Debt Collection Center? Checking Who Contacts You -- 債権回収センターかな? 連絡を受ける際に確認する責任

Protecting your freedom incurs some very personal responsibilities.

One is the responsibility to check who you are talking with.

Say you get an email from a "CIC Debt Collection Center". What is your first reaction? Do you laugh or panic or just mutter something about scams under your breath?

I just got an e-mail claiming to be from a 「CIC債権回収センター」("CIC Debt Collection Center"). It made claims about me owing a moderately excessive debt for cell phone usage or something.

Hey, let's just plug the text in below, with translaughteration courtesy Google translate. (It's close enough.)

From: 【CIC債権回収センター】[担当 江口] <>
From: [CIC debt collection center] [charge of Eguchi] <>
Subject: (民事提訴通知書)法的措置措置行使の警告
Subject: (civil lawsuit notice) warning of legal action exercise
Date: , 10 Oct 2016 07:23:23 +0900 (JST)

[Notification number 12617963]

Notification form (important announcement matters stated)

Was followed by non-payment of fee in the information sites that YOU of registration information
Therefore, it has received the responsibility of recovery by the portable credit information agency.

▼ unpaid recording information
Billing amount [yen 1,098,560]
(Operating company that it is possible to obtain the payment of arrears and administrative expenses, etc. will have a current right to claim. Code of Civil Procedure Article 110)

Specified deadline: within 24 hours after the notification browsing

At the present time ※, it is recorded as delinquent information to the credit information agency.
If this state is allowed to stand, bank account, use of mobile phones, there is a risk that can not be available for all services in government agencies.

Case without payment, just to be sure on disclosing information about YOU obtained by the background check in a loss of YOU of profit on the Internet, damages claim execution, as well as so take the legal proceedings, such as fraud crime you attach my name to.

If there is a cause to lose the benefit of time, credit standing of the debtor's getting worse is the normal. It is necessary to take action of conservation as soon as possible.
As a first step, is to carry out the notification of the collective payment by the profit loss of the deadline in the content-certified. By performing in the content-certified, it will be the reliable evidence in court.

- How to exempt the arrears is here -
▼ for the withdrawal application ▼
However, if there is no intention of continued use, by carrying out the withdrawal application, you will be able to escape the above described payment.
By carrying out the withdrawal application, it is possible to carry out the withdrawal process procedures, Gold delinquency by unpaid [yen 1,098,560] will be the full exemption.

■ withdrawal application method ■
In the body of this notice described as [withdrawal application], please reply directly.
Withdrawal application, be sure to go to within 24 hours after the notification browsing.

When you have finished the withdrawal process procedures, arrears that are occurring at the present time is in full exemption, it will be canceled completely the registration information, and the like.

IP Address:****.***.***.***
[IP information and equipment information]
Viewing date and time, to record information such as the use of equipment access source.
IP Address:... **** *** *** ***
If allowed to stand in spite of it was confirmed this notification, do the legal action.

※ About Us ※
Do not do inquiry by telephone.
We ask that you please an inquiry by e-mail.

Note that, if I thought there was anything at all to this, I wouldn't be playing with google translate. I'd take this to the community help desk (市民相談窓口 shimin soudan madoguchi) at the city offices.

Okay, let's see.  Think before we act, of course.

Collection agencies will try to encourage payment of bad debts, but this is the first time I have heard from these guys.

Don't let the translaughteration fool you. The Japanese wording is way too strong for a first contact. A legit collection agency will not try to make you mad at them before they say hello, I think.

Organized crime, on the other hand, has nothing much to lose if they fail to scare you, and they can win big if their threats get you to act without thinking.

There are two very strong tell-tales in the above text:

One, the IP address they are claiming I accessed from elided. They claim they have it, but they don't tell it to me:
第一は IPアドレスを主張するけど、教えてくれない。
IP Address:****.***.***.***
In other words, they did not want to spend the money to find a real address I might have used to access the site they are implying they have proof I accessed, and they do not want to give me a random IP address I could check. (Odds that it would be an IP address I use are less than one in a hundred million, you see. If it were one in a hundred, or even one in a thousand, they might risk that game.)
つまり、私が接続するに使うようなアドレスを調べるほどの経費などがもったいなく、先ずは持っていることを言う。断言する。しかも、こちらが確認できる手当たりに出た IP アドレスを使うと私がその訳わからんアドレスを見て笑うにはそちらの負け。私が使うアドレスを当ててみようと、確率はめちゃくちゃ少ないです。百分の一でもあれば遊んでもいいけど、千分の一でもあればやるかもしれないけぢ、確率は億分の一でも無い。 

Now, if I am foolish enough to reply, they can extract such an address from my reply and pretend they already had it. (So it's a good thing I haven't been foolish enough to reply.)

