StopScum

January 30, 2005

The CAN-SPAM Act Closes Loopholes

This anemic and vague federal law, which is enforced by the FTC, has been clarified with new definitions for Spam which are effective on March 28, 2005.

The new clarifications by the FTC

1. For e-mail messages that contain only the commercial advertisement or promotion of a commercial product or service (“commercial content”), the primary purpose of the message will be deemed to be commercial. If the recipient would reasonably interpret the subject line as commercial or if the body of the e-mail is primarily commercial, then these emails violate CAN-SPAM.

2. For e-mail messages that contain both commercial content and “transactional or relationship” content as set forth in the Act’s definition of “transactional or relationship message” and in the final Rule, the primary purpose of the message will be deemed to be commercial if either: 1) a recipient reasonably interpreting the subject line of the e-mail would likely conclude that the message contains commercial content; or 2) the e-mail’s “transactional or relationship” content does not appear in whole or substantial part at the beginning of the body of the message. These emails violate CAN-SPAM.

3. For e-mail messages that contain both commercial content and content that is neither “commercial” nor “transactional or relationship,” the primary purpose of the message will be deemed to be commercial if either: 1) a recipient reasonably interpreting the subject line of the message would likely conclude that the message contains commercial content; or 2) a recipient reasonably interpreting the body of the message would likely conclude that the primary purpose of the message is commercial. Factors relevant to this interpretation include the placement of commercial content in whole or in substantial part at the beginning of the body of the message; the proportion of the message dedicated to commercial content; and how color, graphics, type size, and style are used to highlight commercial content. These emails violate CAN-SPAM.

4. For e-mail messages that contain only “transactional or relationship” content, the message will be deemed to have a “transactional or relationship” primary purpose. These emails are permitted under CAN-SPAM.

5. The FTC defined the header for X-rated Spam, as directed by Congress. The subject lines of such messages must begin with "SEXUALLY-EXPLICIT." Also, the sender must provide additional steps to view the explicit content, beyond opening the e-mail.

Source: FTC

So what!

While closing these loopholes does demonstrate a measure of concern, it's really an exercise in futility unless the FTC is prepared to sue numerous Spam Kings and their enablers on a regular basis. As we previously told you in the following entry which opens in new window, a single law suit in over one year by the FTC is totally unacceptable. Given the fact that the CAN-SPAM law does not provide the consumer/surfer with any judicial relief, the FTC must become much more aggressive. Legal action against the Spam king is a given but to really send shock waves, the FTC needs to sue Webmaster affiliates, affiliate networks, and advertisers who either use Spam and or fail to properly "police" third parties..

Posted by Steve_S

January 26, 2005

Internet stock guru will spend time in federal prison

A federal jury in Brooklyn, New York found Internet stock guru Amr I. "Anthony" Elgindy, guilty of racketeering, securities fraud and extortion. Former FBI agent Jeffrey A. Royer, was also found guilty of racketeering, securities fraud, obstruction of justice and witness tampering. Both Scam artists used confidential FBI files to manipulate stocks for profit. Both men face prison terms of 10 to 20 years. Read the court documents.

Elgindy operated Insidetruth.com and AnthonyPacific.com where victims of this scam paid anywhere from $600 per month for a subscription to the site or $100 per month for his newsletter. At the same time that he was fleecing investors out of their hard earned money he was also trading in the very securities he was talking about. Elgindy was also a prolific poster on numerous Stock and Investment Forums and Chat Rooms where he used the name "Anthony@Pacific".

Just say NO

We don't listen to or pay money for any stock experts advice on the Internet. We also view most of the experts who appear on television as suspects which should also be ignored. Why? The Internet is the worst medium for reliable securities advice. Their is no accountability, it's very easy to use assumed names, none of the Forums and or Chat rooms we examined properly investigate posters to determine their track record and expertise. Anyone can say anything they want on their Web site and use fraudulent data to hide. This case clearly illustrates many of these points.

Did any of these investors bother to perform some due diligence on this slime bag? If they would have Googled Elgindy they would have found the following article from 5/16/00 which documents the fact that: " Short-seller and flamboyant Internet message board poster Anthony Elgindy was sentenced Monday by a Texas judge to a $20,000 fine and four months in a federal prison for felony mail fraud." Not a lot to debate since Elgindy pleaded guilty.

