Make Money Online

Purveyors of malware and BlackHat SEO’s have been pulling in a great deal of headlines lately. It seems anytime something makes the news, there is a report of illegitimate web sites targeting keywords associated with the story to draw visitors into their malicious site. Earlier this month, I discussed how search poisoning is used to push malicious sites to the top of the SERPs. I figured a nice follow up to this would be a description of what the attacker does once he or she gets you to their site.

Drive-by downloads
The purpose of the search poisoning is usually to drive unsuspecting visitors to a malicious web site where the visitor’s computer downloads malware to their computer without their consent or knowledge.

A drive-by download , or drive-by installation, works by exploiting security vulnerabilities on the browser used to surf the Internet. A malicious web site is set up containing code that actively seeks out these vulnerabilities. When found, they send the visitor to a third-party server where the malware is silently installed on their computer.

Why the third-party server? Even attackers work hard to achieve these high page rankings, albeit through less than ethical techniques. Sending visitors to a third-party server means their ranked page can survive longer since it is not flagged as housing malware.

Examples
In the month of January, four headlines drew a large amount of interest from attackers. The rumors of actor Johnny Depp’s death, actress Brittany Murphy’s death, the earthquake in Haiti and the release of the Apple iPad all found themselves to be targets of a combined SEO poisoning/drive-by download attack.

In each case, the victim downloaded malware to their computer known as “scareware”. Scareware is used to frighten the victim into believing that their computer is infected with malware. In a panic, the victim purchases the advertised security software to clean their system. Selling bogus security software to their victims has been bringing attackers in around 15 million dollars a month. Not hard to believe when you consider that Consumer Reports estimates that 1 in 90 people fall for these scams.

While scareware is the malware du jour, it is not the only method of attack. Some sites install even less conspicuous malware onto their victims’ computers. Using Trojans, attackers can steal passwords, account information or create large botnets of zombie computers that they use to attack web sites, attack networks and spread spam. A prime example of this was when the Stadium for the Miami Dolphin’s web site was injected with a malicious code attacking those looking for Super Bowl information.

More to come
Just next month, the Winter Olympic games kick off and this summer, the World Cup will be in full swing. Security experts are already predicting these to be included in the next round of malicious keywords.

Protecting yourself from drive-by downloads can be tricky. It would be easy to suggest that people only visit well-known web sites, but that is counter-productive to the web. After all, what makes the web so great is the ability to find new and interesting sites.

Tools can be used to help identify sites that could be potentially dangerous. McAfee has introduced SiteAdvisor and Symantec has Norton Safe Web, but unless someone else has been infected by the site it does little to protect you.

The best solution to any malware is to run a legitimate anti-malware , or anti-virus for those stuck in the 1990’s, software on your computer that is updated frequently. Staying proactive is the only way to keep infectious files at bay.

The rest is here:
Drive-by Downloads on the Rise

Facebook announced on their blog that they will be partnering with security giant McAfee to help protect their 350 million users from malware by offering quite a few perks to registered users of the social networking site.

To begin with, each Facebook user will be able to use the McAfee security suite free for six months. After this period is up, they will be offered continued protection at a discounted rate. Additionally, they will be adding a great deal of security related content to their site to help educate their users about security related issues.

To round out their new security policy, users who have had their accounts compromised will be required to go through a remediation process where their computer is scanned for malware. Any infections found through this process will be cleaned before the user is able to access Facebook. This is an attempt to prevent further disasters such as the recent embarrassment from FCC Chairman Julius Genachowski’s  Facebook page being hijacked to send out spam to all his “friends”.

Getting the software

As a Facebook user, you can take advantage of this offer for the free six month subscription by logging into Facebook and visiting their security page. From here, click on the “Protect your PC” tab in the upper right hand corner. From here, you simply become a fan of McAfee and you can download the security suite.

However, before you can download this software you will need to provide a credit card because the subscription will automatically renew at the end of the six month period and charge you at a discounted rate, 30% of the standard McAfee subscription price. You can cancel at any time, but you will no longer be able to update the software with the latest signature files that identify malware.

Of course this is quite  marketing boon for McAfee with Facebook handing them truckloads of potential customers on a silver platter.

Secure computing?

Elliot Schrage, Facebook’s VP of global communications, marketing and public policy made the statement that, “Keeping the Internet secure requires that users, security vendors and Internet companies all work together.” Nothing could be further from the truth.  Although I do think that Facebook has made great strides towards holding the user accountable for making sure that their computer does not infect, or attack, others. So in a way, my hat goes off to them.

