A lesson in avoiding the question by Rakuten.com.

Twitter can be a great method for contacting a company for help with a problem. Often when I have a problem with some business that has a presence on Twitter I’ll take the time to compose a small rant in 140 characters or less and send it off into the Interwebs where I know someone associated with said company will see it. There’s a good chance I’ll get the help I’m looking for pretty quickly.

Twitter is also great for tweaking companies doing stupid things even when you don’t expect them to actually do anything to fix the problem. I did this recently with Rakuten.com. I bought something from them way back when they were still Buy.com and I’ve been getting daily emails about stuff they have on sale ever since. That purchase was easily 5 years or more ago and I’ve not been compelled to purchase anything from them in that time so I figured I may as well unsubscribe from the emails.

When I did I was notified that it would take 5 to 7 business days before the change would take effect. I blinked at the note and tried to figure out why the fuck it should take that long to unsubscribe me when signing me up was near instantaneous. Almost all the other online stores whose email ads I’ve unsubscribed from managed to do it within moments with maybe a couple saying a day or so. What the fuck was Rakuten doing that it takes 5 to 7 business days? This prompted me to send out this tweet:

It took them a couple of hours to notice the tweet at which point they replied with this:

I was amused by the fact that rather than answer the question they simply assumed I was an idiot who didn’t know how to unsubscribe from their email advertisements. So I sent the next two tweets in reply:

It took them a few hours, but they came back with this reply:

Well that’s reassuring I suppose, but it still doesn’t answer the question so I tried again:

I figured at this point they’d give up and it looked like they had, until about 26 minutes ago:

I’ve not bothered to reply again as it’s clear that they’re not going to answer the question. Probably because the person running their Twitter account doesn’t know what the answer is. I thought that maybe I could prompt them into saying that they were working to improve their system for a speedier result in the future, but no such luck.

Like I said, I didn’t really expect them to do much about the situation, but I thought they’d at least offer some sort of explanation for the lengthy delay. Maybe some poor sap has to look at each request and approve it? Maybe they have so many people trying to opt out of their emails and they have a shitty server that’s overwhelmed by the load? Maybe they’re hoping I’ll change my mind before it actually stops sending me emails?

Nope. It’s going to take 5 to 7 business days and fuck you for asking why.

SEB site notes.

Just a quick blurb to mention that I appear to have finally gotten rid of the malware that was randomly inserting Viagra spam into the entries. It took removing every single plugin except for Akismet along with every theme, turning off user registration, and reinstalling WordPress, but I’ve not seen the files show back up since so it appears to have worked.

Now I’m slowly adding plugins back in and watching to see if the spam returns. The podcasts should be playable once more as I put the Blueberry PowerPress plugin back in yesterday, but user registration is still turned off until I test the plugin that helps to cut down on bots making accounts. I had quite a few plugins installed so this will probably take some time and I’ll be evaluating alternatives to many of them while I’m at it.

In the meantime, if the spam starts showing up again be sure to let me know.

Anyone else seeing Viagra spam being inserted into SEB posts?

A user contacted me through ***Dave to let me know he was seeing extra content in SEB entries that didn’t look like it belonged there. He sent along a screenshot and a copy of the HTML source and, yep, there appeared to be extra paragraphs with spam links being inserted among the other text.

Here’s the screenshot:

Click to enlarge (ha!).

Awhile back there was some WP hacks going around (mainly through compromised plugins) that would insert hidden spam into a template that only showed up when you did a Google search for the blog in question, but otherwise didn’t show on the live site itself. This, however, appears to be something totally new.

I’ve checked SEB pretty thoroughly and it doesn’t appear to be anything generated here. The reader who reported the problem has since followed up saying that it only happens on his work laptop and not his personal machines at home. ***Dave also verifies that he doesn’t see it on any of his machines. I check SEB on a number of different PCs and smartphones regularly and I’ve never seen this happen so I’m assuming it must be something on the user’s laptop, but he says it only happens when he views SEB which seems oddly specific.

