Investigating Servmask's unauthorized auto-renewals, broken cancellation links, and refused refunds.
Report Your ChargeHundreds of WordPress developers and site owners are reporting the exact same pattern from Servmask, the developers of the All-in-One WP Migration plugin:
On March 24, 2026, within hours of this investigation launching, ServMask CEO Yani Iliev sent a formal "Cease and Desist" threat, baselessly accusing this consumer protection site of "extortion" for demanding a legitimate refund. They are actively attempting to use Hostinger and domain registrars to silence this investigation. We are publishing his threats here in the interest of public transparency.
From: Yanislav Iliev <yani@servmask.com>
Subject: Cease and Desist - Trademark Infringement, Defamation, and Extortion - allinonemigration.com
I am Yani Iliev, Founder of ServMask, Inc., the owner of the registered trademark "All-in-One WP Migration" (USPTO Registration Number 6,124,087).
This letter serves as formal notice that you are engaged in activities that violate federal and state law, including:
1. Trademark Infringement (15 U.S.C. 1114)
The domain allinonemigration.com incorporates our registered trademark without authorization. The site is designed to create confusion with our product and brand. This constitutes trademark infringement under the Lanham Act.
2. Defamation
The website contains false statements of fact about our business, including the fabricated claim that we operate a "dummy cancellation API" that fails to stop billing, and that we charge customers after cancellation. These statements are demonstrably false and are causing harm to our business reputation.
3. Tortious Interference and Encouragement of Fraud
The website provides step-by-step instructions encouraging visitors to file chargebacks against our payment processor and to submit regulatory complaints based on false information. Encouraging fraudulent chargebacks constitutes tortious interference with our business relationships and may constitute wire fraud.
4. Extortion
Our support records document the following timeline:
- March 24, 2026 at 19:47 UTC: You demanded a refund for a scheduled subscription renewal
- March 25, 2026 at 01:28 UTC: You threatened to launch a website and campaign against our business
- March 25, 2026 at 01:41 UTC: The domain allinonemigration.com was registered (13 minutes after the threat)
- March 25, 2026 at 01:52 UTC: You confirmed the site was live and threatened to use 50 staff members and paid advertising to campaign against us
Conditioning the cessation of harmful actions on receiving payment constitutes extortion.
Notice
We have filed trademark infringement complaints with both your domain registrar (Openprovider/Registrar.eu) and hosting provider (Hostinger). The registrar has initiated suspension proceedings.
We have also filed a claim with our insurance carrier under our Cyber Liability policy for cyber extortion and reputational harm. Legal counsel has been engaged.
"This message contains confidential information. Please do not forward, copy, or share it without permission."
You cannot rely on their website to cancel. Because users report the onsite cancellation links are broken, and because there is no account dashboard, the only guaranteed way to stop future charges is to bypass them entirely. You must contact your bank to dispute the charge and block Servmask, or file a formal fraudulent billing complaint directly with Stripe Support.
Exactly. This is a massive red flag and core to their premeditated scheme. Unlike legitimate SaaS companies, Servmask intentionally omits a user dashboard. They force you to rely on unauthenticated "magic links" sent via email—which frequently go to spam or simply fail to process.
Pro Tip: If Servmask suddenly adds a dashboard today to cover their tracks, victims can use the Wayback Machine (Internet Archive) to legally prove to regulators and banks that absolutely no account management option existed when they were unlawfully charged.
They claim to not issue refunds for digital products but reserve "sole discretion" to do so. However, consumer protection laws regarding unauthorized auto-renewals supersede their internal website policies. If you were charged without a 30-day notice, you are entitled to a chargeback.
Yes. Servmask operates as a registered US Delaware Corporation. Under the federal Restore Online Shoppers' Confidence Act (ROSCA), which is enforced by the FTC, they are legally required to provide a simple, working mechanism to stop recurring charges. Operating a "dummy" cancellation button and refusing to provide a management dashboard violates federal trade regulations.
ServMask relies heavily on the free WordPress.org plugin repository to acquire users. The WordPress Foundation aggressively protects the community from predatory billing, "SaaS-jacking," and bad-faith actors. Reporting their scheme directly threatens their primary distribution pipeline.
The Consumer Financial Protection Bureau (CFPB) regulates processors like Stripe. By reporting Stripe for harboring ServMask, you bypass lower-level support reps and force Stripe's federal compliance team to investigate. The FBI's IC3 logs cyber-enabled financial fraud, ensuring this operation leaves a permanent federal footprint that impacts their ability to secure future banking or venture capital.
An 'F' rating on the Better Business Bureau severely damages their B2B trust and enterprise sales since it ranks at the top of Google. Furthermore, Visa and Mastercard have strict Core Rules against deceptive auto-renewals. Reporting merchant violations can place them in monitoring programs, resulting in massive monthly fines or total network bans.
Do not let them keep your money. After filling out our class action form below, hit them from all sides using these official channels:
Stripe is the payment processor facilitating this scheme. Report Servmask for fraudulent billing practices and violating Stripe's Services Agreement.
Report Merchant to Stripe Support →Submit a formal consumer fraud complaint to the Delaware Department of Justice Consumer Protection Unit (CPU) regarding their unauthorized auto-renewals.
File Delaware DOJ Complaint →File a complaint with the Office of the State Bank Commissioner against both the merchant and the payment processor for facilitating deceptive financial transactions.
File OSBC Complaint →Call the number on the back of your credit card immediately. State clearly that this is an "Unauthorized Recurring Transaction" and that the merchant's cancellation button is non-functional.
File a report with the Federal Trade Commission. Report Servmask for operating a deceptive subscription model and violating ROSCA regulations regarding auto-renewals.
File an FTC Complaint →Email the WordPress Foundation directly to report the All-in-One WP Migration plugin for predatory billing and SaaS-jacking users.
Email plugins@wordpress.org →Report Stripe to the Consumer Financial Protection Bureau for enabling a merchant engaged in unauthorized billing and failing to enforce compliance.
Submit CFPB Complaint →File a report for cyber-enabled financial fraud regarding a US corporation bypassing cancellation mechanisms to execute unauthorized international charges.
File IC3 Report →File a formal complaint against ServMask, Inc. through the Delaware BBB to impact their enterprise trust and B2B search rankings.
File BBB Complaint →When disputing the charge with your bank, explicitly request that they file a "Merchant Violation Report" against ServMask for violating Visa/Mastercard Core Rules regarding auto-renewals.
Fill out this secure form to add your case to our database for a potential consumer protection class action lawsuit against Servmask. You could be entitled to an awarded judgement.