Scammers Everywhere

Posted on September 1st, 2013
Previous Article :: Next Article

As some of you may know, I am the webmaster and a member of the organizing committee for the 2013 International Electric Propulsion Conference (IEPC 2013). IEPC is a bi-annual conference taking place at locations alternating between international and United States venues. This year, the conference will take place at the George Washington University, place where I did my Ph.D. research. So far, the conference planning has been going smoothly. That is, with one exception. Turns out there are scammers everywhere, even in such a closed community as Electric Propulsion.

First Contact

On June 21st, we received an email from “Joseph Markos” at “Primex International”, stating the following:

Good afternoon.

I would like to register some staff for this event-
Event: 33rd International Electric Propulsion Conference (IEPC): October 6 – 10, 2013 | Washington D.C., USA
Cost: $650

But going through the registration form, I noticed that payment must accompany registrations and in order for us to complete the payment part of the registration, we need to contact our bank. They will request for an invoice to facilitate the payment. To proceed, we need a pro-forma invoice showing the names of the participant with the total amount due.

Please let me know if you can issue an invoice and what information do you need?


Joseph Markos
PRIMEX® International

This didn’t look too suspicious as this was not the first email asking for registration options. The standard way to register was via the website using a credit card, but some (legitimate) attendees had trouble with the form, or they had to make a wire transfer. So we responded, basically saying there is no problem preparing the invoice, and asking for the number of registrants. Joseph again responded, this time giving us a list of 7 people and also a mailing address in Equatorial Guinea.

Now, I must admit I found this a bit strange, since in all my years of involvement with the EP community I have never come across a company or a research group from Equatorial Guinea. But, partly due to being busy with a number of other things, and also not really expecting a scam at this point, none of us paused long enough to investigate this in more detail.

Virtual Credit Card

Few days later we were copied on an email supposedly from the accounting department:

On Wed, Jul 3, 2013 at 8:48 AM, Accounting Department wrote:
Hi Joseph,

I have spoken with our bank representative this morning regarding the registration payments. Unfortunately we have a limited option here.

Due to the new BEAC restriction, they have temporarily stopped international wire transfer services. He also said our cheque is not an option because it works only here.

But as part of their international payment services, they offer a virtual credit card payment option with certain restriction. This might be our only option to pay the registration payments.

Will they accept credit card for the registration payments? Please let me know before I proceed with this option.

Accounting Officer

We responded that sure, payment by a credit card is acceptable – in fact this was the standard method of payment. To this, Joseph responded on July 17th with this email:

Good news! The virtual card application has been approved by our bank, attached is a copy of the payment invoice. I need to return the authorization form before they finally provide us the virtual card to make the payment.

There are certain conditions regarding the nature of this virtual card payment service which I want you to know. I have also attached a copy of their terms and conditions for your review.

— The E-Virtual card works just like credit or debit cards but delivered electronically via email.
— We will be responsible for the service charges and payment.
— We cannot use the E-Virtual Card to receive payments. Once payment processed, they are unable to provide refunds.

Our bank specifically told us to inform you about the nature of this E-Virtual transaction. Our only concern is regarding the refund policy in case this event is cancelled.

They stated that we can not use the E-Virtual card to receive payments (there are no cancellations or refunds). In case of refund, we will need to follow up with the return policy and work with the company which goods were originally purchased for our refund.

We hope not but there are unforeseen circumstances which might occur and may result to cancellation of the event (e.g due to low enrollment, weather, act of God. e.t.c), do you agree to process the refund via our payment choice (telegraphic method)?

Please check with your accounting department to know if this is suitable. If the term is against your policy, our best option will be payment on arrival.

Please let me know your opinion before we continue with this payment. They will issue the virtual credit card for payment once I return the authorization form.

Please advise.


In hind sight, this was the first big red flag. Joseph was basically telling us that, in case of a refund, it will not be possible to send the refund back to the original card and you will need to wire us money. To avoid scams, you should always refund back to the original payment method! As we found out later, this was basically a variation of the classic cashier’s check fraud. The scammer sends the victim a fraudulent check and asks for money from the victim’s bank account before the bank realizes the check was bad. But since we did not expect the need to issue a refund, we did not pay much attention to this tidbit. We replied again stating that this “virtual” card should work fine as a payment method. On July 26th, we received the online registration for the seven employees of Primex in the total amount of $4,550.

