December 12, 2020
A double scam?
While I was doing some research around the progress of the Envestio case, I suddenly come across an active site http://envestio.com. In my previous posts I wrote that my p2p journey with Envestio ended with a 404 SCAM error. See the following links:
https://dollarbill.online/envestio-update-404-4ever/
https://dollarbill.online/envestio-update-404-web-site-not-found/
https://dollarbill.online/envestio-journey/
To my surprise I come across a link to the Envestio website with the projects as offered at the time at https://www.envestio.com/en/projects/
There is no more than a first page. When opening a project, direct reference is made to a general page.
What is immediately noticeable is that a new icon has been added, namely a payment with Bitcoin icon. All alarm bells will ring for me right away, but this link also refers to the same page above.
The site is (partly) secured with a certificate that shows that it was issued on 30-10-2020 by Cloudflare for the domains envestio.com, * .envestio.com and sni.cloudflaressl.com.
The login field is also available. Of course I have not tested this because my username / password combination can be captured with it. Not a disaster in itself, because I use a unique 16 character complex password for each platform.
Funny detail is that even the location data and opening hours are still listed for a company that no longer exists
According to the blog, a new investor was hired on November 27, 2020 Mr. Eduard Ritsmann. It shouldn’t get any crazier, where do we know that name again 😉
https://dollarbill.online/envestio-reacts-to-panic-on-baltic-crowdfunding-market/
Next step a check on who.is to find the owner of the domain name
And that unfortunately ends this trail. The owner of the domain has registered via ‘domains by proxy‘, which means that the real owner of the domain remains out of sight
For the time being it is not clear what the purpose of the site is. But I also see that it is being worked on. I suspect someone has registered the domain name in order to eventually abuse it (bitcoin button) or to retrieve login details. Hereby also the warning to NEVER TRY TO LOG IN TO THE SITE! and use a privacy-friendly browser.