com and this post on Scammer.info. The call came from 540-302-3214 and you are asked to call back 844-616-7616.  Enjoy….

        Scammers will sometimes use celebrities as clickbait to try to manipulate your clicking behavior.  Take this email showing Elon Musk. He appears to be promoting a portable heater as a way of staying warm this winter and saving money. Hang on…. Elon Musk needs to promote ways to save money on heating bills?  We don’t think so!  This clickbait came from a crazy crap domain name and the links ALSO point to Googleapis.com! Fortunately, VirusTotal shows us that one security service found that link to be malicious.

        Delete!

        Wow! Talk about manipulation! Check out this email intended for grandparents. It was supposedly sent by Psychology Diary but clearly did not. “Worst Mistakes Grandparents Make Without Realizing It.” The links point to a weird domain called taxnaut[.]com which will then redirect visitors to the read Psychology Diary website. This is NOT a good sign!  Also, taxnaut[.]com was registered just a few months ago and is hosted on a server in Amsterdam.

        Deeeeleeeeete!

        Facebook Invitation, Confirm Your Shipping — This email came from a free Outlook account in France. The sentence in it is bizarre and clearly not written by a native English speaker! More importantly, the link you see for facebook.com DOES NOT point to the social media site!  It points to a very malicious website in the South Pacific Territory called Tokelau. Malware was found at the end of that link but you might be too distracted by the photo of the woman to notice you’ve just been infected!

        Our readers send us LOTS of bogus emails disguised as shipping problems from the USPS, Fedex, UPS and others. We could create an entire newsletter using only these threats!  Check out this one claiming to be from UPS but it came from a server in Japan!  The links point to a website where malware lies in wait for your visit before sending you off to a website in France! Supprimer!!! (Delete)

        And finally, we’ll leave you with one more malicious email pretending to be from FedEx and containing links pointing, once more, to GoogleApis.com!  “Your package is stored in our warehouse” and waiting for delivery.  Click the link to be victimized, or lunge for the delete key!

        Until next week, surf safely!

        Copyright © 2023 The Daily Scam and Scamadviser. All rights reserved. You are receiving this email because you
        have subscribed to it via Scamadviser.com or thedailyscam.com

        Keurenplein 41, UNIT A6311  |  1069CD Amsterdam, The Netherlands

        Contact Webmaster