Visa Problems

Many international visitors need to get U.S. visas and we help facilitate this by issuing invitation letters for the attendees to take to the embassy. Joseph next asked us for the letters as he had scheduled an appointment at the U.S. Embassy in Equatorial Guinea. Unfortunately, the appointment did not go as planned:

This is so sad! Unfortunately the visa applications were denied. I tried all I could to find help but the issue is beyond my control. They said there is no document that can guarantee a visa.

Since we can’t do anything more I’d to contact you for help. Please kindly advice us further!


On Mon, Aug 12, 2013 at 4:25 PM, Primex International <manager@primexeg.com> wrote:
Thank you for your message. They were denied under section 214(b) of the United States Immigration and Nationality Act. I will contact our Supervisor tomorrow regarding the visa issue. We may have to seek an immigration lawyer assistance as well on this issue.

I will keep you posted. Thank you.



On Tue, Aug 13, 2013 at 10:23 AM, Primex International wrote:
I have expressed the issue to our Supervisor to see if there is anything he can do to help on the issue of the visa and he made some calls to an immigration expert and a business associate who had more traveling knowledge than him. He was told that they have no influence at the embassy and the decision of the embassy is final. They advised that no supporting document can guarantee or change the decision of the embassy.

In short, he said we have already wasted money on the visa processing (e.g non refundable visa application fees) and he advised we cancel the registrations since they were unable to secure visas to avoid additional fees. I am sorry, I tried all I could but the issue is beyond my control. We don’t want to waste any more fees on the processing.

I am once again sorry that things didn’t work out as planned. Please advise.


Red Flags

As we started discussing refund options it dawned on me that this is likely a scam. I started looking into Primex in more detail, and the red flags just started popping up one after another. Take for instance:

  1. I have never heard of Primex International and Googling them, did not reveal anything. There seem to exist few different companies by this name, and they specialize in totally random, non-EP related activities such as trading pistachios or providing financial services in South East Asia.
  2. Their website, primexeg.com, was simply a front for webmail, see below. This seemed quite strange, especially for a company large enough to send 7 people to an international conference, when most reputable laboratories and universities struggle sending just one or two attendees.
    Figure 1. Primex EG website. Doesn’t quite scream “large company capable of sending 7 people to an international conference.”
  3. Furthermore, by reviewing the headers for their email messages, I noticed the emails were actually coming from Gmail, i.e.
    Received: from mail-pd0-f176.google.com ([]:51851)
    	by cpanel38.au.syrahost.com with esmtpsa (TLSv1:RC4-SHA:128)
    	(Exim 4.80.1)
    	(envelope-from <manager@primexeg.com>)
    	id 1V8tzz-0023A2-JS

    This was further confirmed by reviewing their MX record, shown below in Figure 2. Also, turns out the website was registered and hosted at syrahost.com/dnspackage.com, which are both used by what appears to be the Australian counterpart to GoDaddy, crazydomains.com.au.

    DNS record
    Figure 2. DNS record for primexeg.com from who.is
  4. I also reviewed the registrant info for the domain, and it contained a fictitious address in Ottawa, Kansas, while providing a phone number (fictitious I am guessing) in Ottawa, Canada. None of this points to a legitimate Equatoguinean company!
  5. Finally, reviewing their originating IP addresses in the email headers indicated that they seemed to be using some anonymizing proxy with IP of Again, not something a legitimate company would likely be doing.

Contacting the Embassy

But to give them the benefit of doubt, I contacted the U.S. Embassy in Equatorial Guinea, briefing them of the situation:

Dear Consuls,

I am the webmaster/member of an organizing committee of a technical conference taking place this October in Washington, D.C., http://www.iepc2013.org. We have recently received interest in the conference from a “company” supposedly in Equatorial Guinea. They decided to send total of 7 people which by itself is a pretty unusual occurrence. Well, supposedly shortly after making the registration payment, the visa for all 7 attendees were denied and they are now requesting a refund. Since they paid by a virtual card, they are requesting that the money be wired back. This to me seems like the text book cashier’s check fraud (coupled with the fact we have never heard of anyone from EG conducting research on the topic of the conference, there is no online presence for this company, and even their website is just some webmail). However, just to give them a benefit of doubt, I was hoping you could confirm whether there in fact has been an appointment on Friday, August 9th for the following individuals:

>>>>> >>> Mr. Kedi Martin
>>>>> >>> Mrs.Michelle Raphael
>>>>> >>> Mrs.Karina Dingaan
>>>>> >>> Ms. Valentin Adjorlolo
>>>>> >>> Mr. Katalemwa Chueu
>>>>> >>> Mr. Barcza Bakumeni
>>>>> >>> Mr. Yamba Keith
>>>>> >>>

Thank you!