Everyone needs some advice

We agree and that's why we read the Wall Street Journal and retain a full service stock broker and a financial adviser. Before you entrust your hard earned money to anyone, you must perform your own due diligence on a prospective stock broker or financial adviser. Spend the time to meet them face to face and use the following questions as a guideline:

What experience do you have, especially with people in my circumstances?

How long have you been in business?

Where did you go to school?

What is your employment history?

What licenses do you hold?

What professional organization do you belong to?

What accreditation do you have?

Are you registered with the SEC, a state, or NASD?

Are the firm, the clearing firm, and any other related companies that will do business with me members of SIPC?

What products and services do you offer?

Can you only recommend a limited number of products or services to me? If so, why?

How are you paid for your services? What is your usual hourly rate, flat fee, or commission?

Have you ever been disciplined by any government regulator for unethical or improper conduct or been sued by a client who was not happy with the work you did?

For registered investment advisers, will you send me a copy of both parts of your Form ADV?

Source: some questions from the SEC.

You want detailed answers with very specific data and not vague statements such as those presented on the AnthonyPacific.com site. If the prospective stock broker and or adviser fails to provide details, do not retain them and leave. Next, Google (Use the SE, News, and Groups) all the data provided. Look for verification of the answers to your questions along with problems. Run a search on the individual as well as the business, and any other relavent data using the Search Systems site. Recommendations from trusted friends have some value but you should still perform your own due diligence.

Posted by Steve_S

January 25, 2005

Spam Tricks: Don't click the opt-out (Remove Me) link or pay money for a do not Spam remove list

Spammers are clever con artist, scam kings, criminals, low life, and all of them belong in jail. In this installment we document a couple of procedures which guarantee that you will receive even more Spam and in other cases part with your hard earned money.

Just Trash the Spam: DO NOT opt-out

I'm sure you've seen the Spam selling pills, mortgages, porn, get rich schemes, etc. This junk often includes a link to remove your email address from the Spam list. This opt-out is a scam to verify your email address and rarely removes you from the list. What it does do is tell the Spammer that the email address works and a real life person is reading the email. If you do click the opt-out link the Spammer uses your address to not only send more Spam but sell it a zillion times to other Spammers. This will definitely increase the amount of Spam you receive so NEVER opt-out.

Other creative ploys used by Spammers

Recently, a bunch of Webmasters received Spam, which was sent to their Whois email address, which offered to purchase their domain for a lot of money. A few of them answered the email which provided the Spammer with verification that the email address works with a human reading the email. Naturally, the Spammer sold the email address to other Spammers. If the email sounds to good to be true or makes unreasonable claims then you should trash it and not respond.

Valentine's Day is just around the corner and we guarantee you that the Spam Kings are ready to capitalize on this holiday which produces about a 40% increase in email which ask you to visit a site and pick up your Valentines Day ecard. Legitimate postcard sites will always tell you the name of the person who sent you the ecard and often provide a validation number to enter so you can retrieve the ecard. If the senders name doesn't look familiar we suggest you trash the email and never provide any other data to the postcard site. We can also guarantee you that some of these Valentine's Day ecards will contain Virus infected attachments which you should never open. Naturally, your machine should have the latest Virus definitions installed, the current Windows update, a robust anti-Spyware tool, and sit behind a firewall.

It was a pleasure stealing your money

Their is no such thing as a "Do Not email List" on planet earth. Sometimes they are known as "Global Spam Remove Lists", "Unsubscribe List" or "Opt-out Service" and they normally ask you to pay money with the promise that your actions will insure that you won't receive any more Spam. We don't care what the site says, how slick the site may appear, or any claims made by the site. They are all a Scam and you should never pay money and or submit your data. For example, UnsubscribeNow.org is a Scam which claims you won't receive Spam after you pay $34.95 per year. This Scam artist even sends Spam to promote the site. As if stealing your money wasn't enough, many of these Scam sites also sell your email address to other Spam Kings which insures the volume of Spam you receive will increase.

Posted by Steve_S

January 23, 2005

The Sale of Counterfeit Drugs: Scam artist goes to Federal Prison

On January 21, 2005 a San Diego federal judge sentenced Mark Kolowich to over 4 years in federal prison and ordered him to forfeit profits of up to $3 million dollars. Kolowich pleaded guilty last year to conspiracy to sell counterfeit drugs, money laundering and committing mail fraud and smuggling. The operation was described by prosecutors as one of the largest illegal Internet drug sales rings they have broken.