I can’t find anything on Google that seems to match this odd situation so I’m turning to you guys to see if anyone else has experienced this with SEB or something similar with some other site. Anyone else seeing this happen or know anything about a possible hack or virus that could cause it? Let us know in the comments.

SEB’s spam filter is being overly aggressive at the moment.

Not sure why, but for the past couple of days several comments left by SEB regulars have ended up in the Akismet spam queue. This happened for a couple days a few months back and then it settled down so I’m hoping it will do the same this time around.

In the meantime if you leave a comment and it gets moderated or tagged as potential spam don’t worry too much about it. I check in on the site throughout the day and I’ll get it approved before too long.

Mike Hickmon of besthomemadenergy.com is a comment spamming asshole.

This is going to be very long so bear with me.

A little under two weeks ago I got the following email:

Subject: Link spam issues
From: Mike Hickmon

les

You probably do not realize it but your site has spam linked my site with hundreds of links causing my rankings to drop.

can you please remove all of the links from your site pointing to my site:  http://besthomemadeenergy.com

sincerely
Mike

He’s right, I didn’t realize it as I can’t recall ever linking to a URL that at first glance sounds like it’s at best full of dubious claims and at worst a scam. So I did a few searches on SEB’s entries and comments and there weren’t any links to http://besthomemadeenergy.com to be found. So I sent back a reply asking Mike to supply me with a specific entry to look at as I wasn’t finding anything at all. Here’s the reply I got back:

Les

Go to:  http://siteexplorer.search.yahoo.com/search        and type in:  http://besthomemadeenergy.com

click on the inlinks button and this should come up:  http://siteexplorer.search.yahoo.com/search?p=http%3A%2F%2Fbesthomemadeenergy.com&fr=sfp&bwm=i

as regards to how the links got put there i am not sure, but it is hurting my rankings

Thanks for the mega fast response!

Mike

So I tried that and there are, indeed, several links to http://besthomemadeenergy.com from SEB listed there. Entries included one about a Spiderman comic, one about the fourth season of Doctor Who, one about Microsoft’s web-based version of Messenger, one about the PS3, and one about a true believer murdering an atheist. All of which were clean of any links to http://besthomemadeenergy.com.

There are other links from SEB back to http://besthomemadeenergy.com listed in that Yahoo! Site Explorer search and you have to go through quite a few of them before you find one where the topic might somehow have anything to do with energy production. I was at a loss as to why so many unrelated entries would be showing up in the search, however, as all the links were clean. Then a possibility occurred to me and I sent the following reply:

Mike,

I’ve checked every link on every page that shows up in your Yahoo listing. There aren’t any links in any of the content I’ve produced or that my commenters have left that point directly to your site.

The only thing I can think of is you must be using Google AdSense for your advertising in which case ads for your site may have popped up on SEB from time to time. For example at least one of the ads that popped up while I was checking was for http://www.power4home.com/ for reasons I cannot begin to fathom as the topic of the entry it was on had nothing to do with energy.

You probably need to check things out with Google AdSense. They probably have some way for you to define URLs you don’t want your ads to show up on. The links aren’t from anything I’ve put on my site so I can’t help you.

Les

At this point I was satisfied that I had done all that I needed to do. Mike felt otherwise:

Les

That is weird, i have nothing to do with google AdSense.  Well Keep looking to it.

Mike

Keep looking into it? To what end I wondered. It wasn’t really my problem in the first place and I was merely being courteous checking into it. OK, I have to admit I was also satisfying my own curiosity, but the point still remains that I have very little reason to give a shit if I’ve checked my entries and found them to be clean.

So today I get the following email in my inbox from Mike:

Les

I found out how this started.  I hire a guy from India to do blog posting and on 9/9/09 he posted to the below page.  you must have erased it which is OK but somehow i got 250 links from your site.  i don’t want to beat a dead horse but if there is anything that you can do i would appreciate it.

https://stupidevilbastard.com/index/seb/comments/guy_who_invented_the_super_soaker_has_a_new_high_efficency_solar_power_cell/

Mike

Holy jumping Christ on a pogo stick! This fucker just admitted he’s a comment spammer! OK, technically he’s not doing the spamming himself, but he is paying someone else to do it which is just as bad in my book. Without people like him there’s nothing for the comment spammers to spam. The reason so many entries linked back to his site is probably due to Yahoo! crawling SEB before I got around to removing the spam and the comment showing up in the recent comments side bar on every page Yahoo! hit.

