Archived posts from the 'Spam' Category

Which Sebastian Foss is a spammer?

Obviously pissed by my post Fraud from the desk of Sebastian Foss, Sebastian Foss sent this email to Smart-IT-Consulting.com:

Remove your insults from your blog about my products and sites… as you may know promote-biz.net is not registered to my name or my company.. just look it up in some whois service. This is some spammer who took my software and is now selling it on his spammer websites. Im only selling my programs under their original .com domains and you did not receive any email from me since im only using doube-optin lists.

You may not know it - but insulting persons and spreading lies is under penalty.

Sebastian Foss
Sebastian Foss e-trinity Marketing Inc.
sebastian@etrinity-mail.com

Well, that’s my personal blog, and I’ve a professional opinion about the software Sebastian Foss sells, more on that later. It’s public knowledge that spammers do register domains under several entities to obfuscate their activities. I’m not a fed, and I’m not willing to track down each and every multiple respectively virtual personality of a spammer, so I admit that there’s at least a slight possibility that the Sebastian Foss spamming my inbox from promote-biz.net is not the Sebastian Foss who wrote and sells the software promoted by the email spammer Sebastian Foss. Since I still receive email spam from the desk of Sebastian Foss at promote-biz.net, I think there’s no doubt that this Sebastian Foss is a spammer. Well, Sebastian Foss himself calls him a spammer, and so do I. Confused? So am I. I’ll update my other post to reflect that.

Now that we’ve covered the legal stuff, lets look at the software from the desk of Sebastian Foss.

  • Blog Blaster claims to submit “ads” to 2,000,000 sites. Translation: Blog Blaster automatically submits promotional comments to 2 million blogs. The common description of this kind of “advertising” is comment spam.
    Sebastian Foss tells us that “Blog Blaster will automatically create thousands of links to your website - which will rank your website in a top 10 position!”. The common description of this link building technique is link spam.
    The sales pitch signed by Sebastian Foss explains “I used it [Blog Blaster] to promote my other website called ezinebroadcast.com and Blog Blaster produced thousands of links to ezinebroadcast.com - resulting in a #1 position in Google for the term “ezine advertising service”. So I understand that Sebastian Foss admits that he is a comment spammer and a link spammer.
    I’d like to see the written permissions of 2,000,000 bloggers allowing Sebastian Foss and his customers to spam their blogs: “Advertising using Blog Blaster is 100% SPAM FREE advertising! You will never be accused of spamming. Your ads are submitted to blogs whose owners have agreed to receive your ads.” Laughable, and obviously a lie. Did Sebastian Foss remember that “spreading lies is under penalty”? Take care, Sebastian Foss!
  • Feed Blaster with a very similar sales pitch aims to create the term feed spam. Also, it seems that FeedBlaster™ is a registered trademark of DigitalGrit Inc. And I don’t think that Microsoft, Sun and IBM are happy to spot their logos on Sebastian Foss’ site e-trinity Internetmarketing GmbH
  • The Money License System aka Google Cash Machine seems to slip through a legal loophole. May be it’s not explicit illegal to sell software build to to trick Google Adwords respectively AdSense or ClickBank, but using it will result in account terminations and AFAIK legal actions too.
  • Instant Booster claims to spam search engines, and it does, according to many reports. The common term applied to those techniques is web spam.

All these domains (and there are countless more sites selling similar scams from the desk of Sebastian Foss) are registered by Sebastian Foss respectively his companies e-trinity Internetmarketing GmbH or e-trinity Marketing Inc.

He’s in the business of newsgroup spam, search engine spam, comment spam … probably there’s no target left out. Searching for Sebastian Foss scam and similar search terms leads to tons of rip-off reports.

He’s even too lazy to rephrase his sales pitches, click a few of the links provided above, then search for quoted phrases you saw on every sales pitch to get the big picture. All that may be legal in Germany, I couldn’t care less, but it’s not legit. Creating and selling software for the sole purpose of spamming makes the software vendor a spammer. And he’s proud of it. He openly admits that he uses his software to spam blogs, search engines, newsgroups and whatever. He may make use of affiliates and virtual entities who send out the email spam, perhaps he got screwed by a chinese copycat selling his software via email spam, but is that relevant when the product itself is spammy?

What do you think, is every instance of Sebastian Foss a spammer? Feel free to vote in the comments.

Update 08/01/2007 Here is the next email from the desk of Sebastian Foss:

Hi,
thanks for the changes on your blog entry - however like i mentioned if you look up the domains which were advertised in the spam mails you will notice that they are not registered to me or my company. You can also see that visiting the sites you will see some guy took my products and is selling them for a lower price on his own websites where he is also copying all of my graphic files. The german police told me that they are receiving spam from your forms and that it goes directly to their trash… however please remove your entries about me from your blog - There is no sense in me selling my own products for a lower price on some cheap, stolen websites - if that would make sense then why do i have my own .com domains for my products ? I just want to make clear that im not sending out any spam mails - please get back to me.