Unfortunately, Facebook hasn’t been completely unscrupulous with their user base when it comes to protecting their personal content. It wasn’t too long ago that the terms and conditions were rewritten to state that Facebook could use any content on their network in any way they saw fit. This was quickly amended when their users revolted, however just recently they opened up their users’ lives again by permitting Google to search the status updates of public profiles. Again, they found themselves backtracking.

So while I applaud their efforts to make the Internet a safer place, the requirement to scan a computer as part of the remediation process is a cause for concern. True, I don’t want someone spreading malware and spam over a network of over 300 million people, but I also don’t want to put more power in the hands of a company whose track record for user privacy hasn’t quite been exemplary.

See the original post:
Facebook Teams with McAfee, Offers Users Security

I got a new computer last week. I burned out yet another laptop. I seem to ride the curve of Moore’s Law.

In setting up my computer, I took the easy way to speed it up and downloaded the Google Pack for Windows 7. It includes Spyware Doctor with Anti-Virus by PC Tools. Cool. We all need protection from spyware.

I was sitting here working when my computer made the sound of an alarm. Uh oh, what’s wrong?!? Spyware Doctor with Anti-Virus is warning me about some serious threats on my computer. There are 22 infections categorized as Application.TrackingCookies and 1 far worse Spyware.Known_Bad_Sites. Are you ready for a chuckle… the bad site was cc-dt.com. Yep, Google had me download software that blocks the cookies from Google’s own Google Affiliate Network.

Stop the Madness

I know that some of the affiliate networks have tried to get their tracking cookies taken out of spyware. I certainly hope that Google will jump on the bandwagon and get PC Tools to remove the domains not only for its own network but also for other affiliate networks.

View original here:
Google Affiliate Network and its Spyware

In a recent post I commented on how I believe that Kapersky Labs is wrong when they claim that the amount of fake anti-virus software will decline in the upcoming year. Malicious hackers show no signs of leaving behind the BlackHat SEO techniques that made them rich over the past few years.

Riding the news story of Brittany Murphy’s untimely death just weeks ago, attackers immediately began crafting rogue websites that contain malicious scripts used to trick the visitor into believing that their computer is infected with dangerous malware. This tactic, known as Scareware, frightens the visitor into purchasing anti-virus software or other malware removal tools from the attacker. Of course, this anti-virus solution is bogus and at times the credit card used to purchase the software is often stolen by the attacker as well.

Search Poisoning
To successfully implement this attack, the malicious hacker needs to first draw visitors to their illegitimate site. Using a BlackHat SEO technique known as Search Poisoning, the attacker’s site is pushed to the top of the search engine page rankings. According to Websense, a search for “Brittany Murphy death” returned several malicious links within the top ten results as a result of this technique.

To achieve such a high page ranking, attackers make use of comment spam from legitimate sites such as blogs, comment spam on forum posts and other tricks like back linking. To further enhance their results, many scrape the latest content from legitimate news sources hiking their ranking and fooling visitors into trusting them as a news provider.

Don’t Become a Victim
In mid-December, the Federal Bureau of Investigations addressed this problem by putting out a press release describing how this attack works and what people should do if they encounter scareware, or malvertising as the FBI calls it.

·    Run legitimate anti-virus software on your computer
·    Keep virus definitions and/or signature files up to date
·    Only install software from trusted sources
·    Do not give your personal or financial information to anyone without knowing exactly who it is
·    Report scareware sites to the Internet Crime Complaint Center (IC3)

How it Hurts
Of course, search poisoning hurts by pushing legitimate sites down further in the page rankings. Organizations who work hard at producing quality content are hardly noticeable when their keywords become the target of this technique. In the long run, search poisoning and other BlackHat SEO techniques are going to continue to damage the trust people have in smaller online publishers. While Mashable, TechCrunch, Huffington Post and the other giants may not see much more than a dent in their level of trust among readers, new blogs and websites may find that in addition to fighting for traffic, they will be fighting for legitimacy among visitors.

With the upcoming Olympic Games and another year of sensationalized news stories around the corner, we can only assume that these attacks will escalate, especially when the FBI claims that over 150 million dollars have been spent on bogus anti-virus software. To that end, we can also expect the search engines to look at ways to prevent attackers from working their way to the top of the rankings. With increased scrutiny from both visitors and search engines, publishers need to make sure that the SEO campaigns they employ are both legitimate and ethical. Skirting the boundaries of BlackHat techniques could wind up backfiring once the algorithms and visitors begin to look twice at sites that spam for traffic.

