- This topic is empty.
-
Posts
-
Hi,
Every time I sign up for an affiliate program, I use a different email address so that I can identify the source of emails, for example when I signed up with RevenueGiants I used the address revenuegiants@’example’.com (domain changed for privacy)
Today I received spam to the address [EMAIL=”revenuegiants@%27example%27.com”]revenuegiants@’example’.com[/EMAIL] – the spam email does not appear to be from your company, it appears to be from CPAYS. I have never had any dealings with CPAYS, and they seem to have a bad reputation on this forum including a history of spamming. I do not know if the email was from CPAYS directly, or from one of their affiliates, but the question is : how did they find my email address which I have only ever used to sign up with RevenueGiants? The only 2 possibilities are that you have sold my email address, or you have a leak on your system that is allowing people outside your company to access your database.
The full email with headers is below, edited only to remove my domain and the link to CPAYS.
Regards,
JamQuote:From: – Sat May 24 20:57:23 2008
X-Account-Key: account2
X-UIDL: UID3809-1199193773
Return-path:
Envelope-to: revenuegiants@example.com
Delivery-date: Fri, 23 May 2008 16:20:28 -0700
Received: from mail.meyercomputer.com ([65.61.136.6]) by magellan.lunarpages.com with esmtp (Exim 4.68) (envelope-from
Received: (qmail 6440 invoked by uid 399); 23 May 2008 23:19:48 -0000
Received: from unknown (HELO mail26.meyercomputer.com) (66.216.127.26) by mail.meyercomputer.com with ESMTPM; 23 May 2008 23:19:48 -0000
X-Originating-IP: 66.216.127.26
Received: (qmail 32356 invoked by uid 2032); 23 May 2008 23:19:24 -0000
Date: 23 May 2008 23:19:24 -0000
Message-ID: <20080523231924.32355.qmail@mail26.meyercomputer.com>
To: revenuegiants@example.com
Reply-To: romana@ureach.com
From: romana@ureach.com
Subject: Hi VIP casino webmasterHi dear VIP casino webmaster!
We glad to inform your about our new gambling affiliate program.
Just for our VIP affiliates we provide 50 % rev share and up to 300€ Per player (deposit no needet!) CPA Program.
Just check this link (removed – link to adv.cpays.com)
Join,send traffic and make BIG money!
Sincerely ,
Vip casinos affiliate program team.
Interesting…I´ve had this issue before also but not with these particular companies. Will be good to see some sort of explanation for this one. The more I delve into the world of the web, the more sinister it gets.
Thank you for posting this, Jam. I received the same email. And now I know who sold them my email address.
Thanks, Revenue Giants! sneaky2.gi I’ll be pulling your links next week.
i got the same email…didn’t think that companies still resort to such “handy” tactics…
HONEST TO GOD NO LISTS WERE SOLD!!!
Thanks for letting me know I’m shocked!!! I’ll investigate in house immediately and so help me God if I will find a leak and the person responsible of it.. please believe me when I say we had nothing to do with it, and once I’ll find the guy responsible s/he will be in big trouble in the industry and I’ll make sure all forums and sites will know his full name and every details of him/her…
I will appreciate anyone that get this kind of invite to forwared those emails to me please, so I can find any codes. links or anything that can help me find this person…
if anyone knows anything else that can help me please let me know, and PLEASE ignore those emails!!! this is so embarrassing..
Thanks, Malci
I don’t know whether to laugh or cry… I also received the same email:
Original Message
From: romana@ureach.com [mailto:romana@ureach.com]
Sent: Friday, May 23, 2008 5:19 PM
To: malci@revenuegiants.com
Subject: Hi VIP casino webmasterHi dear VIP casino webmaster!
We glad to inform your about our new gambling affiliate program.
Just for our VIP affiliates we provide 50 % rev share and up to 300€ Per player (deposit no needet!) CPA Program.
Just check this link http://adv.cpays.com/index.php?xr1stofor
Join,send traffic and make BIG money!