I don’t know why this possibility didn’t occur to me beforehand, but I didn’t stop long enough to think about it. It was at this point that I took a look at http://besthomemadeenergy.com itself. It’s a small site consisting of links to other websites that are selling DIY energy creation kits such as solar panels and windmills with outrageous claims about how effective they are and how little they cost. Mike’s site includes “reviews” of each of the five sites he links to and, not surprisingly, they’re all rated five stars. Mike Hickmon is an affiliate parasite comment spammer.

It’s a simple concept: You find a bunch of websites that offer affiliate payments for every click you send them and then you set up your own website with said link backs and glowing reviews of the sites in question. Then you spam the living fuck out of every website you can in hopes your page rank goes up and generates enough click throughs to make you a millionaire for little real effort. It looks like Mike is making use of ClickBank which a lot of scam websites make use of for their affiliate programs. Not every affiliate program ClickBank handles is fraudulent, but it tends to be very popular with the people running hustles and they have enough people using them that I’m sure policing all the accounts has to be a nightmare.

Needless to say I was now pissed off and I sent back the following reply:

Mike,

So, in other words, you hired a spammer to spam a bunch of blogs and he picked one you don’t want to be associated with? I’ve got two words for you now: Tough Shit. You deserve what you get for hiring an unscrupulous asshole in the first place. Comment spam is something I am constantly cleaning up after and I have absolutely no sympathy for anyone who makes use of it. Here’s a suggestion: Stop using spammers to advertise your site and you won’t have to worry about which ones your link shows up on.

Not only do I not give a shit that it’s hurting your page ranking, but now I’m highly motivated to look into what you’re selling and see if it’s a scam itself and then writing a nice big post about it with links back to your site just to make sure the page rank is nice and high. You want links to your site from blogs? I’ll give you some links. I am literally stunned at the unmitigated gall you’re exhibiting here.

Les

A Google search for http://besthomemadeenergy.com returns some 67,700 websites that link back to it. A good portion of which is because they contain comment spam left by Mike’s Indian spammer. They made sure to hit any site they could find dealing with topics such as green energy or home improvement or do it yourself, but they also hit any site that so much as mentions in passing anything to do with energy such as SEB.

Of course there is a chance that the sites Mike is pushing on his affiliate parasite page are legit so I took a look at one of them. He ranks Earth4Energy as the number 1 best site so let’s check it out. Right on the front page we get the following in big bold type:

How to make your own solar panels for less than $200

Did you know? The cost of solar panels can be slashed by making them at home? You have probably read about it or seen it on TV, but have you tried it yourself?

“I made my own solar panel. It was simple and saved me a lot of money!”

Right there you should have a shit load of red flags waving and it should only get worse the further you read down the page.  If you’ve been to similar websites before then the pitch is very familiar. Lots of noise made about the cost of “traditional” solar systems for your home being in the $28,000 to $30,000 range followed by claims that you can make your own solar panels for $200. Testimonials interspersed between from people who claim to have made upwards of 2 panels for $100! Amazing! Eventually you get to the pitch for the “instruction kit” they’ve put together which they claim to sell for $246 but which you can get through a (supposedly) limited time deal of only $49.97! HOW AMAZING IS THAT?!?