Read the rest here:

In a recent post I commented on how I believe that Kapersky Labs is wrong when they claim that the amount of fake anti-virus software will decline in the upcoming year. Malicious hackers show no signs of leaving behind the BlackHat SEO techniques that made them rich over the past few years.

Riding the news story of Brittany Murphy’s untimely death just weeks ago, attackers immediately began crafting rogue websites that contain malicious scripts used to trick the visitor into believing that their computer is infected with dangerous malware. This tactic, known as Scareware, frightens the visitor into purchasing anti-virus software or other malware removal tools from the attacker. Of course, this anti-virus solution is bogus and at times the credit card used to purchase the software is often stolen by the attacker as well.

Search Poisoning
To successfully implement this attack, the malicious hacker needs to first draw visitors to their illegitimate site. Using a BlackHat SEO technique known as Search Poisoning, the attacker’s site is pushed to the top of the search engine page rankings. According to Websense, a search for “Brittany Murphy death” returned several malicious links within the top ten results as a result of this technique.

To achieve such a high page ranking, attackers make use of comment spam from legitimate sites such as blogs, comment spam on forum posts and other tricks like back linking. To further enhance their results, many scrape the latest content from legitimate news sources hiking their ranking and fooling visitors into trusting them as a news provider.

Don’t Become a Victim
In mid-December, the Federal Bureau of Investigations addressed this problem by putting out a press release describing how this attack works and what people should do if they encounter scareware, or malvertising as the FBI calls it.

·    Run legitimate anti-virus software on your computer
·    Keep virus definitions and/or signature files up to date
·    Only install software from trusted sources
·    Do not give your personal or financial information to anyone without knowing exactly who it is
·    Report scareware sites to the Internet Crime Complaint Center (IC3)

How it Hurts
Of course, search poisoning hurts by pushing legitimate sites down further in the page rankings. Organizations who work hard at producing quality content are hardly noticeable when their keywords become the target of this technique. In the long run, search poisoning and other BlackHat SEO techniques are going to continue to damage the trust people have in smaller online publishers. While Mashable, TechCrunch, Huffington Post and the other giants may not see much more than a dent in their level of trust among readers, new blogs and websites may find that in addition to fighting for traffic, they will be fighting for legitimacy among visitors.

With the upcoming Olympic Games and another year of sensationalized news stories around the corner, we can only assume that these attacks will escalate, especially when the FBI claims that over 150 million dollars have been spent on bogus anti-virus software. To that end, we can also expect the search engines to look at ways to prevent attackers from working their way to the top of the rankings. With increased scrutiny from both visitors and search engines, publishers need to make sure that the SEO campaigns they employ are both legitimate and ethical. Skirting the boundaries of BlackHat techniques could wind up backfiring once the algorithms and visitors begin to look twice at sites that spam for traffic.

Read more:

In theory, URL shorteners make perfect sense in the world of the 140 character status update popularized by Twitter and used heavily by other social networks. It is commonly accepted that shorter headlines and copy tend to have greater pull with the average user than their longer counterparts. At the same time, URL shorteners could be the Achilles Heel that brings about Facebook’s downfall.

But first a brief lesson on how URL shorteners work. By truncating an otherwise lengthy 200 character URL into a short, compact 40-50 character string,  these tweets, short messages, and micro blog updates have more room for other useful stuff, like emoticons or tags.

As an example a possible message over Facebook’s private message system might look like:

Is this you? What happened to your clothes? http://tiny.url/example.

This has increased the ease with which users direct each other to their favorite content. Such tools have become commonplace with Twitter adopting the use first of Tiny.url and currently of Bit.ly. Even Google has gotten into the game with its own shortner.

Now here is where the trouble starts. Enterprising (or dastardly, depending on your point of view) URL shortener marketers have resorted to coupling linkbait-style snippets with links to malware sites. Clicking on a link can send the user to a page where malware, a trojan, or a virus is installed on the user’s computer.

The result? You might get an ad for colon cleansing, a business opportunity CPA offer, or an offer for a free Apple iPhone, courtesy of your friend, or even your BFF. Or you might end up infecting your computer with something more malicious like a keylogger. With a chain reaction of malware installs and redirects to CPA offers, it’s not too cynical to imagine a RTM (Robert Tappan Morris) style worm infection spreading hyper virally through the uber-connected social networks.

The best or worst part of the deal? The user unleashing this worm across their social network might have no idea of the havoc they’ve unleashed. That is, until they receive a torrent of angry wall posts and messages from their former friends. This scenario has played out frequently on Twitter recently as user’s profiles are targeted through phishing shortened urls.

