Karlonia.com

John Stankiewicz of 9PlanetReviews.com is warning his subscribers and any potential members of the WorldPassive program (formerly DollarMonster) that it may be turning into a scam. DollarMonster was a popular doubler-cycler program that had its heyday back in 2004 when such programs were in vogue among certain populations of the alternative investment community. After the original program ran out of funds, it has since been resurrected twice, the most recent reincarnation being published under the WorldPassive moniker. Below is the letter I received from the admin of 9PlanetReviews earlier today. Fortunately, I did not “invest” any funds here.

Below is what I posted in my blog yesterday.

I will never again recommend that outfit. It used to be that one could make a few bucks there, so I recommended them each time they came back out.

I now hear that Blondie (Judy) just got booted today as well, and she had over 50 folks signed up in that one. Am not sure how many I had. So Admin at WorldPassive are biting the hands that have fed them.

UPDATE: WorldPassive Cycler (DollarMonster)

Looks like a reader of mine ratted me out. I simply made a one line statement, and here it is: “Actually, new developments. Avoid DollarMonster, am about to publish that in my blog. So if your fifty cycles? Get it out and stay out.” And looks like my “friend” sent that in to support. So they canceled my account and my payout of two cycles. Here are the details:

I originally bought a $50 position, that cycled, and then I put all of that back in and that cycled too. Then I made w/d request.

Guess what?

I just received an email saying they had shut down my account and are giving me my original $50 back. Why? I was in violation of their agreement. It says basically I would not do anything to harm their programme. Well, I did not. Check my blog. (I merely made one comment to a reader of mine that sent that in to support! Not as if I posted this all over the Internet! But now I have. And so should you!)

But, I did mention to one reader, in a private e-mail that I would not put any more money in that one as I thought it was about to fold (as most cyclers do, and this one did twice or thrice before). I guess that reader sent that one in to support.

So I replied to support and basically said they had better pay my cycled positions or I will make this into a story. And here the story is!

They have done the wrong thing. I have not said anything negative in my blog about their latest scheme. And now I am. They gave me the opportunity. It’s not about the fifty bucks. I could care less. But that kind of treatment? Say anything negative about them and your account will be shut down? Sounds like desperation and totalitarianism. Sounds like a scam. Sounds like a poor decision by some flunky support person.

And scam it is! Spread the word. Spread this word far and wide so you cannot get cheated ever again by these three time failure goons! I sure am!

PS: WorldPassive Admin/Support have renegged on even refunding me my $50 that I put in at the start. Well, I hope they have some fun with it, maybe buy some candy or chips. But I hope they do avoid the Aspartame laden pop and gum.

js

By the way: there was no real harm done by my post up above. Why? Because they were pretty nearly dead already. Too few members, not enough money, and they failed three times before. Plus it is summer. The absolute WRONG time to launch an opp such as this! Stupid or what? Stupid mostly. At this point I will not even likely get my fifty bucks back! But am laughing all the way! Not at you. But with them! We’re all just having fun here, right? Until the next memory-wipe!

9PlanetReviews

Spam, not to be confused with the shoulder pork and ham product made by Hormel, denotes junk mail, an important aspect of life on the Internet. It has become highly notorious word that is regarded as synonymous with annoying advertisements and unwanted bulk email marketing messages. This article by Sarath Kumar provides some tips for preventing and avoiding the dreaded inedible forms of Spam.

Companies and individuals, perhaps including some of our friends bombard our mailboxes with junk mail on a regular basis. There are veterans of spamming – the ‘art’ of sending junk mails - like Sanford Wallace who earned the nickname ‘Spamford Wallace.’

The spammers use several intrusive methods to send junk mail. The Internet allows them to store our email addresses in databases that cross reference each other, so that they can build our profiles that tell them details including what sites we visit, how often we visit those sites, how often we click banner ads, and what kind of products we purchase. Companies and individuals will happily sell this information they collect to other companies and individuals, so that once our email address is on one list, they’ll eventually be on ALL the lists.

Here are some proven steps to avoid junk mail:

1. Don’t click on suspicious links or banner ads

Email harvesting companies can track our habits on the Web extensively by using banner ads or links designed to trick you into downloading adware, Trojan viruses, or other privacy-invading critters.

2. Don’t give out your email address

This may seem obvious, but don’t give out the email address to marketing companies. For example, any surveys we may fill out, or any form to fill out when purchasing something over the Internet. Some companies require our email address before we can download software. In these cases, always enter a bogus address.

Also, don’t include the email address in the Web browser settings. Use a fake one, or leave the field blank. Web sites we visit can grab this information without us ever knowing about it.

In cases where we absolutely need to enter a valid email in a form (for example when we need the company to send us a receipt or a product key), we should have a second email address, preferably at a free email service on the Web. We shouldn’t bother if we get Spam at that account, as it is meant to be a ‘garbage bin’ account. However, clean it periodically, and block unsolicited mails as required. The blocking and Spam reporting facilities are part of many free email services including Hotmail and Yahoo.

3. Don’t list the email address on a web site or newsgroups

Instead of listing the private email address on a personal Web site, use the second ‘garbage bin’ account, or a separate ‘Web feedback’ account. Do the same with posts made on newsgroups. There are automated programs that scour the Web and news groups to harvest emails. Another trick that usually works is to write the email address in a slightly different format that harvesting bots will not detect as a spam target but is still readable to human visitors. For example, you can use (at) or (dot) in place of the appropriate punctuation.

4. Don’t reply to Spam

Never reply to junk mail asking them to stop. A lot of junk emails provide a bogus ‘unsubscribe’ link, or ask to reply with ‘remove’ in the subject. This is a trick. The spammers don’t actually know if our email addresses are active. They purchase thousands of emails from other companies and sometimes even guess at email names. As soon as we reply to junk mail, they will know that our email is active. And we continue to get the junk emails on a ‘priority basis’.

5. Filter out the Spam

Filtering the junk emails that we receive prevents them from reaching our inbox or places them in a separate Spam folder where they can be easily scanned (just in case any legitimate mails slip through) and deleted. Most email programs have built-in filters to do this.

Additional Resources:

http://www.howtofightspam.com/ - more information and resource links on how to deal with Spam
http://www.templetons.com/brad/spamterm.html - article on the history of how the word “Spam” came to be associated with junk emails

Yesterday I received an email from a mysterious spammer named “PTC News”. This person is not only spamming for referrals in a hitherto unknown paid-to-click program named BuxIT.info, but is also throwing in a special bonus: an “AutoSurfer” that will automatically detect and click the paid links so that you can simply sit back and earn your pennies without having to actually do anything other than logging into your account.

Of course I should point out that the use of such auto-clicking software is considered cheating by virtually all paid-to-click programs and will result in being banned from any programs that detect it. However, this is the first time that I have ever seen anyone so brazenly advertising “cheatware” like this and even having the audacity to use it as a bait for referral collecting. Apparently the spammer has also included a video demonstration and was even nice enough to provide both Spanish and mangled English versions of the message.

Hi… // Hola… Hi, I saw your mail on a list of people who are interested in PTC, which is why you inform this magnificent PTC, and you can download a AutoSurfer makes the clicks automatically for you, and a video demonstration that teaches you how it works. ———- Hola, he visto tu mail en una lista de gente que le interesan los PTC, por eso te informo de este magnífico PTC, y puedes descargar un AutoSurfer que hace los clicks automáticamente por ti, y un video de demostración que te enseña cómo funciona. Link: http://buxit.info/register.php AutoSurfer: http://rapidshare.com/files/98261256/BuxIt.v01.zip VideoDemostration: http://rapidshare.com/files/98262412/Buxit.avi Let enjoy // Que lo disfrutes

Note that in order to avoid unwittingly rewarding the spammer or endorsing such tactics, I have removed the referral code from the text. I have not clicked through to the RapidShare URLs to examine the software or video, but I did confirm that the BuxIT.info program actually exists (as of this writing). If any of you have additional information on this Spam & Scam operation, please let us know in the comment section.

In spite of a recent bout of blog comment spam, it seems that I have survived the “spam wars” relatively unscathed so far. According to an article at nvunet.com that cites a recent report by Barracuda Networks, the global proportion of spam has now risen to 90 and 95 percent of all email communications. By contrast, I was receiving a spam ratio of around 55 percent at my old Excite email address that I am now in the process of abandoning. Meanwhile, my Gmail address has remained almost completely spam free, and my recent installation of the WP-SpamFree plugin has practically eliminated automated comment spam here at Karlonia.

The reference to the nvunet.com article was one of the interesting tidbits of information that I picked up from the latest edition of John Graham-Cumming’s anti-spam newsletter, which I have reprinted below for your reading pleasure.

Read the rest of this entry »

As I was going through my email this morning, I noticed that John Graham-Cumming had just sent out the latest edition of his anti-spam newsletter. Upon reading it, I was intrigued by a somewhat unrelated reference to a blog post in the third paragraph. Apparently a security researcher at the University of Cambridge had his site’s account hacked, and upon investigating exactly what had happened, wanted to figure out what password the hacker had used to create a new account as “Administrator”.

He was able to access the MD5 hash (an encoded version of the password) from the system’s database, but normally it is not feasible to determine the actual password from this. After trying some standard cracking techniques such as dictionary and “brute force” attacks, he decided to simply paste the whole hash string into Google. This returned several results that curiously mentioned the word “Anthony”, which turned out to be the hacker’s password.

The important takeaway lesson here is that for sensitive account information, one should never choose a password that is likely to be used by another person. This especially includes common words or names, and anything that can be deduced from your profile such as date of birth, the name of your school, and the like. You also need to make sure that it is reasonably long; anything less than eight characters or so will easily fall to a brute force attack if the cracker has a reasonable amount of computing power.

Meanwhile, you can peruse the rest of the anti-spam newsletter below:

Read the rest of this entry »

Recently I have been reading about the appearance of a new batch of black hat tactics involving the topics of domain hijacking and cybersquatting. While not all of these methods are strictly “black hat” in the sense of being illegal or malicious, they are all pretty sneaky and can be detrimental to webmasters whose domains or brand names are targeted. People who are owners of high traffic sites or relatively famous names are especially vulnerable. Here is a list of things to watch out for if you have a potentially popular domain name:

1. Geographical cybersquatting: In this scheme, the name of a certain geographical area, usually a city, is purchased as a domain name by the scammer. This “squatter” then points the domain to a site which displays material that many city officials would find objectionable, such as pornography, gambling, or certain pharmaceutical products. Since most officials do not want the name of their town to be associated with such material, the domain owner can offer to sell the domain to the city at a significantly high price. Often this tactic is successful because the area’s residents want to avoid any potential damage to their town’s reputation.

2. Hijacking a famous name: Similar to squatting on the name of a city, some scammers will seek out the names of famous people (or very similar variants of these) and purchase them as domain names. The new domain owner then uses extortion (otherwise known as good old-fashioned blackmail) on the target in the hopes that the affected person will trade some money in exchange for protecting his or her reputation.

Read the rest of this entry »

Spammers often take advantage of holidays so that they can try to sell more products to people who may already be in a buying mood, and it seems that Halloween is no exception. This year, gift card spam has been getting more popular, and as this article from Sophos.com points out, some spammers have combined these two ideas and set up a phishing site that attempts to collect personal information from email recipients in exchange for the promise of getting a Halloween gift card.

The spam mail employs various Halloween-related puns and clichés and promises visitors that they can receive a free $250 MasterCard gift card if they click on one of the links in the email and fill out the questionnaire that follows. The site then asks for a significant amount of information such as email addresses, phone numbers, date of birth, and the like, after which visitors are taken through a series of other questionnaires pertaining to topics such as student loans, cigarette smoking, and other unrelated issues.

It is not clear whether the intent of the spam is to collect information for identity theft purposes or is simply another instance of overzealous marketing. In either case, if you happen to receive an email like this, it is not advisable to click through on the link or input any of your personal information. If you do, the most likely outcome will be an increase in your “spam to ham” ratio; in other words, you will have to deal with more unsolicited junk mail.

Meanwhile, John Graham-Cumming has released the next issue of his anti-spam newsletter, which includes some useful information about recent trends in spam-related trickery. Spammers are now beginning to use animated image files that display the names of their products or keywords as a way of slipping their messages through most spam filters. Pump-and-dump stock scams are now being spread by MP3 attachments, while a worm called Storm that began spreading last year still has antivirus experts befuddled as to how to contain or eliminate it. Finally, Chris Drake shares his ideas on ways to separate spam from ham. More details are posted below:

Read the rest of this entry »

USAA Federal Savings Bank is warning its members about a new email phishing scam that tries to collect sensitive account information.

The email has the USAA logo at the top and contains the subject “Unauthorized Activity!”. The rest of the text attempts to trick users into thinking that their accounts have been compromised and tells them to click on a link in the email in order to “confirm their records”:

Read the rest of this entry »

Although I have not commented on any ridiculous HYIP spam for a while, you probably haven’t missed much. I have been simply deleting most of the emails for these “investment opportunities” because they are not really saying anything that I have not already covered in previous posts. Today, however, I got spammed with a program that seems to take the idea of ridiculous HYIP to a whole new level of dumb: IGProfit.com.

Read the rest of this entry »

John Graham-Cumming, developer of the famous anti-spam tool POPFile and founder of the software company Electric Cloud, Inc., has released the latest edition of his newsletter. It is normally published twice per month and contains informative news items and technical descriptions about the latest spamming techniques and the methods that are being employed to combat them. If you subscribe to the newsletter from the link at jgc.org, you can access the archived issues from previous months. This is the 62nd edition.

Regular readers will know that I’ve been predicting the death of the MIT Spam Conference for some time. How wrong I was. The MIT Spam Conference is back and has been expanded to two days (March 27 and 28, 2008).

The deadline for submissions is March 1, 2008, but the conference is operating an unusual sliding submissions process. You are invited to submit any time from now until the deadline and you’ll get a yes/no answer within two weeks.

Details are here: http://spamconference.org/

Last week I spent a day at the Virus Bulletin 2007 conference in Vienna giving a talk about The Spammers’ Compendium (see www.jgc.org for slides).

My overall impression was that the spam talks were weak. Of all the talks only one made me go ‘a ha!’: Vipul Sharma’s talk:

* Continual feature selection: a cost effective method for enhancing the capabilities of enterprise spam solutions

Vipul Sharma, John Gardiner Myers, Steve Lewis, Proofpoint
http://www.virusbtn.com/conference/vb2007/
abstracts/SharmaMyersLewis.xml

Read the rest of this entry »

Approximately one month ago Professor Ross Anderson, one of the world’s top researchers in the field of computer security, gave a very informative lecture for the University of Cambridge on the topics of spamming, scamming, phishing, and other Internet-based activities that he places under the category of “wickedness”. This video of his lecture delves into some of the details of how spammers and scammers operate, with a focus on how we can accurately detect their activities.

The topics covered range from the usual phishing spam-and-scams to fake escrow and banking sites to what he calls “postmodern Ponzi schemes”, known to most of us in the Internet marketing world as HYIP. Professor Anderson describes the ongoing struggle between the various types of scammers and the (mostly futile) attempts by governments, financial institutions, and computer security professionals to thwart their operations.

The video is one hour long and is presented in a fairly academic style, so if you are normally an impatient or easily bored type of person, you may not find it particularly entertaining. However, if you have any interest in the rapidly converging fields of economics, computer security, and good old-fashioned spam, you might want to watch this one whenever you have enough time.

Besides Ross Anderson who was cited above, other contributors to this video include Richard Clayton, Tyler Moore, Stephen Murdoch, and Shishir Nagaraja.

The next installment in my Adventures in Spam series features a fairly common type of scam email that has been getting more popular lately as increasing numbers of people are figuring out that they can actually make money online. It involves what is essentially a fake work-at-home employment offer- the scammer pretends to be a representative of a legitimate (usually offline) company, then offers to hire you as some type of payment processor or clerical worker.