I sent the email in the evening of August 19th, and to my great surprise, I had the response when I woke up the following morning. As expected, the Embassy had never interviewed nor denied them. What however surprised me was that this was not the first time somebody came asking about Primex:


Yours is one of several similar emails we’ve gotten from companies who’ve been approached by Primex with a similar story. We don’t know exactly what’s going on, but it appears to be a scam of some sort, involving a virtual credit card of some kind. One of the companies has expressed an interest in speaking to others who’ve been approached – in case you’d like to get in touch with them, their contact info is below.


Visa information is confidential, but I can tell you that we’ve never interviewed anyone by any of those names, let alone denied them. None of those names are Equatoguinean and we’ve been unable to contact Primex by any of the numbers they’ve provided or at the address they’ve indicated on their correspondence.

So, we’re not sure what’s going on, but we’d recommend you tread carefully.

U.S. Embassy Malabo


While I was doing this, the accounts manager at GWU was also doing his own investigation by working with the card processor and the bank to verify the legitimacy of the initial transaction. The same day we received the response from the embassy, our bank representative notified us of chargeback for this registration fee, originating not from this Joseph at Primex in Equatorial Guinea, but from a Tom P. in Canada. Turns out “virtual card” was nothing else but a stolen credit card!

Of course, we notified Joseph of the chargeback and that his use of the card and the request for a refund were fraudulent. To this, Joseph responded on August 21st:

I’m very shocked and disappointed to hear this. That was the payment information we received from our bank and I don’t know why it was blocked or called fraudulent.

I will have our accounting contact the bank asap. I am sorry for the inconveniences and loss this might have caused you or your company.


That was the last we heard from Joseph. I must admit, I am actually quite impressed with “Joseph’s” professionalism. I guess being smooth is a skill required for any successful scammer. And the lesson from all this, as noted above, if offering refunds, clearly specify these can be issued only to the original payment method.

14 comments to “Scammers Everywhere”

  1. September 1, 2013 at 8:33 pm

    Wow! That’s the last thing we expect in electric propulsion group. You did a good job going through all the trouble and finding the scammer. But i still believe you guys should seek professional help to track him and send him to jail. Otherwise this would just be one of the many failed scams for him and he would just move on.

    • September 1, 2013 at 8:39 pm

      I think tracking him down would be quite difficult, especially since I believe he was accessing internet via some Tor-like protocol. This person could be literally anywhere in the world. Perhaps had we sent him the wire transfer, there would be some way to determine where and by whom the money was received. But that was bit beyond how far we wanted to play this game…

  2. Jan
    October 17, 2013 at 2:16 pm

    This is word for word what happened to us. Even down to the seven registrations. Joseph is a professional Scammer. We have received a dispute letter from the Bank now and it is in their hands.

    • October 17, 2013 at 2:30 pm

      Thanks for letting us know! When did they try scam you? By the way, my guess is that they are based in Bulgaria since one of the emails did not have the originating IP masked and it resolved to an ISP there.

  3. Jan
    October 17, 2013 at 3:20 pm

    First registered on the 17th August and are now trying to get a refund.

  4. March 24, 2014 at 12:58 pm

    We have also just had this almost identical scam happen to us for our 2014 NIRSA:Leaders in Collegiate Recreation Annual Conference. This time it was from a gentleman named Moses from a company called Sodexo International, which actually exists. I felt uncomfortable with the refund transaction having to be wired, so I did a little research and came up with this post. Thank you for your information!

    • March 25, 2014 at 3:09 am

      Thanks for letting me know, Angie. I guess they are using the Sodexo name since Sodexo is a well known name around universities, as they run many of the food and entertainment services. But checking the website, the full name is Sodexo Group, not Sodexo International.