Facebook users are particularly vulnerable to this form of attack as many may be fairly young, use Internet Explorer as a default browser, and fail to install security updates and operating system patches regularly. With Facebook currently testing its own url shortner, the potential for problems on the heal of its Scamville issues seems quite real. While the damage caused by malware distributed via Facebook messaging appears to be limited, having the problem escalate may result in the mass exodus of users as seen with MySpace a couple of years ago with its rampant bulletin spam.

More importantly, since one of the primary distribution centers for the recent flood of malware infections appears to originate via Facebook’s personal messaging and real time chat system, couldn’t the social network screen and whitelist or blacklist suspicious URLs, especially if multiple users are distributing the same URL?

The immediate fix for this is for the end user to practice security management policies when they come across a URL shortened link on a social network, even if it comes from a trusted party. Using a URL shortener preview tool like PrevURL at least gives an idea of the destination URL. The rule? If in doubt, don’t click.

The rest is here:
Boom in URL Shorteners Equals Boom in Malware and Spyware

According to the researchers at Kapersky Lab, the scope of threats computer users will face in the new year seem to be shifting from web applications to file sharing and peer-to-peer (P2P) networks. Of course, some of the newer trends in computing don’t get off easy in this report. Exploiting smartphones like the iPhone and Android will likely be a continuing trend and attempts to find vulnerabilities in Google Wave are predicted to be the challenge that faces malicious hackers.

Looking over their predictions there are some that I expected to see and others that I was shocked by. While the predictions are taken directly from Kapersky Lab’s press release, the commentary that follows represents my own opinions towards them.

A rise in attacks originating from file sharing networks

Exploiting the network itself is actually a brilliant thought and really shows how clever most attackers are. For years, people have known that files shared on these networks are laden with malware, but now malicious hackers are taking this a step further actually launching attacks by exploiting not the files but the actual network itself. Firing up Kazaa can now bring the FBI to your door and an attacker to your Windows.

An increase in mass malware epidemics via P2P networks

Right from the start I was surprised by this statement. For years, security experts have warned people about the dangers of file sharing on sites like Kazaa and Torrent. My shock comes because most people outside of the IT field that I talk to avoid Kazaa and similar sites like the plague because of all the malware that is transmitted through them. While 2009 saw some nasty malware spread across file sharing networks, this is one area I think the researchers from Kapersky are stretching the obvious with this point. Will there be increased malware? Of course, but every year the number of incidents has increased. But I don’t think that there will be any more malware spread over these networks that we already see.

Continuous competition for traffic from cybercriminals

The way this was described by Kapersky was that cybercriminals will turn towards grey areas of income as a result of their armies of botnets. Profits from spam and Denial of Service attacks are expected to increase. I wouldn’t be surprised if these botnets are used to help unscrupulous publishers drive up traffic stats as well. This whole scam is best compared to the garbage routes that earn “legitimate” income for some people.

A decline in fake anti-virus software

This is all over the place currently and I don’t see it slowing down. Especially when some estimates place the monthly income from these scams at close to $11,000 per day.  The rationale behind the prediction is that not only is the market saturated, but that security professionals and law enforcement are starting to watch for these types of scams.  However, due to the potential for high profits and the average computer users’ inability to reliably detect scams, I suspect that this type of software scam will continue into the near future, regardless of increasing levels of monitoring by security.

An interest in attacking Google Wave

I couldn’t agree more with this statement, especially with the strategy Kapersky foresees attackers using: “first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.” Somehow, spammers have already wormed their way into the beta testing and some of their handiwork can be found in some of the public waves out there.

An increase in attacks on iPhone and Android mobile platforms

I see this as a goldmine for attackers in the near future. Already jailbroken iPhones are susceptible to data theft as a result of an SSH vulnerability and Nicholas Seriot, a Swiss software engineer, showed the world how easy it was to build an app that could exploit the device. The Android won’t fare much better as even Rich Cannings, an Android Security Leader, has spoken about how millions of users can be easily hit by a malware attack.

Looking over this list, I think that if I had to choose one of the six  to put money on it would be the last one. As the smartphone market expands, the potential for vulnerable devices proportionately increases as does the potential increase in profits for the hacker.

Continued here:

Recently, the web was abuzz with reports of iPhone vulnerabilities that surfaced after it was found that jailbroken iPhones changed the root, or administrator, password to the phone’s Secure Shell, or SSH. As a result, someone could connect to the jailbroken phone using a remote access tool and basically have the ability to see and steal anything stored on the device. Of course, this exploit only affected those who applied the jailbreak to their phone. Those still running the official Apple code were thought to be safe.