It’s bullshit is what it is and they’re pushing it hard. If you try to close your browser or navigate away from the page it pops up a window pleading with you to reconsider that you have to close before you can leave the site. If you’re skeptical, like me, the next thing you do is type in earth4energy scam into Google. The very first link is to this page: RIPOFF REPORT: Earth4Energy Scam – Earth4Energy Review – Revealing the truth about the Earth4Energy product. Sounds like a skeptical look at the Earth4Energy claims, right? Except that it’s not. They don’t even try to maintain a skeptical tone for more than a paragraph and it’s clear by the time you get done with the page that this site is probably constructed by the same folks who own the Earth4Energy website. You’ll find several similar supposedly skeptical reviews such as this one at Ezine@rticles. Speaking of which: Has anyone seen an entry at Ezine@rticles that wasn’t spam of some sort? It seems to be a favorite of spammers as I’ve removed literally hundreds of comment spams that link to that site. So much so that I have since blacklisted Ezine@rticles completely.

As it turns out this is a technique for selling questionable products called Internet Saturation Marketing. The basic idea is that in addition to the site you’re selling your craptastic products on, you go out and register a whole bunch of other sites that you then use to make your craptastic product site look legit. In particular you want to snap up any variations on your sites’ name with the words “sucks” or “scam” added onto it to ensure any of your unsatisfied customers don’t get them first. Then you install a blog or a generic website that claims to be skeptical of your craptastic products and is surprised to find they really do work. Then you sign up with the ClickBank people so you can have an affiliate program that will help to spread your garbage even further. Even with all that effort it doesn’t take too long before you can find a few sites that are actually critical of Earth4Energy, but it really shouldn’t take much more than a read through of the site to determine this for yourself.

But all of that is getting away from my good buddy, Mike Hickmon. It seems trying to push DIY energy scams isn’t enough for old Mikey as I learned from his Twitter page. Mike’s been a very busy affiliate parasite with websites devoted to cats, fish, dogs, and pets in general all of which use a variation on “The X Whisperer” to cash in on the popularity of that particular phrase. You’ll just love the disclaimer he has for his pet sites. Here’s the disclaimer for his The Pet Whisperer site:

Pet-Whisperer.com provides articles and information for educational and entertainment purposes only.

Furthermore, by using this site, you agree that Pet-Whisperer.com cannot be held responsible – directly or indirectly, in full or in part – for any damages or losses that may be suffered as a result of taking action on the information published on Pet-Whisperer.com

You assume any and all risks associated with any actions taken as a result of reading Pet-Whisperer.com

Due Diligence

Pet-Whisperer.com provides “reviews” and “recommendations”, as well as outgoing hyperlinks for a variety of People and record finder products & solutions, including a direct link to the company’s website.

Every effort has been made to accurately represent the third-party solutions, products and websites referenced on Pet-Whisperer.com, and ongoing efforts will be made on a consistent basis to ensure that the accuracy of this information remains current and up-to-date.

However, Pet-Whisperer.com is ultimately not in control of any third-party company or website, and cannot necessarily guarantee that a given review, recommendation or opinion of a third party website or product is going to be accurate at any given time due to a number of factors, including – but not limited to – the third-party’s website hosting conditions, changes in ownership or staff, changes of the company’s policies or activities, and other unforeseeable factors.

Therefore, by using this site in any capacity, you agree that it is your sole responsibility to do your own due diligence in order to protect yourself prior to using any third-party (non- Pet-Whisperer.com) product, service or advice.

Pet-Whisperer.com is not responsible for any damages or losses that may potentially result by accessing/using a website URL published on Pet-Whisperer.com. You must do your own due-diligence when visiting another company’s website or using another company’s product.

In other words: “I know the products I’m helping other people to sell in hopes of garnering a few pennies in affiliate fees are probably bullshit that are most-likely harmless, but on the off-chance you kill your pet with any of them I put this disclaimer here so you can’t sue me. Yes I am ironically telling you that you should seek out information on whether the products I’m pushing are any good while at the same time putting out misinformation claiming that they are good and then covering my ass just in case they aren’t any good. Funny old world, ain’t it?” The disclaimer also lies in suggesting that it provides, and I quote, “a direct link to the company’s website.” Mike doesn’t provide a direct link as all his links go through the aforementioned ClickBank service. He can’t directly link to the company’s websites because he wouldn’t garner any affiliate fees that way.