Webmasters enable this slime bag

As you might expect, Kolowich ran his own affiliate program from WorldExpressRx.com. He shut down this site in March, 2004 and subsequently sold it. The site featured the following text: "No Prior Prescription Required". Additionally, this case highlights the fact that people were filling out health questionnaires that weren't being reviewed. Did Affiliates bother to perform their own due diligence before they helped this fraudster perpetuate these crimes? Doubtful. Could any of these counterfeit drugs actually kill visitors to a Webmasters site? That's certainly possible.

Did these Affiliate's get paid after the site closed down? Nope, which in our view is a good thing. Why? Because Webmaster Affiliates who are only concerned with making money and ignore laws, ethics, and morality also belong in jail. Your actions are those of an enabler and given the potential to actually kill one of your visitors, we hope the courts eventually sue you and you spend some time in jail.

Due Diligence Tips for Webmaster Affiliates

Tip 1 - Before you join an Internet Pharmacys affiliate program you must perform your own due dillegence. Start with the VIPPS information and verification site of the National Association of Boards of Pharmacy. If the Internet Pharmacy is not listed on this site, don't join the Affilaite program.

Pay special attention to the following requirements that an Internet Pharmacy must comply with to be listed in the VIPPS site:

"Prescriptions - Qualifying VIPPS Pharmacies, in accordance with applicable state and federal laws and regulations, must:

5) Maintain and enforce policies and procedures that assure the integrity, legitimacy, and authenticity of the Prescription Drug Order and seek to prevent Prescription Drug Orders from being submitted, honored, and filled by multiple pharmacies. Maintain and enforce policies and procedures that assure that prescription medications are not prescribed or dispensed based upon telephonic, electronic, or online medical consultations without there being a pre-existing patient-prescriber relationship that has included an in-person physical examination.

Patient Information - Qualifying VIPPS Pharmacies, in accordance with applicable state and federal laws and regulations, must:

6) Maintain and enforce policies and procedures ensuring reasonable verification of the identity of the patient, prescriber, and, if appropriate, caregiver, in accordance with applicable state law;

7) Obtain and maintain in a readily accessible format, patient medication profiles and other related data in a manner that facilitates consultation with the prescriber, when applicable, and counseling of the patient or caregiver;

8) Conduct a prospective drug use review (DUR) prior to the dispensing of a medication or device in accordance with applicable state law; and

9) Maintain and enforce policies and procedures to assure patient confidentiality and the protection of patient identity and patient-specific information from inappropriate or non-essential access, use, or distribution while such information is being transmitted via the Internet and while the pharmacy possesses such information. [The NABP Guidelines for the Confidentiality of Patient Health Care Information as It Relates to Patient Compliance and Patient Intervention Programs can serve as a useful resource for addressing the confidentiality and security of patient data.]" Source

Given the fact that a legitimate Internet Pharmacy may not be listed on the above site, use the following procedures and insure that they still comply with the requirements listed above:

Tip 2 - Spend the time to carefully examine the Internet Pharmacys site. The red flags are always the Prescription Issue and verification. Step through the order form and actually read the TOS and FAQ documents.

Tip 3 - Spend the time to Google (The SE and Groups) the pharmacy and look for Spam complaints like this. Don't join the Affiliate program of any Pharmacy which Spams.

Tip 4 - Ask your Doctor for recomendations.

Posted by Steve_S

January 16, 2005

Spam Ring Sued Twice

The fifth largest Spam ring in the world was sued by the Texas Attorney General on January 13, 2005 and the next day the same Spam ring was sued by Microsoft. We love this double attack which spans Federal courts in the states of Texas and Washington.

The Two Principal Slime Bags

Ryan Samuel Pitylak is a University of Texas student and resides in Austin, Texas. Mark Stephen Trotter is a businessman and resides in Encinitas, California. The case in Texas seeks millions of dollars in damages and alleges that these Spammers violated federal and Texas laws on Spam as well as Texas trade practices. The Microsoft action could seek $1,000 per Spam Email and alleges that they violated Washington state's anti-spam and consumer protection laws by misleading consumers. Microsoft helped the Texas Attorney General by providing more than 20,000 emails that were captured in their trap accounts.