However, a presentation (pdf) by Swiss iPhone developer Nicolas Seriot shows that even iPhones that have not been jailbroken are still at risk of malware infections from apps purchased directly from the iPhone app store. To show this, Seriot created a proof-of-concept app called SpyPhone to show how attackers could invade users’ privacy. This app compromises a user’s private data using only officially sanctioned Apple APIs. It makes use of no hacking techniques and no links to a user’s Facebook or Twitter account. In his presentation, Seriot went on to explain exactly what a rogue developer could do with a malicious app:

• Gain access to the address book with the ability to steal entries and even modify entries without the user’s knowledge
• View the browser history and YouTube searches much like traditional spyware does
• Steal account information and user passwords from keyboard cache records
• View the stored screenshots used to produce the iPhone’s famous 3D transition effect
• Guess your location by tapping into the GPS and geotagged photos on your phone

While Apple thoroughly checks each app before it is approved for the store, Seriot went on to further explain that by using simple encoding techniques and encryption, it would be quite easy for a malicious developer to disguise the payload from the reviewers.
What can be done?

Since the iPhone and the app store are such huge money makers for Apple, you can guess that this summer’s release of the iPhone’s OS 4 security concerns will top the list. Additionally, you can probably expect more to be done by developers to encrypt stored data used in their apps, and to overwrite any data that is no longer in use to prevent it from being accessed. While the community would hope that these changes would come out of a sense of responsibility, Apple will most likely be looking at ramping up security efforts from the third-party developers as a result of being in the news twice for security concerns. In the mean time, as an iPhone user, you can do the following to protect yourself:

• Research the developer of any apps you purchase. Visit their web site and poke around a bit. Make sure that they are legitimate.
• Keep an eye on your phone. If you notice anything out of the ordinary, take it in and have it looked at.
• Clear the browser cache frequently. You can also clear your keyboard cache using the Reset keyboard dictionary utility. If this is done often enough, it may help overwrite any stored screenshots as well.

Download the source code for the SpyPhone project at social coding collaborative development site github.

Read the original:
Jailbreak Shows iPhone Apps Vulnerability

According to a recent report from the US Computer Emergency Readiness Team (CERT), spammers have exploited the recent H1N1 epidemic with a series of spam emails tricking unsuspecting users to visit a bogus site that mimics the Center for Disease Control’s (CDC) homepage. Clicking the link downloads a Trojan horse by the name of Zbot, or Zeus. This bot Trojan then hijacks the infected Windows computer and uses it to attack others by sending out more spam.

Even those who don’t click on the link are subject to infection. According to AppRiver security researcher Troy Gill, the site also includes an IFRAME element that exploits known vulnerabilities in Adobe Software. This hidden element contains the attack code that can exploit Adobe Reader and Flash Player vulnerabilities to infect the target computer.

The reach of the outbreak

When computers began flooding email inboxes with the spam on December 2nd, the messages were being sent at an average of 18,000 per minute. This comes to a little over 1 million messages being sent over a one hour period. Since then it has slowed to about 9,500 messages sent per minute, but it remains the predominant campaign being run right now.

Protecting yourself

It was only a matter of time before someone capitalized on the recent scare surrounding H1N1 and the lack of vaccinations available. To protect your computer, avoid any email with the subject line that reads, “State Vaccination H1N1 Program,” “Government registration program on the H1N1 vaccination,” or “Create your Personal Vaccination Profile.” Over time, the chances that these subject headings will change are certain, just remember that the CDC does not require registration for the H1N1 vaccine, nor will registration with the CDC help you receive the vaccine any quicker.  Note: for more information on the H1N1 flu virus and the vaccinations provided by the CDC, go here.

Zbot profile

Also called Zeus by some security vendors, the Zbot Trojan compromises computers running the Windows operating system and joins them to the Zbot botnet. At over 3.5 million computers, it is currently the number one botnet for malicious activity. Crafted from a toolkit designed to create malware, Zbot is the same malware that was used by a British couple accused of stealing banking information and passwords.

If you suspect your computer has been infected, Zbot can be removed by most anti-malware programs with updated definitions and/or signature files. For more information about malware removal, go here.

Source:
H1N1 Infects with More Than a Virus

I recently wrote about the fact that reviewing is becoming the new advertising. I made the point that reviewing is part of a trend towards transparency: these days consumers want to know all about companies and their products and consumers are anything but shy when it comes to providing their input and feedback.

