How It All Began:
So, I'm sitting here, minding my own business, sifting through the mail the other day, and something unusual catches my eye. The first thing that I notice is that the name is wrong. It has an incorrect variation of my name, along with an email address which is unassigned on my domain. The latter got it caught in my catch-all, the former made me a little curious. In general, the only people who use that incorrect variation of my name are people who make the incorrect assumption that that is my full name. It's not. Before I send this into the memory hole, and block the sender's IP and domains as spam, I notice that it's also referencing a client's company by name. Perhaps I will have to look a little deeper into this. What could have happened? Disgruntled former employee? Possible. There have been enough of those, and some guesswork instead of seeing my actual business card may have yielded to guessing. One of the machines got infected/hacked/compromised? Possible, but would not explain the wrong name and email. That would involve guessing or assumption. Combing social media/search engines? Client thinks so, but I say "very unlikely". I say that because there are absolutely no professional listings that would use either name or email. There are a couple other scenarios, but the most likely are some contact of his, along with some guesswork.
What it said:
Basically, I was addressed by (incorrect) name to be a guest of a Shelly Fitzgerald. The email was written as a follow-up (titled as such) to an invitation to a "Chicago Tech Summit" at the Marriott Medical District/UIC "at no charge". However, I'm encouraged to "register right away", and I'm given a link. At this, she signs off as "Planning Director, Chicago Tech Summit". Conveniently there is no contact information. From my years in dealing with spam, I'm skeptical of return address validity. I do a little lookup:
host chicago-summit.com
chicago-summit.com has address 69.94.129.202
chicago-summit.com mail is handled by 10 mail.chicago-summit.com.
I looked up the domain, too, and here is the significant Whois information:
Domain Name: CHICAGO-SUMMIT.COM
Registry Domain ID: 1941529691_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2015-06-23T13:38:22.00Z
Creation Date: 2015-06-23T20:38:00.00Z
Registrar Registration Expiration Date: 2016-06-23T20:38:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
In bold I've noted that this "Chicago Tech Summit"'s website was just registered on June 23. I left off the registrant information because they used Privacy Guard, who there's nothing useful other than the registration dates and registrar. I also don't find any significant references to it on the Internet - at least nothing positive. Time to check it out. First thing up, this site screams "cookie cutter". I'll circle back to this in a bit. Something that stands out to me is the sheer volume of "corporate sponsors"
Following up what appears to be a logo-collage, is a schedule of the day's events for this "tech summit". For some reason (maybe because this is my field?) the itinerary looks fishy. Maybe that it doesn't seem to mesh with the sponsors, maybe there is no advertised or suggested keynote speaker. Maybe it's some of the vague terminology in the "schedule of events"?
There's still also the "free" aspect, which seems to ring that bell about a free lunch - since lunch is included too.
So, as I look on this page, the only thing I see is a phone number (312) 491-1234 (this is the hotel phone number). By the way, as of the writing of this, the hotel does have an interest reservation, but it's not guaranteed, and the names affiliated do not match. What they have is "Biz Summits". I'm even more suspicious now.
I look a bit deeper...
At this point in time, I have looked at the domain (chicago-summits). On the surface, this seems a dead end, since I don't have much to go on from. Ahh, but I also have the email headers. This indicates to me that the email came from a device called "shelly-mac" on an internal network to the server "columbussummit.com". Looking at this site, it appears pretty much the same as chicago-summit. Pictures are the same, the domain was registered the same day, same registrar, and the same privacy guard as the Chicago. The only differences are that this one is hosted in a hotel in Columbus, OH, and has the hotel's info: The Westin Columbus - (614) 228-3800.
host columbussummit.com
columbussummit.com has address 66.118.163.227
columbussummit.com mail is handled by 10 mail.columbussummit.com.
I am noticing something though an email with a techsummits.org domain. Techsummits.org has a little more info in the whois. For instance, they list a registratnt of Biz Summits, with an Atlanta, GA postal address. They also list a human as their point of contact - Shelly Fitzgerald (I've read that name before....). For the time being, I will refrain from posting the contact number, as the Tennessee phone number listed in Whois is apparently her personal cell phone, and she was very surprised to have a phone call on it regarding the... anomalies ... in her email. She did her best to assure me that this is a legitimate "summit" and should prove valuable, and such. Sorry, but I'm not buying it. I'm also noticing the "confidentiality notice" in her email. She would like me to mail her so that she can figure out "how I got contacted, in the manner I was".