For Your Reading Pleasure

According to the lawsuit, the Spam emails contained official-looking subject lines such as "Re: your past due bills" and "Urgent: Household Loan Memorandum: Please Read." When recipients clicked on links in the emails, they were asked to provide personal information that Pitylak and Trotter sold to other companies for as much as $28 per reference, the lawsuit alleges.

Read what the Spammers attorney (Lin Hughes) has to say

"Ms Hughes said that creative wording has long been an accepted tool employed by people soliciting business. I can't tell you how many times I've gone to my regular mailbox and found a letter telling that inside is an urgent message about my car, then it turns out to be someone offering car repair services. Is that misleading? Was anyone harmed by it? I doubt it. I have a trash can for regular mail and a delete key for my email."

Is that so. NOT! We suggest that attorney Hughes spend the next few weeks actually reading each state's anti-Spam laws as well as the Federal CAN-SPAM Act. At a minimum those email subjects are misleading and our sense and hope is that you have already lost the cases.

Congrats to Texas and Microsoft

We believe this is the first incidence of two separate federal proceedings which span two different states. Both the Texas Attorney General and Microsoft should be congratulated. These dual track actions force the slim bags to defend themselves across two states which cost them significantly more money and time, regardless of the final outcome. It also forces the Spammers to defend themselves against different State laws as well as the Federal CAN-SPAM Act. We hope that this new tactic is deployed by other States who can work with Microsoft along with other major ISPs like AOL. Even AOL and Earthlink could work together and file legal actions in two different states.

Posted by Steve_S

January 13, 2005

The CAN-SPAM Act: Finally Gets Serious

The FTC has has won a court order to temporarily halt a pornography Spam ring that stretches from Las Vegas to Latvia. This is the first Spam litigation brought by the agency under the Adult Labeling Rule of the CAN-SPAM Act. Although we do not normally list the URLs of Adult sites in any of our articles, it's impossible to properly document this landmark case without doing so. Our apologies to our valuable guests if this offends you.

The allegations by the FTC

"The complaint charges that the defendants violated the Adult Labeling Rule by sending sexually-explicit e-mails that: failed to contain the required identifying mark; contained sexually-explicit material within the initially-viewable areas; and failed to include an opt-out before the sexually-explicit material.

The complaint also charges that the defendants violated the CAN-SPAM Act by sending e-mail or procuring third parties to send e-mail that:

Contained false or misleading transmission information;
Contained deceptive subject headings;
Failed to contain functioning opt-out mechanisms or did not contain any opt-out mechanisms;
Failed to identify the e-mail as an advertisement or solicitation; and
Failed to provide the sender’s valid physical postal address.

In addition, the FTC alleges that the defendants violated the FTC Act by falsely stating that membership to their Web sites was free. According to the FTC, by the time consumers realized that the defendants charged a fee for their Web sites, consumers had already given them their e-mail addresses."

Source: Please see the FTC Press Release

The band of slime bags which include an affiliate

The defendant's in this action are: Global Net Solutions, Inc., a Nevada Corporation; Global Net Ventures, Ltd., a United Kingdom Company; Wedlake, Ltd., a Corporation; Open Space Enterprises, Inc., a Nevada Corporation; Southlake Group, Inc., a Nevada Corporation; WTFRC Inc., a Nevada Corporation doing business as Reflected Networks, Inc.; Dustin Hamilton, individually and as an officer or director of Global Net Solutions, Inc., Global Net Ventures, Ltd., and WTFRC, Inc.; Tobin Banks, individually and as director of Open Space Enterprises, Inc.; Gregory Hamilton, individually and as an officer and director of Southlake Group, Inc.; Philip Doroff, individually and as an officer of Reflected Networks, Inc., now renamed WTFRC, Inc.; and Paul Rose, individually; Defendants., United States District Court, District of Nevada.

Webmasters and Affiliate Networks should make note that this action names an Arizona-based affiliate named Paul Rose. This slime bag is AKA "john baker" and uses this email address: idbud@epimp.com. This affiliate uses the following sites to promote the GNS (Global Net Solutions) Defendants Affiliate Program, which he owns: bjkandy.com, jgjenny.com, fritzwebcam.com, and numerous other sites. You can read the full list of sites in the FTC Complaint. The name of the affiliate program which is run by GNS is signup4cash.com. An affiliate sending Spam is nothing new but being named as a defendant in a FTC action under the CAN-SPAM Act is certainly new and hopefully will encourage Networks to actively police their affiliates. I suggest that all Networks (mainstream and adult) immediately ban the affiliate for the first offense and not pay them. This policy should be clearly documented in your TOS and internally you need to keep all emails sent and notes of your action. If your affiliates send Spam in violation of the CAN-SPAM Act, you may also be the target of an FTC action. Even if the Network is not guilty, the adverse publicity and legal costs will be very damaging.