Sincerely ,
Vip casinos affiliate program team.guys,
I’m a bit confused, I also have personal old affiliate accounts on other affiliate programs, from the days I was an affiliate myself and I received a similar email but from a different person, those that related to Revenue Giants were all from romana@ureach.com:flush:
but other emails I never used on RG I received from the below email address; just wondering if anyone received the same;
Original Message
Subject: Hi VIP casino webmaster
From: “Juliya Klimova”
Date: Fri, May 23, 2008 6:11 pm
To:and I registered that specific email address only at the following affiliate sites:
roxyaffiliates
europartners
bestcasinopartnerplease let me know, damn I will not sleep tonight… :cappy:
Malcithe first poster indicated he made email revenuegiants@hisdomain.com ,assume he has pattern to make new email per affiliate acct so if this is case the problem is with your database.
Hi,
I wrote the first post, and I would like to clarify that I do think RevenueGiants is a good company, their reputation here seems fine – that’s why I signed up with them.
For many years I have used a unique email address for every single site when I register, and in the past I have found numerous times that spam started being received at a unique address due to a programming ‘leak’ that allowed public access to a site’s database. For example, sometimes it is possible to login with one account, then manipulate the URL or the site’s cookies to gain access to information from other accounts. That was the case with a large webmaster forum that I was a member of, and when I reported it they just ignored the issue. So when I received this spam to my RevenueGiants email address, I reported the problem publicly in the hope that it is properly investigated – and it seems that Malci is doing this, so until further evidence comes to light I will give RevenueGiants the benefit of the doubt and continue using their program.
I will provide them with some additional information that could hopefully help if the problem was a leak, although it probably won’t be enough. Also, even if they are a good company with ethical privacy practices and a secure database, it doesn’t stop 1 rogue employee from making some money on the side… but that could happen to any company. In any case, thanks Malci for investigating.
Regards,
JamUpdate : I now believe a Russian hacker was probably responsible for the spam, most likely they are an affiliate of CPAYS. If you look at the URL in the spam mail, it appears to end with an affiliate tracking code ‘xr1stofor’, and a google search shows that a person using that ID is also posting on hacking forums, including offering some sort of casino database for sale – that doesn’t seem to be a coincidence. So most likely our email addresses are not intentionally being shared by RevenueGiants, but it seems very likely that their database has been accessed by this hacker. This may be due to poor programming on the site which could allow easy access (eg. manipulating the URL or cookies or similar ‘simple hacks’), but it may also be due to this person being a pro hacker which is much more difficult to prevent… Hopefully an investigation will reveal the extent of the problem.
Regards,
JamThanks for the additional info, everyone.
I will be leaving RG’s links up.
FYI, the email I received was from romana@ureach.com.
I hope Malci and everyone at RG can figure out what happened. Good luck, guys!
Thanks so much for the help guys, first of all we are now working hard on increasing the security on the site regardless, and checking Jam’s useful info as well.
thanks again for the faith in us, we will never damage our relationship with our partners affiliates, any additional information please let me know it will help a lot, many thanks Malci :hattip:an update,
I managed to track/trace the hacker steps, he managed to access only one page from Revenue Giants, which had the Birthday list, that list has many but not all affiliates email address.
the fields he got are:
1. username
2. date of birth
3. email addresswe checked it carefully nothing else was hacked, and the seeds we had there on birthday list were all received same emails were other not on birthday list didn’t receive an email so we verified our findings to be acurate.
I’m still upset but I’m also more relived now, it is only emails not other private info, they don’t even have names of the affiliates, so they didn’t manage to hack the database with more secure info. Anyhow, to feel better we still increased the security on RG site.
I hope you can understand it was only temporary bad luck on one page and nothing was done maliciously and it could happen to everybody, and the best thing I’m glad none of my team did it, it would have been devastating :shooter:
also, thanks guys for the help and understanding, as well those who PM me. especially Jam that gave me great guides to be able to track it down, I really appreciate it!!! :thumbsup::kisser:
Regards,
Malci :hattip::wink-wink