As I'm listening to her try to go into snake-oil mode, I'm also noticing the "confidentiality notice, which again has the wrong name & email address. However for contact information, it tells me to contact a Thomas [left out] at [Address Withheld] in Kankakee, IL. A public records search of that man's name shows two people in America with that name. There is a possible 80+ year old man in Michigan, and a 65+ year man in Indiana. Neither is close to Kankakee. In fact, the woman at the Kankakee address has had her postal address used and abused by purveyors of the bogus, and this is just one more thing with which she is not affiliated.
A little deeper into it...
Using the phone number and contact name from the "techsummits" whois, I run a search. It wouldn't be a surprise to see that it's either a fake number, or has a ton of complaints. The number matches up with some other cookie-cutter "summit" sites. They also reference Ms Fitzgerald connected to this phone number. This is the point at which I made my contact. She did seem genuinely surprised, as she thought her number was sanitized from the websites.
I mentioned earlier about the "logo collage" on the page. It's interesting that some of these "sponsors" don't know that they're sponsoring events in at least two cities (per the email referencing Chicago, and coming from Columbus). Playing around with certain keywords, other cities can be found to be tied to this outfit - more than just two cities.
I also find interesting the low quality that went into putting this together. I would expect a company that is claiming to be on the cutting edge with "tech summits" to inform guests of the latest and greatest; would have such mediocre presentation, images lifted from other sites, and very poor SEO. In order to actually find a first-page result with Google, I need to to provide more search terms. This doesn't do well for their visibility.
Also interesting is that when I plug in some other terms (like "BizSummits") I find a lot of people that take issue with the parent/other aspect of this "company". For instance this site breaks down some similar *summit emails over a few year period of time. This one from 2012 describes how one individual questioned the legitimacy, with her follow-up detailing an attempted (empty) threat by a representative of the company for daring to question legitimacy. Getting a bit more direct, this link calls them out as the scam they appear to be. Not only are the "advertising tactics" called into question, but the photos used for the web sites are shown to be pilfered from other web sites. hrm, I wonder, if they get their pictures and templates from others,... do they actually buy their software, or .... (Not accusing, just wondering....).
That last page also includes a conversation thread where the "executives" are attempting to bribe their way into having the post removed/amended with "free membership". They're also attempting to shout-down criticism. Riddle me this, Batman: If this *summits outfit is so big, and busy and whatnot, how doe their executives have the time to get into spats with bloggers?
I found another interesting thing about them. Their signup page? Well, that's not secure, either. So, they have a web submission form, where you can put in all your personals - including CC, expiration, CVN. It looks an awful lot like most of the bank scam sites I've reported over the years. But, even if they are "legitimate business people", the payment site is not secure, and subject to malicious behavior.
My conclusion:
I see a lot of scams cross my inbox and catchall. This feels like another one. Frankly, I don't care if Shelly Fitzgerald, Michael Price, or Kristin Mathis get their knickers in a twist over this. My opinion is my opinion. It is not for sale in exchange for snake oil, and I do not intend to retract this. My conclusion is based on the following facts:
- The "summit" domains were mostly registered with privacy guard just over two months ago as of the time of this posting. If legit, I would expect them to proudly attach their name.
- Basic Internet searches for the events (which if truly sponsored by the claimed corporations should be highly ranked) reveal second or lower page results - This indicates poor SEO, Why would major corporations (or professionals) invest trust or money?
- The advertising is deceptive, and shady (sending to a non-person and unassigned email address, and writing as if they had a pre-existing relationship with this non-entity?)
- The email contains intentionally false contact information.
- There clearly was no "opt-in" to this. There clearly was no pre-existing relationship in any fashion. Nor will there be, moving forward.
- There also was no real "opt out" (not like those usually work with spammers and scammers) either.
- The "summit hosting company" made it intentionally difficult to find contact information beyond hotel phone numbers and addresses.
- The agenda looks to be rushed and vague. No "keynote speakers" are listed. Also, some of the topics seem vague to the point that they appear worth less than a basic Internet search
- If the quality of the program is questionable, the quality of the signup page looks worse. How is it that a "tech summit" is accepting credit cards through a non-secure page?
- Regarding their pages, they seem to copy a lot from others. or just use stock. Professionally, I see this as somewhere between a no-no, and a lazy/incompetent web designer. This doesn't inspire confidence in their leadership ability.