The Opt-Out Game

A lot of this porn Spam didn't included a working opt-out mechanisms, as required in CAN-SPAM. A lot of the email that did include and opt-out option, required the recipient to scroll through adult pictures to find the opt-out link. This trick has been used for years and it's refreshing to finally see the FTC take note of these procedures.

The CAN-SPAM Act Summary

While it did take the FTC over one year to file it's first action, I think this first piece of litigation is a good sign. Many more suits by the FTC are required. Not one per year but dozens per year. Keep after the slimy affiliates and the Networks. We hope the next piece of FTC litigation names a mainstream Network and their affiliates, which should send a loud signal that the FTC means business.

Posted by Steve_S

January 10, 2005

Year 2005: The convergence of Spyware, Spam, Viruses and Phishing

This year will be far more dangerous than any prior year. The criminals who engage in Spyware, Spam, Viruses and Phishing have discovered a much more effective way to make your life miserable on the Internet and generate revenue.

Viruses

Industry experts report that over 30% of all viruses contain a "back door". We expect this number to increase in 2005. A back door permits the authors to use your computer as a "zombie/bot" to not only send Spam but steal your confidential data. These actions are significantly different than years past when the criminals were more interested in "ego gratification" and not money. Many of these viruses writers have discovered that they can actually make money using the back doors and will continue to work in concert with all the other abusers.

Anti virus tools are no longer an option. They are required. Insure that your definitions are always current and do not use or surf the Internet until these tools are properly installed.

Spam and Phishing

Broadband usage has increased to around 50% in the USA. This permits Spammers to send more junk email in a given hour via your infected machine than ever before. Have you noticed the increase in Phishing via email? It's going to get worse and these folks have discovered that they can also produce viruses that steal your confidential data. When email reaches the saturation point more of the Phishing criminals will use web sites to silently install Spyware which also grabs your confidential data.

Spyware

We still don't have any federal legislation which prohibits Spyware. Only recently (1/4/05) did California Rep. Mary Bono again introduce into Congress H.R. 29, known as the "Spy Act". This bill requires that Web companies obtain consumers' consent before placing software on their computers. Last year, the same legislation passed in the House by a 399-1 vote, but was not voted on by the Senate. This lack of federal legislation encourages the Spyware criminals and those who benefit from it to become even more aggressive. Benjamin Edelman recently documented a single click which installed the largest number of Spyware programs I have ever seen. The details from a single click while using the Windows Media Player:

"...including at least the following 31 programs: 180solutions, Addictive Technologies, AdMilli, BargainBuddy, begin2search, BookedSpace, BullsEye, CoolWebSearch, DealHelper, DyFuca, EliteBar, Elitum, Ezula, Favoriteman, HotSearchBar, I-Lookup, Instafin, Internet Optimizer, ISTbar, Megasearch, PowerScan, ShopAtHome Select, SearchRelevancy, SideFind, TargetSavers, TrafficHog, TV Media, WebRebates, WindUpdates, Winpup32, and VX2 (DirectRevenue). (Most product names are as detected by Lavasoft Ad-Aware.) All told, the infection added 58 folders, 786 files, and an incredible 11,915 registry entries to my test computer. Not one of these programs had showed me any license agreement, nor had I consented to their installation on my computer."

While we have not yet seen a significant number of Phishing criminals using these installs to steal your data, we will.

Summary - New definitions

This convergence of criminals can be confusing so let me try and summarize it:

1. Viruses with a "back door" should also be thought of as tools for Spyware authors, Phishing expeditions, and using your machine to send Spam.

2. Spam will continue to increase largely because these criminals will use infected machines to send it.

3. Expect new ploys to emerge for those on a Phishing expedition. More use of Viruses to steal your confidential data, creation of fraudulent ecommerce sites, creation of fraudulent escrow services, and more.

4. Spyware criminals and those that benefit from it will continue to increase. No longer content with silent installs and or poorly documented installs, they will turn to new methods. A Virus with a back door will be the new tool for 2005.