Based on his Twitter page Mike Hickmon has dozens of affiliate parasite websites set up for all manner of craptastic products. I know they’re all his because he shows up in all the domain registrations I checked:

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: PET-WHISPERER.COM
Created on: 05-Jan-09
Expires on: 05-Jan-10
Last Updated on: 05-Jan-09

Administrative Contact:
Hickmon, Michael goebusiness@gmail.com
12019 herman dr
riverside, California 92505
United States
(951) 687-2129

I’m half tempted to give Mike a call and tell him how I feel about his business undertaking and comment spamming ways directly, but I think this rather amazingly lengthy blog rant is more than enough. I’ve made a point of linking to his http://besthomemadeenergy.com site repeatedly to ensure that Yahoo! and Google know that I’m linking to it. I think others should know about Mike Hickmon’s businesses and how they push questionable products. He’s not exactly a scammer himself, but he’s helping the scammers and cluttering up websites with spam in doing so. There’s certainly nothing illegal about what Mike is doing, but that doesn’t mean it’s legit.

So yeah, as you can tell, I’m pretty pissed off about this and I’ve spent probably way more time and energy looking into it and then ranting about it than I should have. However, if it stops one person from falling for the bullshit being pushed by assholes like Mike Hickmon then it’ll be worth it.

Spammers are now targeting sites with Wikis.

I’ve long ago gotten used to the near-constant comment, trackback, and referrer spamming that comes with running a blog—trackbacks got so bad I turned them off rather than have to clean them up every day—but now there’s two new tactics spammers have been using that are annoying as hell. Or at least they’re new to me.

First up is member account spamming. This is where they register an account on your blog and then put links to their sites in their member profiles and signatures, but they don’t leave any comments so you don’t necessarily see the links unless you check their profiles. SEB allows you to automatically register by responding to an email and then it sends me an email notice that you’ve registered. I’ve had to resort to checking every newly registered account to see if it contains spam links as I get the notifications. I only noticed this trend because some of the spammers use link-back checkers to make sure the member account exists and the hits to those accounts show up in my referrer log. It’s awfully strange to see hits on member accounts for people who have never left a comment on the blog. You have to admit that it’s a pretty clever way of circumventing the spam blockers most blogs run these days as member profiles aren’t typically checked and yet member lists are often crawled by Google.

The second method is even more annoying. It’s similar to the one above except that they don’t put any spam links in the member profile at all. Instead they target sites, like SEB, that have their own wikis setup. Any registered member can edit the wiki and wiki entries are not subject to spam scanning. So they register an account, activate it, and then go into the wiki and add pages in that look legitimate, but contain spam links. Just today someone registered an account and made a new “cetinionism” category page in the SEBPedia then used a copy and paste job from the Talk.Origins site to do a brief overview, followed by a link to another page within the wiki and then a link back to their “academic paper writing service” for “more information.”

The only reason I caught onto this is because some of the spammers pushed their luck by registering account names such as “AcademicStudy” and “WritingStudy” which are obviously spamish account names to begin with. When I didn’t see any spam links in their profiles I grew suspicious and started poking through the user activity log and noticed they all were editing pages in the SEBPedia. Sure enough when I checked the wiki whole new pages were in place that looked like a lot of work went into them, but which contained spam links. When I deleted the accounts the wiki pages went with them.

So if you’re running a system like ExpressionEngine and you’re using the wiki module (or you’re running a stand-alone wiki on your site) then you might want to examine your recent changes log to see if anyone is using it for spamming purposes. What boggles the mind isn’t that they’re clever enough to find new ways to spam your site, but that they’re still dumb enough to use account names that are obviously for spamming.

At least he was honest about his intentions…

I just deleted a comment spam that was refreshingly honest. Well, the spam itself wasn’t, but the website it linked to was. The comment, left by a “Frank”, was ironically put into a thread wherein I bitched about porn spam in the guestbook app that SEB once had in the past. His comment consisted of the following statement: “You are the very nice web site.”