Data:
"Columbus Summit" (from source of email)
host columbussummit.com
columbussummit.com has address 66.118.163.227
columbussummit.com mail is handled by 10 mail.columbussummit.com.
whois 66.118.163.227
[trimmed a bit for relevance]
[trimmed a bit for relevance]
NetRange: 66.118.128.0 - 66.118.191.255
<>
OrgName: Sago Networks
OrgId: SAGO
Address: 4465 W. Gandy Blvd
Address: STE 800
City: Tampa
StateProv: FL
PostalCode: 33611
Country: US
<>
OrgAbuseHandle: ABUSE32-ARIN
OrgAbuseName: Abuse Team
OrgAbusePhone: +1-866-366-3640
OrgAbuseEmail: abuse@sagonet.com
whois columbussummit.com
Domain Name: COLUMBUSSUMMIT.COM
Registry Domain ID: 1941527913_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2015-06-23T13:16:53.00Z
Creation Date: 2015-06-23T20:16:00.00Z
Registrar Registration Expiration Date: 2016-06-23T20:16:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
"Chicago Summit" (from body)
host chicago-summit.com
chicago-summit.com has address 69.94.129.202
chicago-summit.com mail is handled by 10 mail.chicago-summit.com.
whois 69.94.129.202
NetRange: 69.94.129.192 - 69.94.129.203
CIDR: 69.94.129.192/29, 69.94.129.200/30
NetName: DATANOC
NetHandle: NET-69-94-129-192-1
Parent: DATANOC (NET-69-94-128-0-1)
NetType: Reassigned
OriginAS: AS16578
Customer: MICHAEL PRICE (C01244624)
RegDate: 2005-12-15
Updated: 2010-04-28
Ref: http://whois.arin.net/rest/net/NET-69-94-129-192-1
CustName: MICHAEL PRICE
Address: 801 Kellerman Kreek
Address: BIZSUMMITS
City: Marietta
StateProv: GA
PostalCode: 30068
Country: US
RegDate: 2005-12-15
Updated: 2011-03-19
Ref: http://whois.arin.net/rest/customer/C01244624
OrgTechHandle: IPTEC7-ARIN
OrgTechName: Ip Technician
OrgTechPhone: +1-916-366-0170
OrgTechEmail: iptech@lanset.com
OrgTechRef: http://whois.arin.net/rest/poc/IPTEC7-ARIN
OrgAbuseHandle: ABUSE1152-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-916-366-0170
OrgAbuseEmail: abuse@lanset.com
whois chicago-summit.com
Domain Name: CHICAGO-SUMMIT.COM
Registry Domain ID: 1941529691_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2015-06-23T13:38:22.00Z
Creation Date: 2015-06-23T20:38:00.00Z
Registrar Registration Expiration Date: 2016-06-23T20:38:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Reseller: NAMECHEAP.COM
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: WHOISGUARD PROTECTED
"Techsummits.org" (referenced in the website)
As a courtesy, I will not post the whois information, as it appears to contain Ms Fitzgerald's personal cell phone as the number.
host techsummits.org
techsummits.org has address 72.9.103.219
techsummits.org mail is handled by 10 mail.techsummits.org.
Hi Jake, thanks for the feedback (very good input) and we hope to make improvements from it. You are still very welcome to attend the event and that way you could determine if it is worthwhile or not instead of opining that it is not without having attended. We hope to see you there and thanks again.
ReplyDelete- Kristin Johnston, Director, Customer Service
"[A]nd we hope to make improvements from it."?
ReplyDeleteSo.... does that mean what?
Spend money on a webmaster that does more than copy & paste from elsewhere on the internet?
Maybe list legitimate "presenters", as opposed to a copy & pasted alphabetical listing of business names?
Actually posting pictures from an actual even t(if they happen) instead of using other people's images?
Actually using real contact information in your mailings versus using other people's names and addresses?
Speaking of mailing campaigns, maybe go for something a little less shady? As it stands, there is absolutely NO way that what "shelly-mac" sent was based on any legitimate professional networking.
Yes, you're right, I am opining on it without attending. From a professional standpoint, this didn't pass a basic "sniff test". Freshly registered domains, bogus contact information, bad addressing, unimpressive website, and a very poor web presence? Even if I were to give the benefit of the doubt that the "tech summit" aspect is a fresh venture; it doesn't seem a deviation from the prior years' reputation for the parent/related organization.
With all due respect, nothing that I've observed, nor has been presented, has instilled any confidence that it would be anything more than a waste of my time, money and effort to attend your program.
Another clue that it's not legit is a slight variation in Shelly's email address to get past your blocked sender's list. I blocked shelly@ChicagoHealthCareTechSummit.org, and then got one from shelly@ChicagoHealthTechSummit.org.
ReplyDeleteshelly@ChicagoHealthCareTechSummit.org
I signed up for an "HR Summit" it was free. The summit ended up being 'canceled' last minute. Since then I have received dozens of emails soliciting different HR Services from many different vendors. I fear they use the free summits as a way to get your information and sell it to solicitors.
ReplyDeleteThank you for this! I just got an email from "Shelly" I was going to possibly forward the email to higher ups at my company. But something felt sketchy. A google search didn't lead me to the so called Minneapolis Women's Summit, but it did lead me here!