  5. Vallen
    May 27, 2014 at 2:04 am

    Thanks for this blog. We have just gone through this with our Australian conference with a man named Moses with compnay Sodexo – with the exact same wording as above. We were cautious but busy so allowed them to register. Now the bank are recalling funds as well as Moses asking for a refund – we googled as knew we had been scammed and here I am. The names he used are:Samuel Ansah, John Ekomie, Botha Maxwell, Manuel Kilonzo, Eliza Kigongo, Joyce Miquelina, Caroline Okwiri,Consolata Kibore.

  6. Mike
    September 19, 2014 at 8:32 am

    Thanks for posting this information. We’ve received a similar request for our conference – slightly different details but same fact pattern. It seemed fishy right away but we weren’t sure until I saw your story here.

  7. Charlee
    March 25, 2015 at 2:06 pm

    We are currently in the midst of this with our International Academy of Nursing Editors Conference. The original contact John Benson of LAWASON✪ International, supposedly in Gabon. He originally contacted the conference organizer using a donotreply wordpress.com sending address and a info@lawason.org reply-to address. With dozen of emails each hour, this initial red flag was unfortunately overlooked.

    We were busy to process registrations and so went through the 3 month process to get the following 10 names registered: Dr. Festus Kahliga, Dr. Bernard Biribonwa, Mr. John Yeta, Mr. Samuel Urassa , Mrs. Faith Onyango, Mrs. Pauline Kurgat, Mrs. Meghan Nyamosi, Ms. Nathalie Basselier, Mr. Lucas Mehlomakhulu, Mr. Tadek Mendy.

    We recently got the “visa denied message and I went to work trying to point where the initial contact started. The red alarm went off when it took 3 months to figure out payment, I should have started my search then.

    I googled the street address in John’s signature: “#371 rue alfred-marche libreville 00241 gabon” and it directed me to “Ambassade du Burkina Faso
    159 Boulevard Haussmann, 75008 Paris 08, France”. I did not find any information on Lawason International as a company, but did find the same group on a registration list of the International Fruit Tree Association conference. Almost all of the same names showed up on the registration list for the 58th Annual IFTA Conference, Feb 2015, in Halifax Nova Scotia.

    I’m really glad I found this post! Thank you so much for writing it all out too. You helped me prove my concern had basis.

  8. June 29, 2015 at 6:35 am

    Thanks so much for your thorough investigation posting your findings. We manage a large international medical meeting. The contact we received from a company named “Centrixs Group,” supposedly located in Gabon, is word-for word as you have described.

    The meetings community should be warned about this, possibly through MPI and PCMA as well as specialized organizations such as HCEA.

    • June 30, 2015 at 2:04 pm

      Thanks Rich. Definitely feel free to spread the word.

  9. Kylee
    July 21, 2015 at 4:25 am

    Thanks for this, guys. Feel heaps better knowing it’s not just me. Rich, I have that guy too. Have shared this page with the Conference Organizers group on LinkedIn. Much appreciated.

  10. July 26, 2015 at 3:25 am

    We are organising a big conference in the first week of September 2015. We went through the same series of events from what was described a company called Centrixs Goroup in Gabon. We are now up to VISA PROBLEMS. We became very suspicious and when we investigated the company we found the above. Our last communication with them is given below:


    This is a fraud. Therefore, the game is over. Do not contact us again.

    We have done a Google search and found this, it’s shocking to see the amount of similarity between the details mentioned in the link below and the emails we received from you.


    There is a comment in this link:

    June 29, 2015 at 6:35 am
    Thanks so much for your thorough investigation posting your findings. We manage a large international medical meeting. The contact we received from a company named “Centrixs Group,” supposedly located in Gabon, is word-for word as you have described.

    Professor Al-Tai

    On 24 Jul 2015, at 10:47 pm, Centrixs Group wrote:

    Dear professor Al-Tai

    I was informed this afternoon that the visa applications of the delegates were denied. It is very shocking as we have made all the necessary preparation for their trip and I am very surprised regarding the decision of the Embassy.

    I tried to find help but the issue is beyond my control.

    Since there is nothing more I can do, I’d to contact you for help. Please advice us further on how you can help on the visa matter.

    I will also contact our Supervisor to see if we can get an assistance from an immigration lawyer.


Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre lang="" line="" escaped="" cssfile=""> In addition, you can use \( ...\) to include equations.