Thanks,
Sebastian

Sebastian Foss
e-trinity Internetmarketing GmbH
sebastian@etrinity-mail.com

It deserves just a short reply:

It makes perfect sense to have an offshore clone in China selling the same outdated and pretty much questionable stuff a little cheaper. This clone can do that because first there’s next to no costs like taxes and so on, and second he does it per spamming my inbox on a daily base, hence probably he sells a lot of the ‘borrowed’ stuff. Whether or not the multiple Sebastian Fosses are the same natural person is not my problem. I claim nothing but leave it up to you dear reader’s speculation, common sense, and probability calculation.



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

Fraud from the desk of Sebastian Foss

Frequently I receive emails from very angry people complaining about various “SEO tools” and “Money Making Software” delivered from the desk of Sebastian Foss (AdBlaster, Instant Booster, eZine blaster, Blog Blaster, Feed Blaster, Newsgroup Blaster, eBay Cash Machine, Doorway Page Generator, Google Cash Machine, and countless more scams), which got their sites banned or which just didn’t work as promised, asking for a refund and demanding compensation. I’m sick of replying to all these emails to set the records straight, so here is the guy’s address:

e-trinity Internetmarketing Ltd.
Sebastian Foss
Böhler Str.14
Lindlar, 51789, North Rhine-Westphalia
Germany [map]
Phone: +49 2266 478 230
Fax: +49 2266 478 197
email: sebastian@etrinity-mail.com

I suffer from his fraudulent and spammy activities too. I find his URLs in my referrer stats, I receive his email spam from the desk of Sebastian Foss, and people get mad on me because they assume I’m him just because I blog about SEO and Internet marketing.

Here is the last email spam I got from Sebastian Foss1) at promote-biz.net:And here’s the attached HTML file:A smart investigator can should be capable to assign this URL on promote-biz.net to e-trinity Internetmarketing Ltd., Sebastian Foss’ company in Lindlar, Germany.

If you’re sick of spam and scams from the desk of Sebastian Foss too, then turn him in. Last time I looked, sending out email spam is a crime in Germany. In case the spam report form below (courtesy of the german cops) doesn’t work, here you go: Police Lindlar, Germany.
SPAM REPORT (yellow background = mandatory)

Your coordinates:






What to report?







Provide internet address (URL), IP address, channel, email-ID (email header), and other information useful to track down the issue:



Details (mandatory!)

Witnesses (if any, provide names and addresses)

Perpetrator and site of crime:






Here’s a tiny sample of domains related to or operated by Sebastian Foss, according to Rip Off Report “[one of] the biggest scam artist[s] on the Internet”:
10-thousand-dollars.biz 101-website-traffic.com 2click.com auction-machine.com automatedriches.com automatic-mailer.com blog-blast.com blog-blaster.com cashcreation.com clickedcash.com dollarbuddy.biz etrinity.com feed-blast.com free-traffic-handbook.com hit-booster.com hitworkz.com income-builder.com income-machine.com incomeuniversity.com instant-booster.com megapromoter.com megawealthpackage.com minuteprofits.com money-license.com moneybank.com plugin-income.com press-blast.com promote-biz.net promotionpalace.com sebastianfoss.com seo-secret.com submit-it-easy.com …

It doesn’t hurt to link to this post with “Sebastian Foss” in the anchor text ;)

Update: I received a threat from Sebastian Foss, so I’ve edited this post (look for original text followed by changes). I’m not 100% certain which instance of “Sebastian Foss” sends out the email spam, but all known instances of Sebastian Foss are obviously spammers. More Information on the spammer Sebastian Foss and his clones respectively multiple/virtual personalities.



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

No search, more fun: Netscape spamming Google

Google dislikes crawlable SERPs. But Google still indexes huge chunks of SERPs, and to make it worse, these disliked URLs sometimes rank above other useless webspam from Amazon, Ebay, and cohorts on the very first search result page.

For example Netscape is still flooding Google’s search index with crap as per the quality guidelines, which clearly state:

Use robots.txt to prevent crawling of search results pages […] that don’t add much value for users coming from search engines.

Netscape.com lacks a robots.txt, but how many patterns does it need to identify these pages as SERPs? Next search.netscape.com has a robots.txt, but it lacks a Disallow: / directive, respectively Disallow’s of all their scripts generating search results.