Posted by Steve_S

January 09, 2005

Our Site Critique From "unhappy"

Every few weeks we will publish some email we receive along with our response. We generally redact the senders name and email address to protect their privacy. We have chosen not to enable the Comments feature of our script since it lacks adequate controls to prevent Spam and abuse. We hope you enjoy this regular feature.

Email received:

Hello,

A lot of your writing is way to opinionated for my taste. It's almost like you are preaching to children and you seem to thrive on inflating your ego.

Please tone it down!

Our response:

Hello unhappy,

Points taken on your comments. They are valid and we appreciate your input although we aren't going to change. We hope the following provides some insight into exactly what we are trying to accomplish.

Our mission is to provide a unique perspective. After all, their are literally thousands of useless sites who either steal other folks content or just quote an article on another site. Why would you want to read the same dribble across multiple sites. The mainstream Internet news sources generally do a pretty good job but their mission is not to yell and scream when they see abuse. Also, they don't offer the kind of "street level" commentary that we do. We both serve a purpose and that's why we insert their RSS feeds on this site.

Next we have sites that post articles that really amount to a self promotion pitch. Since we don't run adverts or try and sell you anything, we are uniquely positioned to document issues without a conflict of interest. Yes, we do have an agenda! Educating you and others about Scams, Abuse, Fraudsters, and Criminals. Using our own extensive real world experience, contacts in the industry, and our friends in law enforcement.

Finally, I'm not hiding under a rock and if you Google me you can read tons of stuff which date back to 1997.

For example:

Google Steve Shubitz
Search for posts by User Name of Steve_S on GeekVillage
Whois on this site

Thanks again for taking the time to write me. I do hope you continue to visit this site and please tell your friends and associates about us.

Posted by Steve_S

January 08, 2005

The Phony Charity Scam - Part Two

On Friday (1-7-05), President Bush signed into law a bill extending the deadline through Jan. 31, 2005 for claiming charitable contributions in 2004. As long as taxpayers give cash and it goes to aid victims of the South Asia tsunamis. This will certainly produce a spike in Scamers and Fruadsters trying to steal either your donation or your idenity.

Email Charity Scams

Here is an actual charity scam email:

"RESCUE Help Family and Friends find their missing

Thousands Killed; Death toll rises Thousands Still missing
Wed Dec 29, 2004

Images from the devastation throughout Asia are alarming and the
toll the recent tsunami has taken on human life is beyond
comprehension. Your help is desperately needed!

The initial earthquake measured 8.9 to 9.0 in magnitude on the
Richter scale and triggered enormous tidal waves, tsunami, that swept
across the Indian Ocean, striking coastal regions of Sri Lanka, India,
Indonesia, Thailand, Bangladesh, Burma and Malaysia.

More than 80,000 people have been killed...millions remain
homeless.

The United Nations has stated this will be the biggest relief
effort the world has ever seen.

4000 people still missing in Thailand half believed to be tourist
1000 Germans 1400 Swedish

No matter what size gift you're able to give it will go a long
way toward our recovery & reuniting efforts Every gift matters.

Help our family needs your gifts to help find these family members
and unite them

The devastation is immense. You can make a difference in helping
reuniting the lives of those caught in the path of this deadly
disaster. Please be as generous as you can by donating to Help our
Family

Send cheques or money orders to

Help our Family
P.O. Box 1420
Crystal Beach, Ontario
L0S 1B0

through Paypal
pam98map@yahoo.com

Beliefnet
Send E-Mail to: map98pam@hotmail.com
Copyright 2004 P Miller. All Rights Reserved"

What is wrong with this charity scam email?

1. It's spam and reputable charities don't spam

2. The charity uses a PO Box and does not contain a phone number. Reputable charities have a street address and a phone number

3. All the email addresses used are havens for abusers. They are free email addresses where Scam artists hide and PayPal is a fraudsters best friend since it contains a minamum of fraud checks and or idenity checks. Reputable charities don't use PayPal and always provide an email address which is part of their web site like "donations@charityname.com

Phishing Abuse via Scam Charity Web Sites

They don't want your contribution. They want your confidential data such as your name, address, and credit card number. They are using a phony charity Web Site and email to lure you into this trap.