I think it’s the first time someone has told me that I was “the very nice website” as opposed to having a very nice website. Clicking the link he left in the URL field took me to a single page website with the title “Dexeit”, which probably translates into something, but I have no idea what. It is this page that is refreshingly honest. The fellow behind it isn’t out to sell you anything or steal your identity or scam you in any way. All he wants is for you to give him your money:

Let’s share your money with me.

This is not charity.

Someone said that the Internet is the worst invention of the world, many people support the opposite instead.

Now on the Internet we can find everything.

I promise you that i will spend your spontaneous donations in the most creative and original ways that you can imagine.

For yours donations:  [link to paypal donation button removed]

Straightforward, honest, and efficient. I suppose it never hurts to ask. That didn’t stop me from deleting his comment spam, but I don’t feel the same animosity towards this guy as I do the usual comment spammers. If nothing else it made for a nice change from the usual spam.

Apparently I’m an “expert” on the topic of Hangnails.

Got the following bit of spam today:

From: Some Dumb Spammer
Subject: What are Hangnails?

Dear Sir/Madam,

[Dumbass Website Removed] is a popular question answer website. Some of our users asked the above question, and we think you are the domain expert who can provide a great answer to it. Can you help to answer the question or improve the current answer at the following link?

[Dumbass Website Link Removed]

Everyone has unique expertise. [Dumbass Website] is the place to share your wisdom, build your networks, and market yourself!

[Dumbass Website] Team

Who’d have thought that I would ever be consulted for my expertise on an issue of such critical importance as hangnails? It’s the moment I was born for! Let me rush off right now and answer whatever pressing question is at that site! Who knows? SOMEONE’S VERY LIFE COULD HANG IN THE BALANCE!

Spammers need a lesson in basic logic.

I don’t tend to get a lot of spam at work, but every so often one or two bits will get through the filters and catch my eye. Today I got one with the following subject line:

With all your faults she loves you still, cause you use right antiEDs.

It took me a moment to realize they’re selling some sort of erectile dysfunction product, probably a sham herbal supplement, as the choice of the word “antiEDs” had me wondering what Ed had done to have people selling products to get rid of him. Then I was caught by how it made no sense whatsoever: With all my faults she loves me still, cause I use the right antiEDs.

The first problem is that I don’t currently use antiEDs. In fact my sex drive is healthy enough that there are probably days my wife wishes I’d buy some proEDs instead. Then there’s the whole “cause you use the right antiEDs” bit. That doesn’t make any sense at all because if I’m using the right ones already then I obviously don’t need the ones these assholes are trying to sell me. Clearly they think I’m using the wrong ones because they’re contacting me about their product, but they want to appeal to my ego by telling me I’m smartly using the right ones even though that clearly makes their offer of an alternative pointless. Then there’s that whole “she loves you despite you being a total fuck up because at least you have a hard dick” thing which reduces me to being an otherwise total loser and her to being a shallow bitch who’s just happy to be getting boned regularly. I can see the girl talk already:

Girl #1: Why do you stay with your man? He can’t hold a job, he’s always getting arrested, and his B.O. strips the varnish off old furniture at 40 yards!

Girl #2: That’s all true, but he always gets a hard on when it counts! And you know its good to find a hard man.

Defensio Combo anti-spam module now available for ExpressionEngine.

The guys at Hop Studios have just released version 1.0 of their Defensio Combo module for EE. We’ve been testing it for awhile here at SEB and I’m happy to say that I like it better than Akismet. It makes use of the Defensio Anti-Spam service which not only learns from spam and flags it for moderation when it suspects a comment fits the bill, but also keeps track of how well it’s doing on your site and provides you with RSS feeds for tracking moderated comments.

It works more or less similarly to Akismet, but it gives a bit more control over how things are handled and a bit more feedback on how it’s doing. The guys at Hop Studios have been very enthusiastic about the development of this module and are looking to add even more features in the future (I’ve recommended an option that ignores comments from registered members). The module is free for use by anyone running EE 1.6.x so if you’re curious to see what it’s like then go download it and give it a whirl.