Well, the ultimate prize for feedback was awarded on September 21, when Netflix gave a group of seven people $1 million for a crowdsourced solution that beat the performance of Cinematch, the company’s own customer recommendation engine. Three years ago, Netflix launched the contest, offering the generous prize to the winner who could beat Cinematch by at least 10 percent. In late June, according to The New York Times,
a multinational team of seven data wonks calling themselves “BellKor’s Pragmatic Chaos” surpassed the 10 percent goal.

Why should we care? Because Netflix, instead of wearing “Not Invented Here” blinders, solicited its users and offered to pay handsomely for a better mousetrap. In essence, Netflix bought a major product development project from an outside group of users. They gained valuable insight from their base, and Netflix will now reap the rewards and directly impact the customer experience.

As The Times story points out:

“The Netflix contest has been widely followed because its lessons could extend well beyond improving movie picks. The researchers from around the world were grappling with a huge data set – 100 million movie ratings – and the challenges of large-scale predictive modeling, which can be applied across the fields of science, commerce and politics.

The way the teams came together, especially late in the contest, and the improved results that were achieved suggest that this kind of Internet-enabled approach, known as crowdsourcing, can be applied to complex scientific and business challenges.”

Until now, crowdsourcing has been limited to relatively minor commercial ventures, such as designers submitting logos or t-shirt designs. But the Netflix experience moves crowdsourcing up into the stratosphere. Netflix is so happy with the results of their first crowdsourced solution that the company is launching another contest.

Today, reviewing may be the new advertising, but tomorrow, crowdsourcing could be the new product development. Reviewing, crowdsourcing, whatever it is… In the end, it represents the ultimate in consumer empowerment.

View original post here:
From Reviewing to Crowdsourcing

Lots and lots of posts around about the FTC shutting down known spam, botnet, child pornography, fill in bad stuff, hosting provider Triple Fiber Network (3FN.net), aka Pricewert LLC, APS Telecom and APX Telecom, yesterday affecting 15,000 websites. The FTC said they were actually advertising their services in the dark under belly of the internet, hosting vast quantities of illegal, malicious, and harmful content, including child pornography, botnet command and control servers, spyware, viruses, trojans, phishing related sites, illegal online pharmacies, investment and other Web-based scams, and pornography featuring violence, bestiality, and incest.

While this is great, the more trouble we can cause these guys the better, what does it really mean to these guys? Servers are already popping back online, many sites are already backup at other providers and 3fn themselves say they will be back online in hours or days, so it won’t be long until things are running smoothly for them again, and as has been mentioned, there’s been no noticable dropoff in spam, so while they’ve taken off the head, the body still functions, as far as the spam and botnets go. What is needed is criminal prosecutuion as is mentioned at Security Fix.

“It could be that other law enforcement organizations are using the FTC as a front in order to obtain evidence for later criminal prosecutions,” Rasch said. “What’s interesting about that approach is that in order for these guys to get out from under this court order, they’re going to have to show that they’ve taken steps to clean up their act. But if there is a criminal investigation ongoing against 3FN, then anything their operators say in trying to convince a court to lift the order can and will be used against them later.” Source: FTC Sues, Shuts Down N. Calif. Web Hosting Firm

But how hard would that be? You’re talking tracking em down, extradition, lots and lots of work. What needs to happen is for the FTC to start fining merchants who profit from spam and spyware, they should no longer accept ignorance as an excuse and fine them. After so long, a month or two, fine them again at quadruple the rate, or whatever, and so on until it’s no longer profitable for any of them.

Another possibility would be to fine the networks for allowing the spammers in and promoting them to the merchants. Or that could be a lawsuit from the merchants after they have been fined heavily. I don’t care, it doesn’t matter how it’s done as long as the money dries up.

Excerpted from:
Spammers, Botnets, Child Pornography, Oh My

Last summer, CJ settled a Malware class action lawsuit for $1M.  According to the terms of the settlement (see www.cjsettlement.com) after the lawyers take their share (typically 30% I think), the remainder of the class action fund was to be split 70% to CJ publishers and 30% to advertisers, prorated based on the commissions generated between April 20, 2003 and July 22, 2008.

If you are a publisher who generated commissions during that time, you should log into your CJ account, click on the repots tab, and look in your Current Balance for Februrary, 2009.  There you will see a credit amount listed under fees.  That is your share of the pie. 