Is it that simple to get gazillions of useless autogenerated pages ranking at Google? Indeed. Following the Netscape precedent every assclown out there can buy a SE-script, can crawl the Web for a bunch of niche keywords, and will earn free Google traffic just because he has “forgotten” to upload a proper robots.txt file and Google isn’t capable of detecting SERPs. I mean when they don’t run a few tests with Netscape-SERPs, where’s the point of an unenforced no-crawlable-SERPs policy?

I just found another interesting snippet in Google’s quality guidelines:

If a site doesn’t meet our quality guidelines, it may be blocked from the index.

I certainly will not miss 1,360,000 URLs from a spamming site ;)



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

When your referrer stats turn into a porn TGP

When you wonder why your top referrers are porn galleries, make-you-rich-in-a-second scams and other pages which don’t carry your link but try to sell you something, read further.

Referrer spamming is done by bots requesting pages from your site, leaving a bogus HTTP_REFERER. These spam bots come from various IPs, change their user agents on the fly, and use other sneaky techniques to slip thru spam protection. Some of them are somewhat clever by adjusting the number of bogus requests to your site by your Alexa stats to ensure their “visits” do appear on limited realtime referrer lists and other stats by referrer. Some of them even suck the whole pages from your server, and a few even follow redirects.

So what can you do? Not much. You can’t really get rid of these log entries, because the logs are written before your spam protection handles those requests. But you can reduce the waste of bandwidth and server resources. If you redirect these requests, your server sends only a header, but not the contents. Here is a way to accomplish that:

First of all, extract the bogus referrers from your logs or stats pages, and save them in a plain text file:
Change this to a list of domains, truncating subdomains like “www” or “galleries”, and add .htaccess code:

SetEnvIf Referer \.collegefuckfest\.com GoFuckYourself=1
SetEnvIf Referer \.asstraffic\.com GoFuckYourself=1
SetEnvIf Referer \.allinternal\.com GoFuckYourself=1
SetEnvIf Referer \.mature-lessons\.com GoFuckYourself=1
SetEnvIf Referer \.wildpass\.com GoFuckYourself=1
SetEnvIf Referer \.promote-biz\.net GoFuckYourself=1

This code will create an environment variable “GoFuckYourself” with the value “1″. Following statements can now work with these marked requests:

RewriteCond %{ENV:GoFuckYourself} 1 [NC]
RewriteRule /* %{HTTP_REFERER} [R=301,L]

This redirects the request to its referrer, so if the bogus bot follows redirects, it will request a page from the spammer’s domain. Of course you can redirect to a static URL too:
RewriteRule /* http://www.example.com/gofuckyourself [R=301,L]

You could also use the environment variable in deny statements
order allow,deny
allow from all
deny from env=GoFuckYourself

but that will serve a complete page, and may produce an infinite loop. Deny as well as the similar RewriteRule .* - [F] enforce a 403-Forbidden. Then if you’ve an ErrorDocument 403 /getthefuckouttahere.html directive, the request of the error page runs into the 403 itself - this process calls itself over and over until it gets terminated after 20 or so loops.



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

German spammers banning all domains out there

If you receive an email in german language from Google’s Search Quality team (donotreply@gmail.com) telling your site was banned by Google for 30 days please don’t worry. That’s faked. Legit (similar phrased) emails must come from a google.com email address. If the hoax-email comes with an attachment, don’t save or open the attached file (zipped google_webmastertools.exe)!

Here is the email:
Entfernung Ihrer Webseite [domain] aus dem Google Index
The email looks pretty authentic, its style and wording are somewhat Google-ish. I speak German, hence I’m sure that gazillions of innocent Webmasters and site owners buy it and panic. Unfortunately most filters let the zipped attachment (google_webmastertools.exe) pass thru. I didn’t open it myself and I bet it’s not a bright idea to try it.

Google told me that Stefanie from the real Search Quality team over in Dublin will soon post a warning on the german blog.

Here is an original penalty warning in german language:
Entfernung Ihrer Webseite aus dem Google IndexThese emails are sent from donotreply@google.com without attachments.

Update 05/10/2007: Here is Google’s official statement (in german language) and the english version by Vanessa. The attached .exe is a joke, it executes cmd.exe c\:clear complete harddisc (Hoax.BAT.Small.a).

Update 05/11/2007: Because these emails are easy to mistake for authentic ones from the Search Quality team, Google temporarily discontinued sending them as they work on ways to provide more secure communication mechanisms. This update reads as if Google has stopped to send out penalty notification emails in all languages: “… as we’ve temporarily stopped sending emails about guidelines violations, you can safely assume that any email you receive isn’t from us. Note that we do provide information about some violations in webmaster tools.”.

