Christopher Lawell and the CraigslistSafe.LocalSafe.org Scam: A Review of the Evidence So Far

Let’s review everything that has been discovered regarding the scam site CraigslistSafe.LocalSafe.org and Christopher Lawell over the past few weeks.

On November 17th, a post was made on this blog that showed the following:

  1. Mysafenet.net, CraigslistSafe.LocalSafe.org, and some of the other sites used for the scam were all in a DNS zone that was administered by someone with the e-mail address finishlinehosting@cli-us.com.
  2. Cli-us.com is the website for Christopher Lawell Inc (CLI). At the time, the site consisted only of a home page with his logo.
  3. There was a publicly viewable LinkedIn profile for the Christopher Lawell of Christopher Lawell Inc that showed he lived in the Las Vegas area.
  4. There was a dating scam site called CraigslistSafe.SafeAndLocal.org that was discussed on Broadbandreports.com that was registered to Christopher Lawell of Henderson, Nevada. This site was very similar to CraigslistSafe.LocalSafe.org.
  5. Christopher Lawell wrote articles showing people how to spam Craigslist, which is one of the methods used by scammers to get traffic to these fake dating sites.

That same day, a little while after this post was made, complaints about the scam were sent by e-mail to Ecatel (the ISP for the scam sites), finishlinelinehosting@cli-us.com, and ThePlanet.com (the ISP for one of the sites used for sending the scam messages). These complaints contained a link to the blog post. Within a few hours, the scam sites hosted by Ecatel were shut down and Christopher Lawell hid his LinkedIn profile and removed his company’s logo from cli-us.com.

A few days after this, Christopher Lawell’s links to these scam sites were publicized. On November 26th, after some joker made a mock Facebook profile for Chris that some of his friends saw, he wrote a letter in which he denied having taking part in the scams and also denied ever being involved in marketing porn.

First, he said that regarding the hiding of his personal information:

When someone brought to my attention several days ago your current campaign against me, I contacted my attorney and they said to “lock everything down and wait for it to blow over. Addressing these claims will only fuel the fire.” At that time I took down my image from cli-us.com and locked down my linked in account…

But this just doesn’t agree with the facts. The personal information was hidden just a few hours after the e-mail message was sent to Ecatel, ThePlanet.Com and finishlinehosting@cli-us.com informing them of the post on this blog with the evidence implicating Chris in the scam. Outside of that single post and the complaints e-mailed to the ISPs and cli-us.com, there was no mention of Christopher Lawell in regards to the the scam anywhere on the Internet.

Second, he gave this story of how the site SafeAndLocal.org got registered in his name.

Over a year ago, I had someone contact me via my web design company 350dollarwebsites.com where we register domains then design and host websites for businesses that may not have a web presence. The person said they would like to register a domain and buy a hosting account. They already were working on a web design so I registered the domain he asked for with my Go Daddy account and set up a hosting account for him. I figured, why not, it’s an easy $20. I was notified at a later date by HostGator (my webhost) that he was violating our terms of service and I promptly canceled his account and refused to refund any money. He hassled me for some time and I blocked him on IM and email and he went away., or so I thought. When the complaint showed up on the broadband reports forum, I wrote multiple letters to the admins of that site explaining the situation and asking that the thread be removed, they ignored every request.

This story makes no sense. Since he registered the domain, he owned it and controlled it. Therefore, once he had suspended the account of this alleged client of his, SafeAndLocal.org would have been shut down and it would no longer have existed by the time the thread on Broadbandreports.com was created; there would have been no site for the people in that thread to discuss.

Even though this story makes no sense, he used it as a setup for his claim of how he believes that the e-mail address finishlinehosting@cli-us.com got to be used for the administrator of the DNS zone for the scam sites.

You base the fact that I am involved in this scam because my url “@cli-us.com” was used in registering the hosting account. However, I can start a hosting account right now with your email in it and it doesn’t mean that it is your hosting account…. It appears to me that this person who signed up for the domain registration and web-hosting through 350dollarwebsites.com using faked credentials and a stolen or fake PayPal has found a way to get back at me by listing my url as his hosting contact.

To begin with, the cli-us.com address wasn’t used for the scam sites’ registration information, it was used for the administrator of the DNS zone for the sites. This information is stored in the sites’ SOA records. Registration data is easy to fake while SOA records are controlled by DNS server administrators. In addition, the SOA record for a site is rarely seen by people. The registration information is of general public interest but the SOA record is almost never looked at by anyone other than DNS server administrators. If this alleged client of Chris was looking to get back at him by stealing his personal information, putting that information in this obscure place would not have been an effective means of doing that.

Finally, Chris tried to blow off the proof that he has had experience spamming Craigslist by talking about the articles he wrote on the subject as if they were mere attempts at article marketing. He didn’t address the content of the articles, and what that content says about him, at all.

The Craigslist article you point to was an early attempt at article marketing 3 YEARS ago. If you will notice in the article, there is reference to an affiliate link that no longer even exists. As I am sure you know, 3 years on the internet is a lifetime. I have not posted on Craigslist more than 1 ad per month (probably longer) in years.

As if all of this weren’t suspicious enough, further investigation revealed that

  1. There is someone on the site Freelancer.co.nz who has the alias VegasChris, lives in Henderson, and is affiliated with the company CLI. This VegasChris has placed ads looking for people to post fake dating ads on Craigslist for him. He also placed an ad looking for someone to ghost write articles on internet gaming for him. Christopher Lawell said in his letter that he makes money from “internet marketing efforts in the online gaming vertical”.
  2. There is also someone on the site MoneyMakerDiscussion.com who uses the alias VegasChris. This VegasChris also posted ads looking for people to spam Craigslist with fake dating ads and moreover we saw that he discussed his involvement with marketing porn for the site PornProfit.com. He used to use his board posting signature to promote the company InCorp of Henderson, Nevada and he says that he used to be the VP of a mortgage company, just as Christopher Lawell once was. In addition, he once mentioned Chris Lawell’s company Clearline Media as an example of some good website design that his friend SnBirdi did.
  3. On Facebook there is a profile for a Chris Lawell who posted an advertisement for the chatbot MiyaBot on his wall back in March. VegasChris of MMD has also promoted MiyaBot a few times and is in fact the owner of the company MiyaBot. VegasChris’ friend SnBirdi, the website designer who worked on ClearlineMedia.com, also designed MiyaBot.com

Now, tell me, when we consider all of the evidence discovered, and also consider just how full of holes the explanations in Christopher Lawell’s letter were, what are we supposed to conclude?

UPDATE

It has now been confirmed that Christopher Lawell is VegasChris. See the evidence.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: