How do you deal with spammers?

[SexycityBrian]

Ok we just had the unfortunate experience of having a spammer sign up for our program and start spamming. His account was quickly terminated and so he started sending out massive spam email with direct links to our program. These are the steps that I took.
1) contacted the guy and told him to quit, he responded by saying that the day after we terminated his account that another spammer was sending out the emails with the direct links to make him look bad.
2) responded to hundreds of complaints mostly webmaster because the spammer was using a webmaster mail list.
3) requested copies of the emails with full headers. ( after getting a few I decided that the spammer was using remote computers via a trojan to send the spam)
4) contact the ISP's and inform them what was going on and requested they contact their customer and let them know there computers may have trojans running on them and I also included links to a free antivirus and adware remover (AVG and Lavasoft Se Personal).
5) I kept copies of all the emails and icq messages for our hosting company so they could see how we dealt with the problem.

Ok now the only real information that we have for the guy apparently is his epassporte account everything else is fake as far as I can tell.

Now I was just wondering if I missed anything that we should have done. I know that our program was not the only one that was hit by this guy. So what did anyone else do or what would you have done if you had this problem.

Brian

[FakeTextTGP]

When you offer epass etc type payments you open the door to fraud. Not trying to get you paranoid, just warning, Get ready to be sued, or start scrubbing your signups

[twintone]

You did a lot more then you really HAD to do, but that is good. Contacting the ISP's would have been a lot of work, and I respect the fact that you went through the trouble to do that.

Unfortunately most huge ISP's just don't give a rats ass anymore, nor do they have the man power to deal with your issue the way they should be.

I think everything you did is above and beyond what most would have done, and others should follow your lead.

Due to this incident, if you have lost, or had to pay for help and the total is $5000.00 US or more, and you are a legitimate business in the US. The FBI will help you, and track down this jackass. They too are so swamped that they can not deal with issues unless they have caused a loss to a business of $5000.00 or more.

We had an issue like this happen to us several years ago, and wete able to get the FBI involved in it. This was before they had the 5K policy in place. We had a guy signup and start spamming from our network, and he was terminated immediately. Within a few hours he was sending out emails spamming our service saying we will be happy to host CP, and all kinds of illegal shit. On top of that, he used our return address in all his mailings. So we received over 160,000 emails.. bounces, people bitching at us, telling us we are sick fuckers.. etc. It was bad news to say the least. I honestly think if I would have caught the guy I would have taken a hammer to each individual finger.. in other words, he would never typed again, let alone use his hands again.

In the end it was some guy from Romania. The FBI tracked him down, but Romania isn't real willing to help the US with these types of things, and said they would "take care of the person". I don't know what ever happened to the guy, but the spamming stopped, and that is what our goal was.

Good luck in your hunt for the guy. I hope he gets what he has coming.

[Greenguy]

Quote:

Originally Posted by FakeTextTGP

When you offer epass etc type payments you open the door to fraud. Not trying to get you paranoid, just warning, Get ready to be sued, or start scrubbing your signups

I'm not sure why they'd be sued and I assume that you're talking about scrubbing the webmaster's that sign up, but one thing did pop into my mind: it'd be a nice feature & a good gesture on ePassporte's part to be able to verify the info that the webmasters used when signing up with the info on file with ePassporte. Not that the programs should have access to their database, but maybe an email to ePass with the info that the webmaster used & then they could just verify that the info they have is the same (or similar)

[Jim]

One piece of advice. If it were me and I was going to offer epassporte payments, I would make sure the webmaster's information was correct. That would be easy by forcing the webmaster to take one check before epasporte kicked in. You would never want epassporte to give out their information about a webmaster to anyone. I suspect that if the webmasters know that you do have their proper information, you won't have these problems.

As for what to do, it looks like you did all the right things. You went a lot further than I would have. I would have deleted the account, answered the question from webmasters on any board it was brought up and be done with it. Know your host and make sure they know that don't spam yourself.

[Greenguy]

Quote:

Originally Posted by Jim

...You would never want epassporte to give out their information about a webmaster to anyone.....

I agree, but I don't see where a simple "That's the info we have on file" or "That info differs from the info in our database" with no further information would be a problem.

[Jim]

Quote:

Originally Posted by Greenie

I agree, but I don't see where a simple "That's the info we have on file" or "That info differs from the info in our database" with no further information would be a problem.

ehhh...I think even that would be a slippery slope. Pretend for a moment that epassporte were a swiss bank account. And for some strange reason, the government just wanted to verify the name and address of an account. Nobody would ever want that bank to comply. And, I could be wrong but I think verifying that information is a crime in Switzerland.

[SexycityBrian]

Quote:

Originally Posted by FakeTextTGP

When you offer epass etc type payments you open the door to fraud. Not trying to get you paranoid, just warning, Get ready to be sued, or start scrubbing your signups

Not really to concerned about getting sued but the time spent dealing with the problem was a real waste of money and we still have some work to do with our hosting company and spamhaus. At least for now is seems that the spammer has quit (fingers crossed). As for the epassporte payments we are going to discuss that today and see if we can come up with a solution. I am thinking of a couple ways to do the epassporte for new affiliate signups that would hopefully give us some valid information about them.

[Greenguy]

Quote:

Originally Posted by Jim

ehhh...I think even that would be a slippery slope. Pretend for a moment that epassporte were a swiss bank account. And for some strange reason, the government just wanted to verify the name and address of an account. Nobody would ever want that bank to comply. And, I could be wrong but I think verifying that information is a crime in Switzerland.

Good point, but I have another idea

In order to charge something to your ePassporte card, you have to put in your name & address & whatnot (just like all CC transactions) So allow the affiliate program to charge a fee ($1) for ePassporte payouts that must be charged to the affiliate's ePassporte account - bingo! Instant verification.

(look at me talking as if I know that ePassporte even cares about this issue)

[cd34]

I think something many sponsors probably need to spend time managing is their spam policy, publically stated somewhere on each site. Termination of said webmaster and not accepting spam traffic -- difficult to pass up the free traffic, but, when you are dealing with the anti-spam groups, it proves that you are not trying to make money off of it. And, SPF records. While the email may come from another address, and go directly to your main site, sometimes if they forge the returnpath in addition to the reply to, the SPF record would indicate that this mail is obviously not sanctioned. This has helped with spamhaus in the past and one other blacklist.

http://www.openspf.org/ for more info on adding SPF records.

[KCat]

Interesting to hear what happened. I got hundreds of emails from this guy before adding "sexycitycash" to my spam filter.

[FakeTextTGP]

Quote:

Originally Posted by SexycityBrian

Not really to concerned about getting sued but the time spent dealing with the problem was a real waste of money and we still have some work to do with our hosting company and spamhaus. At least for now is seems that the spammer has quit (fingers crossed). As for the epassporte payments we are going to discuss that today and see if we can come up with a solution. I am thinking of a couple ways to do the epassporte for new affiliate signups that would hopefully give us some valid information about them.

I'd be concerned, one of the old companies I worked for got sued, and the person mailing was not even affiliated or an affiliate of the program... I think a lot of spam is intentional to hide other real spam and they pick on some progrms in front of them... The major player sued us via John Doe terms, and well we proved to them it was not us... and they finally dropped it, but they will come after you if you have something they want... "CASH"

[FakeTextTGP]

By the way keep all the documents of the complaints you have made, they are great for when you do get sued, thank heavens we did, we had numerous complaints on file with the government, and requests to domain registrars to drop domains with invalid info in regards to these spoofs

oh and one more thing, if you see spam, immediately get a TOS page up, without one you may be liable in ways if you are accepting the traffic that is not a good thing