Perform your due diligence and take precautions

1. Trash all email which asks you to contribute and or visit a web site to make a contribution.

2. Use the following resources to investigate a charity before you contribute:

Charity Watch
BBB's Wise Giving Alliance
GuideStar
Charity Navigator
FTC Charity Checklist

3. Consult with your tax person and or attorney on your compliance with this new federal law. Consult IRS Publication 526 and the IRS web site.

Posted by Steve_S

January 03, 2005

Site Enhancements

A few of you have written us with some dandy ideas about new features for this site. Thank you. Just in case you missed them, here is a summary.

Current News Using a Caching RSS Parser

Our Daily News (link opens in a new window) dynamically inserts RSS feed stories which deal with spyware, adware, malware, scumware, browser hijackers, keyloggers, Phishing and security. We are currently aggregating 3 news sources. The last entry on the page (Scam Alert Service) contains the actual email text from those fraudsters engaged in Spoof email and Phishing Scams. We use CaRP Evolution (link opens in a new window) to do this which is a caching RSS parser. We run a crontab 6 times per day to insure that the News articles are always current.

Our Daily Technology and Web News From the Top 5 (link opens in a new window) is really an experiment to see if you like it. This page aggregates the top 10 stories from ClickZ, Netcraft, BBC News, The New York Times and The Washington Post. These are the news sources which we read on a daily basis. A single page of headlines and short extract's is much faster to scan than using an RSS reader or Google News.

Quality resources and link partners page

Our Resources (link opens in a new window) page contains a link and short description for quality resources we use. We anticipate that this section will be continually updated as we discover quality resources. This page also contains our request to exchange links/descriptions with very high quality sites which contain original content. Your site should focus on subjects which are directly related to ours, (see the Resources We Use section of this page for sites) and your site must enhance our visitors experience.

Syndicate Our Content

Our Syndicate Our Content (link opens in a new window) page permits you to place our content on your site. The very best way to do this is to download and install the free/GPL version of CaRP (link opens in a new window). We also provide JavaScript code for your use and another third party resources which produces even better looking JavaScript.

Spread the word

We would be grateful if you would tell your friends and associates about StopScum. You can even use the Tell A Friend link, located at the top of every page, to send them an email. Best wishes to you and yours for a safe and happy 2005!

Posted by Steve_S

January 01, 2005

Google and Overture Fail to Effectively Define Click Fraud

The two leading players in the PPC space have recently stated their definitions of click fraud. Both have failed to effectively educate honest Publishers and dissuade the huge number of cheaters who are currently enrolled in their affiliate programs. We have a real world solution which helps all parties.

Please join the real world!

The ClickZ article says:

"Overture defines click fraud as, "clicks arising for reasons other than the good-faith intention of an Internet user to visit a Web site to purchase goods or services or to obtain information," according to spokesperson Dina Freeman."

"Google is a bit more specific, defining click fraud, "or invalid clicks, as any method used to artificially and/or maliciously generate clicks or page impressions," according to Salar Kamangar, director of product management. Examples of invalid clicks, according to Kamangar, include: manual clicks on an ad to purposefully increase the ad spend; deliberate clicks on an ad to increase profits by site owners hosting the ads; and automated clicking tools, 'bots, or other deceptive software."

Do any of these firms frequent Forums? The PPC industry is over 5 years old, why are these major players still trying to define click fraud at a major industry event? Neither definition provides enough real world examples to actually help honest publishers understand what actions will result in the termination of their affiliate account. Both definitions convey a lack of real world knowledge on how cheaters actually work. This lapse will encourage more cheaters to join. Finally, if you can't document violations of your TOS, how can you enforce them?

A real world solution which helps all parties

Please read these carefully Dr. Google and Professor Overture. Amend your poorly written TOS and include our text. We suggest that these Rules/TOS are the very first thing a prospective Affiliate sees when they sign up. Require a check box/link which says:, "I have read, understand, and agree to comply with your TOS." If a prospective Publisher does not enable this check box they can't join either affiliate program. The Google AdSence program and the Overture Affiliate Program do not do this.

Our copy which includes a little humor for your reading pleasure:

Any of the following actions will results in the termination of your affiliate account and forfeiture of all moneys due. Including but not limited to the following real world examples:

1. DO NOT click on your own adverts. One click or 10. We don't care.

2. DO NOT click on your competitors advert. One click or 10. We don't care. Try and think like the real world and strive for a working relationship with your competitors. Some will become helpful friends and others may not but at a minimum try and maintain a working relationship. DO NOT attack, denigrate, slander, or fight with your competition. If you can't deal with competition in a fair and ethical manner, unplug your machine and site, then contact McDonalds for the next available job opening.