In most cases, the true purpose of the email is simply to solicit a reply from you. If you actually reply with any indications of interest, the spammer-scammers will send another letter requesting some type of “processing fee” so that they can cover the cost of sending the relevant paperwork and materials to you. Usually this fee is a fairly small amount, like $10 or $20. The scammers are hoping that if they can advertise to enough “suckers” by spamming, they will achieve a high enough sales volume for the small amounts to add up to a significant amount of money for them. And of course, if the old cliché about a sucker being born every minute holds true, the same spam mail can be sent out again at regular intervals and provide the scammers with a steady income from “processing fees”. Here is a typical example of such an email that I received a few days ago:
Read the rest of this entry »

Today I received an email from TD Ameritrade, an investment brokerage company that allows its clients to buy and sell stocks and other securities online. Apparently a recent investigation uncovered some “unauthorized code” in their computer systems that was used for harvesting email addresses. This might explain some of the investment-related spam that I have been getting over the past few years, including those infamous stock pumping scam letters. Although I haven’t used it for years, I had opened an account with Ameritrade back in 2000, so my email address probably found its way onto the spam lists.

Meanwhile, the executives at Ameritrade (much to their chagrin, I can imagine) are in full damage control mode, attempting to reassure us that our identities will not be stolen…or, well, at least there is no evidence that they have been stolen, although our social security numbers were probably in there somewhere. And of course, our assets are secure even though their computer systems are, umm… somewhat less secure since they just got hacked by spammers!

Dear Karl Erfurt,

Let me tell you why I am sending you this email. While investigating client reports about the industry-wide issue of investment-related SPAM, we recently discovered and eliminated unauthorized code from our systems. This code allowed certain client information stored in one of our databases, including email addresses, to be retrieved by an external source.

Please be assured that UserIDs and passwords are not included in this database, and we can confirm that your assets remain secure at TD AMERITRADE.

What we want you to know:
Read the rest of this entry »

One form of spam that has been on the rise over the past two weeks is stock spam, which is most commonly used to promote a type of scam known as stock pumping. This is a technique in which spammers attempt to manipulate the price of a company’s stock, usually in the upward direction, in order to make a quick profit. The most common tactic used to accomplish this is known as the “pump-and-dump” scheme. With this method, a spammer chooses a stock that is relatively unknown, has a low price per share, and has low trading volume. Most such stocks are traditionally called “penny stocks” because they usually trade for less than one dollar per share and are listed only on the over-the-counter bulletin board (OTCBB) or Pink Sheets exchanges. With this type of stock, the spammer can usually raise the share price relatively easily by disseminating lots of positive (and sometimes fraudulent) information about the chosen company and lure naive investors into quickly buying shares, thus temporarily driving up the price. The spammer, having bought fairly large blocks of shares in advance, then quickly sells the stock by “dumping” it back onto the market before most investors realize that the information being disseminated is exaggerated or inaccurate.

Another tactic that is sometimes used by stock spammers is called the “short and distort” method. This is essentially the reverse of the more popular pump-and-dump; instead of hyping up a stock, negative information is sent out in an attempt to drive the share price downward. Rather than buying shares, the spammer short sells them- that is, the shares are borrowed from a broker and immediately sold for whatever they are worth at the current price. In a short sale transaction such as this, the investor hopes that the stock price declines because if it does, the shares can be bought back at a lower price than what they were originally sold for, leaving the difference as profit. However, there is also significant risk involved in this proposition because if the price of the stock actually goes up, the investor can lose money when the shares are eventually bought back in order to settle the short position. For this reason, plus the fact that the possibility of short selling is usually not offered for penny stocks, the short and distort method is not as popular with veteran spammers. However, it is sometimes still used by unscrupulous investors who have inside knowledge of the companies involved and want to manipulate the markets for quick profits.

Read the rest of this entry »

Yes, those infamous HYIP spammers are at it again. The latest site that has come up for ridicule is called zoom-invest.net, a HYIP that promises to triple your money within 15 hours while serving up a generous helping of broken English and inept marketing skills. Fortunately, its promoters were nice enough to send me this spam so that we all have the chance to laugh at them before their official launch:
Read the rest of this entry »