Update 06/19/2007: German forums and blogs report another flood of these faked emails, and this post got tons of visits from searches for quotes from the email quoted above. Calm down, don’t panic: Google still doesn’t send out penalty notifications via email (in Deutsch). So please ignore the spam and refer to the diagnostics tab in your Webmaster Central account when you assume a penalty.

Update 07/18/2007: Google released the message center where site owners can poll for penalty notifications. They are still working on a safe solution for emails. Probably ‘-950/-30/-n penalties’ won’t get announced any time soon.



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

Spamming wannabe SEOs: SEO Affiliates, Cleveland, Ohio

Got this email from a site owner today:

I can put your site at the top of a search engines listings. This is no joke and I can show proven results from all our past clients.
If this is something you might be interested in, send me a reply with the web addresses you want to promote and the best way to contact you with some options.

Thanks in advance,

Sarah Lohman
SEO Affiliates
124 Middle Ave.
Cleveland, OH 44035

I told him long ago that he should dump that site if its affiliate earnings from MSN and Yahoo traffic drop too much, and now some spamming assclowns from Cleveland, Ohio guarantee a #1 listing for crap, sheesh. Here’s the polite reply:

I’m sure you’re joking coz being a that experienced SEO you should have noticed that this site suffers from Google’s death penalty for various good reasons since 2002.
Go figure spammer

Sigh. Off to submit a ton of my email addresses to the spammer’s idiot collector.

Tags: ()



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

Good to see Blogger.com cares about spam

Due to family issues I didn’t blog much recently. Today I tried to update an older post and got this

WARNING

This blog has been locked by Blogger’s spam-prevention robots. You will not be able to publish your posts …

A bit weird though, because I don’t run AdSense or other advertising, I’ve comment moderation on, and don’t post w/o entering the captchas. Probably my sidebar links have triggered a filter. Oh well.

What really bothers me is that Blogger tells me they’ll delete my blog if they don’t get a review request within 10 days or so. That could happen when I’m sick, traveling, or for tons of other reasons. Since they’ve my email addy, a warning by email would be suitable.

I’ve submitted the review request and look forward to reading the promised email reply from the Blogger team.

Update: A few hours later I got this email:

Hello,

Your blog has been reviewed, verified, and whitelisted so that it will no longer appear as potential spam. If you sign out of Blogger and sign back in again, you should be able to post as normal. Thanks for your patience, and we apologize for any inconvenience this has caused.

Sincerely,
Blogger Support



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

How to stop email spammers abusing contact forms

Recently some email spammers figured that my contact forms aren’t that safe and started relaying their spam through my machine. I’ve spotted the abuse late on a Saturday, as my inbox got flooded with cc’d emails and bounce messages. I forwared such an email to my hosting service and whilst I cleaned up my inbox they stopped the spammer. Awesome service, thank you National Net!

NationalNet support patched my PHP scripts
if (ereg(’^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$’, $email-from))
mail($email-to, $email-subject, $email-message, $email-headers…

and they sent me an email explaining what they did to stop the spammer within 15 minutes or so.

GrayWolf posts a similar case and recommends this helpful page with PHP code to stop header injection, there is more useful stuff in the manual’s comment section, and a great thread at WMW. I found that a combination of the NatNet patch and the tips provided there, plus a few custom add-ons like database lookups, should secure my email forms in the future. Next step is sending automated complaints to the spammers ISP.



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

Spam Clinic for German Web Sites

All the talk about Google banning BMW.de, Ricoh.de and other big non-US brands has inspired me to launch a spam clinic especially for german sites. Every now and then I stumble across a German SERP and I do not like what I see. Spam rules Google.de and I don’t get why Google has an 80% market share over there. I do speak German, so helping to clean up these cluttered SERPs should be a home match;)



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

Reporting spam to Google is a nightmare

Well, every now and then I do report a spammer, for example when I find my or a fellow SEOs articles on an AdSense driven Blogger-Splog, heavily and pretty much unrelated advertised in Google Groups and Google Base via a Google Mail account, and probably even visible on organic SERPs.

Google’s network of services allows spammers to make a living from Google alone, but on the other hand it doesn’t provide the victims with a consolidated spam report form.

Why can’t Google create an enterprise wide tool to report abuse?

[Omitted: the detailed description on how to report a spamming freeloader and plagiarist to all abused Google services in less than 2.5 hours]

Tags: ()



Share/bookmark this: del.icio.usGooglema.gnoliaMixxNetscaperedditSphinnSquidooStumbleUponYahoo MyWeb
Subscribe to      Entries Entries      Comments Comments      All Comments All Comments
 

« Previous Page  1 | 2 | 3  Next Page »