The other, they do not want contact by phone. Owning a Japanese phone number would give the Japanese police enough evidence to go after them for wire fraud.

Two strikes.

But it might be an inexperienced collection agency.

Third strike is that I have never heard of these guys, and I am very careful about how I use my cell phone, etc. There would have to be some serious malware in my stuff to rack up ten thousand dollars worth of bills with someone I do not know.

Just for fun, let's look for external clues. We'll go to our favorite search engine. (google, yahoo, duckduckgo, etc. Microsoft's own bing if you absolutely must.)

Plug in
CIC Debt Collection Center
Nothing useful, no company website for such a name. Oh, well. Now we try the original Japanese.

Again, no institutional web site for "CIC Debt Collection Center". In this age of the Internet, that's a huge flag. If the place is legit, why wouldn't it have a web site?

But, this time we get a huge list of links warning, some even in English, that this is not legit. Most of those say, "DO NOT CONTACT!!"

Do not contact. 連絡するな!

Very good advice. Never contact someone you don't know, who can't give you good reason why you should know them. Especially if they are threatening you.

Speaking of which, let's look at the return address.

The declared "From" address is
From: 【CIC債権回収センター】[担当 江口] <>
The only part of that which the mail system actually sees is

The top level domain, "site", is a completely meaningless domain. Anybody can do anything in that domain from anywhere. It's hard for ordinary people to trace, and there's no real regulation in the way subdomains are sold. Prime TLD for fun, vanity sites, and scams and frauds.
最上位のドメインの "site" (「サイト」)は特に意味がありません。我々のような人なら、その実を追い詰めるのが難しい。階ドメインのバイバインには規制など特にありません。お遊んだり、自慢サイト作っったりするところです。ソして、詐欺などに便利です

Unfortunately, some legitimate organizations think it's a convenient TLD for semi-official auxiliary sites, as well. I wish they wouldn't do that.

Well, let's look up "".

Do not plug that into the URL blank in your browser. You do not want to go there. You want to find out what people are saying about the site.
ただし、ブラウザの URL 欄に直接入力してはいけません。行きたくありません。そのサイトの評判を見たいのです。皆がなにを言っているのを読みたいのです。 

Get yourself to your favorite search engine's homepage/search page, so you know that the search will go through their search engine, and quote it, in the search form, just like this:
Leave those quotes on it, to try to tell the search engine not to be helpful and take you straight there.

(If you go direct to that site, your best guess is that their site will try to infect your browser with malware, track you, and do other not-nice-things to you.)

My search results show a lot of warnings about fraud, again.

Let's look at more of the headers. (Find "Show source" or something similar in your mail user agent menus. In Sylpheed, it's under the "View" menu, I think.)

Return-Path: <>
Received: from
( [nn1.nn2.nn3.nn4])
    by (MYISP Mail Server) with ESMTP id XXXXXXXXXX
    for <>; Tue, 11 Oct 2016 05:12:46 +0900 (JST)
Received: from ( [])
    by (Postfix) with ESMTP id XXXXXXXXXX
    for <>; Mon, 10 Oct 2016 07:23:23 +0900 (JST)
From: =?iso-2022-jp?B?GyRCIVobKEJDSUMbJEI6RDgiMnM8fSU7JXMbKEI=?=
Message-ID: <>
Subject: =?ISO-2022-JP?B?GyRCIUpMMTt2RHNBSkRMQ049cSFLSyEbKEI=?=
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Mon, 10 Oct 2016 07:23:23 +0900 (JST)

Note that I've carefully ripped out (substituted) everything that could identify me:
  • my-userid -- my email user id from, as in "myname"
    "myname" のように、私の eメールユーザ id の置き換え
  • -- my isp's domain name, as in ""
    "" のように、私の isp のドメイン名の置き換え
  • -- my email address, as in ""
    "" のように、私のメールアドレスの置き換え
  • nn1-nn2-nn3-nn4, nn1.nn2.nn3.nn4 -- the numeric (ip) address of an intermediate mail server
    仲介のメールサーバーの ip アドレスの置き換え
  • server4 -- an internal mail server name at my isp
    私の isp の内部メールサーバーのサーバー名
  • MYISP -- again, my isp
    また私の isp の置き換え
  • XXXXXXXXXX -- identifying hexadecimal (base 16) code number
  • NNNNNNNNNN -- identifying decimal (base 10) code number
  • dates -- I've substituted dates, as well.