Don’t spend it all in one place

Original post:
CJ Class Action Settlement Payements Made on Feb 9th, 2009

“You can’t put the genie back into the bottle” or so says the idiom. The issues surrounding adware have certainly been a “genie” for affiliate marketing.  We may have the opportunity to see if that genie really can be put back into the bottle, at least for a sub-set of adware applications, toolbars.

Yesterday Brian Littleton, CEO of ShareASale, announced a Toolbar Roundtable Discussion for next Tuesday.  The purpose is to receive input from the community for establishing guidelines for toolbar behavior within the ShareASale network.  This is a shift from the historical policy of ShareASale which has not allowed software in the network. Not unexpectedly, there is some heated discussion around the announcement in the ShareASale Forum on ABestWeb.com.

Many people mistakenly think that I am opposed to adware. This isn’t the case. Adware is just technology, which isn’t inherently good or bad. It’s just technology…ultimately a bunch of 1’s and 0’s strung together to elicit preplanned behavior from the computer of the end user.

What I have opposed over the years is the manner in which many adware applications generate revenue in the affiliate marketing channel.
I have been exceedingly frustrated at times by technology being abused to the point of causing schisms within our industry and stigmatizing the technology itself which, in reality, could have been positive for the affiliates, merchants, networks and consumers it was meant to serve.  On more than one occasion I have stated that adware does not have to be an issue within affiliate marketing.  For years now I have worked outline a model for adware behavior. Not once have I been asked the details of that model, at least until now.

My view is broader than just toolbars. I personally feel that it is possible for any adware application to be respectful of the rights of other internet businesses, benefit the consumer, and generate legitimate revenue, directly and/or indirectly, in the affiliate marketing channel. I now have the opportunity to share some of my views and thoughts on how this can be achieved.

There is a glaring reality that we cannot afford to overlook: the technology is here and it’s not going to suddenly go away. The genie isn’t going to just disappear. My contentions have been with the policy, both written and how acted upon in reality, for how adware is allowed to behave in the affiliate marketing channel. My mantra is behavior, behavior, behavior (to the point I get tired of hearing it myself!) not toolbar, widget or desktop app. I don’t have a problem with Google’s toolbar, but I do have a problem with most software generating revenue through the affiliate channel.

To this point, there has been two primary types of policy by networks and merchants regarding how affiliates can use software in the affiliate channel: not allowed at all (the parasite-free policy) or allowed under a set of conditions that are far less restrictive for affiliates than marketing through other means (the COC/Addendum policy). I have always been opposed to the COC/Addendum policy because I feel it allowed revenue generation that facilitated unfair competition and diminished the overall value of the affiliate channel. I have longed for a working policy (policy that is actually being used) that would address how software can be legitimately used within the affiliate channel sans all the controversy. Indeed, I strongly believe it is critical that our industry be able to produce such a working policy.

Why? So we can demonstrate our ability to self-regulate and foster the healthy growth of our industry. All established industries need to demonstrate this ability for long-term success. To this point, I don’t think we have been able to demonstrate an ability to effectively self-regulate the very technologies our industry depends upon. Affiliate marketing is a technology business after all.

There are currently various technologies used by affiliates in their marketing efforts.  Web sites, email, video, widgets and many other forms of technology are common.  Guidelines for acceptable use have been established for promotion though most of these technologies. Granted, there may be an occasional debate regarding a new way these technologies are used, but none have been as problematic as downloaded software. Nor has a policy of all or nothing been applied to defining their use by affiliates.

Any and all of the technologies used by affiliates can be potentially abused. Questionable revenue generation tactics as well as more malicious behavior can occur through any promotional method. We certainly don’t say that affiliates cannot use web sites, email, and video or social media technology as promotion mechanisms because the technology can, and at times is, abused. Of course we don’t! We set guidelines and then we work towards enforcing those guidelines.

Enforcing a policy for toolbars will not be without its own challenges. But all monitoring of promotion comes with unique challenges. There are millions of web pages, owned by the affiliate or by someone else, where bad behavior can occur. However, once policy is established for promotion through a web site, protocols for monitoring are developed.

While practices may not always be policed by some companies to the degree some desire, we all understand that ultimately it’s a matter of survival for our livelihoods to have a certain degree of self-regulation within these technologies.

The landscape has changed dramatically since 2002 when the COC/Addendum policy was released by the major networks of the time. There is no longer a huge cost barrier for any affiliate having downloadable software and there are several sources for acquiring your own toolbar for free or at a very low cost. Distribution channels are available that do not require bundling, especially for toolbars. This has resulted in literally tens of thousands of toolbars available for download.