3. DO NOT encourage, ask, and or hint with other parties to click on your adverts.

4. DO NOT "beg for clicks" using the following terms and or any terms which a reasonable person would construe as "begging for clicks"

"Please click our advertisement to help us"

5. DO NOT use and or encourage others to use "bots" and or any automated procedure which generates clicks on your adverts or anyone else's adverts.

6. YOU are responsible for the all the actions of the users on your affiliate site. If they engage in click fraud your affiliate account will be terminated and all moneys do will be forfeited. Don't create enemies. Treat your guests with respect. Moderate your Forum in a professional manner so it doesn't become a hot bed of folks who want to damage your site with click fraud.

7. If a "click club", which are widely used in India and China, commits click fraud on your site, your affiliate account will be terminated and all moneys do will be forfeited.

8. DO NOT "game" our systems with a page loaded with high paying keywords which are not directly related to the content of your site. One keyword or 100. We don't care.

9. Your site may have to pass the "smell test" when a human reviews it. Sites which appear to be built for our affiliate program and NOT for the benefit of surfers, have a significantly higher incidence of being terminated from our affiliate program. Build your site for your visitors FIRST, then include our adverts.

10. If your affiliate account is terminated, the burden of proof with respect to weather you violated either the letter and or spirit of these TOS lies with you and not us. We suggest you take some perceptions:

a. Maintain monthly local back up of your log files. This permits you to search for repeate IPs and Open Proxy servers.

b. Consider using a service like asRep or WhosClickingWho

11. If you see another site cheating our system, please report them to us via this link.

12. If you frequent Forums, please DO NOT post ANY specifics about your AdSense account. Please DO NOT help and or encourage Publishers who are trying to either "game" our program and or cheat. Here a few posts which are always a red flags:

What are the highest paying keywords?

What kind of CTR is acceptable?

How does Google catch cheaters?

How can I join under a new name?

13. We DON"T care what your intentions are or were. We've heard the excuses a zillons times and they don't work. Some of (but not all) of the excuses we have heard:

I accidentally clicked on my advert 12 times. I suffer from a disease known as "click_dimensia_cheater"

I clicked on my adverts because it interested me

I didn't do it

I needed money to send my dying father to the hospital.

Prove it DUDE!

14. If you violate either the letter and or spirit of these TOS, which we may revise at any time, we may elect to sue you.

What have these examples and rules accomplished?

They help honest Publishers understand the numerous aspects of the PPC space and help them take precautions. They also help them avoid honest mistakes and misunderstandings. We can tell you with absolute assurance that these detailed examples and TOS, send a very loud message to some cheaters that we already know exactly what you plan to do, so don't bother joining. It conveys to these cheaters that we have "street knowledge" and actively and aggressively pursue cheaters. Will it stop all the cheating? No. BUT, it will significantly lower the incidence of cheating when combined with an aggressive legal procedure.

One would argue that these new rules may dissuade some honest folks from joining who are scared. To an extent this is true but that's the price you pay for effectively helping Publishers and fighting cheating. For the legal bagels in the crowd, these rules also provide enough "wiggle room" to insure that you can effectively fight fraud which uses techniques which are not documented on your TOS page.

Just Sue!

The ClickZ article says: "Any advertiser or publisher participating in invalid click activity or other related offense is subject to being banned from our system and subject to prosecution," Kamangar (from Google) warns.

Is that so! The AdSense affiliate program was launched over one year ago. During this time you have sued exactly one affiliate. I'm not aware of any law suits by Overture's 4 year old affiliate program. You can't fight fraud without law suits. You can't expect your advertisers to carry the load for the false clicks which they pay for. We understand you are a "broker" but let's try and think long term. We are aware of much smaller affiliate programs who regularly sue six to twelve affiliates every year. Sometimes the potential recovery makes economic sense but in other cases they are willing to invest the capital expenditure to send a loud and clear signal that they mean business. This procedure definitely works and it doesn't take long for the word to spread that "FunkyDuckAffiliateProgram" sued me and my father so don't try any funny stuff with these guys!

Posted by Steve_S