The "From" and "Subject" lines look weird, but that is just an ISO encoded representation of the Japanese in the From and Subject lines.
"From"行も "Subject"行も変わり者に見えますが、文字化けのように見えますが、そうではなく iso 基準のもと日本文字が記号化されています。 

Anything else useful?

The Return: address will try to get me to reply through a "" with an address that is made of my e-mail address. Makes it easier to find out took the bait.
返信ようの Return: アドレスが ""を経由しているのは私のアドレスを指摘する合成アドレスです。餌を口に加えているのは誰?と簡単に指摘できます。

That kind of thing used to be strongly indicative of fraud, but there are some (semi-) legitimate businesses that cut corners that way now. I wish they wouldn't do that.

What about ""?
"" も調べましょうか?

Again, like with "", do not use the URL field. Do not go to the site, or you risk infection, tracking, and worse.
"" と同様に、ブラウザの URL 欄を直接使うのではありません。そのサイトに行きません。行くと感染や追跡も、そしてもっと酷い扱いの危険を犯すのです。 

Use your search engine's homepage/search page web form, and keep the quotes on it:
and we get similar results, reports of fraud and warnings not to go there, not to reply. In addition, "" and "", when searched for the same way (DO NOT go there!), show evidence of being in mail server blacklists.
似た検索結果が出ます。詐欺の警報。行くな!返信するな!の警告。その上、 "" 及び "" を同じように調べると(行かないようね!)メールサーバーのブラックリストに入っているようなことが見えます。

"", on the other hand, may be a semi-legitimate Chinese low-cost provider, that just happens to be convenient for scams and frauds, in addition to hobby use.
一方、 "" はそんなに大変不正でもなさそうです。中国の低価格の趣味プロバイダーで、詐欺にも便利そうです。

So, I should report this message somewhere.

So I do a search for 「インターネット詐欺 報告」  ("internet fraud report").
では、「インターネット詐欺 報告」を検索しましょう。

The national citizen's help desk (国民生活センター -- Kokumin Seikatsu Center) page looks legitimate, because it is a Japanese government ( domain.
出てくる国民生活センターの page は正確なようです。政府機関の公式 "" のドメインの中ですから。

So does the page, which is on the Japanese National Police site. But I guess the police site is more for when you have to report that you've taken the bait and suffered a loss, or otherwise need direct help from the police. There is a page which lists prefectural police sites there:
日本国警察の page も間違っていなさそうです。そもそも警察に持っていく情報は自分が絡まって、損や被害を被った場合利用するところでしょう。また警察からの直接的な助けが必要になった場合。県警のサイトを案内してくれるページの もあります。

The Kokusen page (which is full of potentially useful resources when you have all sorts of troubles) lists two sites for reporting troublesome and fraudulent e-mail:
Choosing the latter leads me here:, where I find a convenient address to forward the evil message to. They want the headers, too, so I'll first show the source text and copy it, then show the normal message text and hit the forward button, then paste in the source text below the message text below a line of dashes, something like this:
後者は に案内してくれます。メールの頭部の指定行を入れてくださいと指導しますので、先ずメールブラウザのソース文字を表示してコピー撮ります。通常表示に戻って転送ボタンを押します。転送のテキスト文字の下にダッシュのぎょうを着けて、ソース文字をそのさらに下に貼り付けます。省略して以下のように見えます。

I would like to report this:
From: 【CIC債権回収センター】[担当 江口] <>
To: [...]

Return-Path: <>
X-Original-To: [...]
  $B!ZDLCNHV9f (B12617963 $B![ (B

and send it to

And, yes, doing this helps establish a line between freedom and mutual carnage, if we don't make false reports.

Popular Posts