Of course, not all of these operate within the affiliate channel, but there is an increasing number which do. Toolbars can engage in a very wide range of behaviors. I don’t feel that a global policy of   “X is not allowed” to be an adequate manner with which to address issues facing our industry in regards to a technology that is not going away.

Brian Littleton has outlined a starting point  on the ShareASale blog for this policy discussion. As someone who has always focused on how adware can behave with regards to revenue generation, I am intrigued by his initial points. He appears to be envisioning toolbar technology used as a marketing vehicle versus a customer service vehicle. Marketing practices would use the toolbar for direct revenue generation, which is the most common use seen to date. Customer service would involve behaviors focused on the consumer experience, thus building branding, loyalty, and visitor retention for the affiliate’s own business. This form is a more passive marketing of the affiliate’s own business and does not tie the toolbar directly to  the affiliate link for tracking a commissionable sale. While I still believe software can behave “nicely” and be used for more direct revenue generation, I find Brian’s outside of the box thinking on this issue very interesting.

We need to show that we are up to the challenges of regulating the very technologies used to enhance and bring value to the affiliate channel. I’m excited to see a company with a track record and reputation as established as ShareASale’s stepping up to the plate to undertake the task of presenting meaningful policy in regards to toolbars. I look forward to having a policy in use that I can point to as an example of how software technology can be used in a harmonious and productive manner.

Will ShareASale be able to put the genie back into the bottle? I don’t think the technology can go back into the bottle. But can we have the benevolent genie? I think so. The real challenge will be whether or not ShareASale can overcome the stigma that has become attached with downloaded software, turning what has been somewhat of a black eye for affiliate marketing into a positive.

I will definitely be at this Roundtable that Brian has facilitated. I encourage any and all who care about the policies driving our industry to attend as well. I’m hoping to see as many merchants as affiliates in attendance as this is not an affiliate issue but an industry issue which impacts all parties in the equation.

Read more from the original source:
Putting the Genie Back Into the Bottle

I am not a prude by any means. Janet Jackson’s Super Bowl “malfunction” did not shock me. However, the porn photos masquerading as profile pictures for porn spammers that Yahoo allows into MyBlogLog I do find irritating.

The thing is I have to admire their ingenuity. Yahoo states quite clearly that “spam” in their opinion is solely tied to email messaging. It is not tied to profile pictures. So what does a smart spammer do? Create a robot that while active in MBL visits several hundred blogs. Thus their promotional picture shows up on the MBL widget for that community as a “reader”.

Now it would be a different matter if the site was listed as being open to adult content. However this problem occurs on sites, like here at Revenews, which are not listed as open to adult content.

An email to Yahoo’s Customer Service has gone unanswered for three days. Not surprising since Yahoo is notoriously bad when it comes to cleaning up its space own space. I am also reasonably certain that this slow response is not a record by any means.

MyBlogLog has all the elements of a really great tool. Blog owners, especially those whose content is more news orientated, will find the oversight that allows these spammers in as a poor reflection on their community.

Yahoo needs to realize that in certain cases a picture can equal a thousand words of spam. Until then actual readers can get their news and their g-string pictures at the same time.

Read more here:
MyBlogLog Needs to Wake Up Their Porn Problem

I am not a prude by any means. Janet Jackson’s Super Bowl “malfunction” did not shock me. However, the porn photos masquerading as profile pictures for porn spammers that Yahoo allows into MyBlogLog I do find irritating.

The thing is I have to admire their ingenuity. Yahoo states quite clearly that “spam” in their opinion is solely tied to email messaging. It is not tied to profile pictures. So what does a smart spammer do? Create a robot that while active in MBL visits several hundred blogs. Thus their promotional picture shows up on the MBL widget for that community as a “reader”.

Now it would be a different matter if the site was listed as being open to adult content. However this problem occurs on sites, like here at Revenews, which are not listed as open to adult content.

An email to Yahoo’s Customer Service has gone unanswered for three days. Not surprising since Yahoo is notoriously bad when it comes to cleaning up its space own space. I am also reasonably certain that this slow response is not a record by any means.

MyBlogLog has all the elements of a really great tool. Blog owners, especially those whose content is more news orientated, will find the oversight that allows these spammers in as a poor reflection on their community.

Yahoo needs to realize that in certain cases a picture can equal a thousand words of spam. Until then actual readers can get their news and their g-string pictures at the same time.

Go here to see the original:
MyBlogLog Needs to Wake Up To Their Porn Problem