ReplyDeleteI love this, I'm cracking up here. Could we also get a response from Shelly Fitzgerald, who sent me a couple emails about the "Washington Women Leaders conference" (washingtonwomenleaders.org), and who seems to be involved in all conference-related scams, from what I see on the internet? Just google that name and you will see what I mean. Shelly, please reply here! I want to hear how you are also "making improvements" and looking forward to seeing us all in your conferences if your truck doesn't break down.
ReplyDeleteJust received the same scam for one in Los Angeles (however located not in Los Angeles).
ReplyDeleteI got a few different emails from Shelly Fitzgerald, all sent to different variations of my email (we own the domain name), but all addressed to different actual people at my former place of employment. Super mysterious. What's their end game with this complicated scam?
ReplyDeleteI also got an email from "Shelly." She first emailed me about the Chicago Women's Leadership Summit on 7/25 and I responded right away...thinking it was sort of strange, but whatever. Then, she emails me on 8/20 with a "followup", but the email she claimed I didn't respond to was dated 8/9. The website is even showing featured event speakers with pictures and names of actual professional women in Chicago. This summit doesn't show as free though - it's $199. Hmmm definitely seems fishy!
ReplyDeleteGot the same from "Dallas women's leadership". This Shelly is proactive xD
ReplyDeleteScam with linkedin profile informations.
Thanks for the dig up ! Careful guys :)
They're still at it in late 2019! I got a fishy as all hell email from "Shelly Fitzgerald" who was doing a "final check-in" inviting me to a women's leadership summit. Never heard of or from her before so this final check in was odd. The blurb at the bottom had mail merge vomit and it seemed she got my info from LinkedIn. There was no unsubscribe, only an option to reply with the subject "Re move" (sic) "if wished".
ReplyDeleteSheesh.
Shelly is still trying to scam people and it's 2020. I got a suspicious email that used a work email that I don't give out to anyone!
ReplyDeleteHere we are...in the middle of a Pandemic (March 2020) and I too have gotten an email as described above from Shelly Fitzgerald. Misspelled words were the clue to the fakeness of this email. But somebody also went to the trouble of creating a fake LinkedIn profile for a fake employee of my company. Misspelled words here too.
ReplyDeleteHere we are...in the middle of a Pandemic (March 2020) and I too have gotten an email as described above from Shelly Fitzgerald. Misspelled words were the clue to the fakeness of this email. But somebody also went to the trouble of creating a fake LinkedIn profile for a fake employee of my company. Misspelled words here too.
ReplyDeleteI can't believe this is from nearly 5 years ago! I just received an email today from a "Shelly Fitzgerald" today inviting me to the "annual New York Women's Leadership Summit." It seemed suspicious, so I Googled "Shelly Fitzgerald scam" and found this thread. Shelly, what are you still doing?! Why are you still pulling the same shit lol everyone's onto your game
ReplyDeleteYeap, same here but for the New York women leadership summit. The email looked suspicious. Thanks for writing this text and your help!
ReplyDeleteyeah i just got an email for the Milwaukee Tech Summit from Shelly Fitzgerald.. nothing has changed.. same website and everything
ReplyDeleteI just got one for Boston Women Leaders, referencing my LinkedIn profile. Only odd thing was they referenced an older job. I replied and asked for more information and got a link, as well as an odd "I will look through your questions later" even though I sent no questions. The site provided ended with .com, but a quick Google Search showed that the real Boston Women Leaders site is a .org. This is a scam.
ReplyDeletewow thank you so much for posting this. She just invited me to a Women's Leadership Summit. with lots of women leaders. I couldn't find anything on social media about it, only on her NYWomenLeaders.org website.
ReplyDeleteShelly is still going strong, 5 years later. Now it's "Washington Women Leaders".
ReplyDeleteAll the same bullshit but for a philly summit. Keep getting damn emails. Fortunately they are to my work email so they are easier to ignore!
ReplyDeleteThanks for this - just got an email from Shelly for a Chicago Women Leaders conference . . . happy that you've confirmed this is a scam.
ReplyDeleteSeems very scammy to me. I keep getting emails from Shelly Fitzgerald about the Denver Women Leaders Conference. I did make the mistake of responding once and now it seems I'll be stuck on the list forever. Thanks for posting your investigation.
ReplyDeleteIt seems Shelly may have gotten married...or divorced, who knows. Or maybe she just decided to use an alias. She is now going by Shelly Fisher and pestering me about signing up for the "Washington Women Leaders" series.
ReplyDeleteYeah I get the same non stop email spam from the "Shelly" person despite marking as spam repeatedly over the last 16 mos. But mine is for CA. SCAM!!!!!
ReplyDelete