Scumbag Affiliates

I just had it confirmed (although I don't actually know the person who confirmed this as an aside) that Fabulous use affiliate links and the domainers receive a CPA from Fabulous for each lead generated.

So while Fabulous say they don't actually own the domain, they are both monetising it, providing the content and profiting from the name - in fact I'd suggest that they are physically responsible for the content and they are obviously hosting it too.
 
I just had it confirmed (although I don't actually know the person who confirmed this as an aside) that Fabulous use affiliate links and the domainers receive a CPA from Fabulous for each lead generated.

So while Fabulous say they don't actually own the domain, they are both monetising it, providing the content and profiting from the name - in fact I'd suggest that they are physically responsible for the content and they are obviously hosting it too.
Fabulous just responded a little while ago that they are looking into this. Nothing from Casino Blasters or 888.com yet :rolleyes:

This is why it's important for affiliate programs to review where their links are being set up. Many do - but some don't give a damn.
 
Hey and guess what - top of the pile now are the Lucky Ace spammers. Honestly CM, I thought you had more integrity :p

LuckyAce Casino: The Best Casino experience online! ... Trust our brand ... Click here to get started!


:lolup:

Must be right if the "Casinmeister" says so ;) :rolleyes:

PS. Yet more spam from them today :(
 
Ha ha - what a laugh. As soon as I start complaining about this, I get the following spam mail. Apparently sent out by ME! :eek:

Delivered-To: bryan@casinomeister.com
X-Spam-Checker-Version: SpamAssassin 3.1.9-gr0 (2007-02-13) on
mx12.futurequest.net
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.1 tests=UNPARSEABLE_RELAY
autolearn=disabled version=3.1.9-gr0
Delivered-To: webmaster@casinomeister.com
From: "Casinomeister's Newsletter" <subscribe@casinomeister.com>
To: <webmaster@casinomeister.com>
Subject: *{spam}* Re: February 70% OFF
Date: 13 Feb 2008 07:49:33 -0000


Spam detection software, running on the system "mx03.futurequest.net", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.


Content preview: If you'd like to subscribe to Casinomeister's newsletter,
please visit the Newsletter page where you can read the latest issue and subscribe
from there. Thanks!
http://www.casinomeister.com/newsletter.php [...]


Content analysis details: (16.0 points, 5.1 required)


pts rule name description
---- ---------------------- --------------------------------------------------
-1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP
3.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
[URIs: eggmind.com]
3.6 URIBL_SC_SURBL Contains an URL listed in the SC SURBL blocklist
[URIs: eggmind.com]
3.3 URIBL_AB_SURBL Contains an URL listed in the AB SURBL blocklist
[URIs: eggmind.com]
3.4 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: eggmind.com]
1.5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist
[URIs: eggmind.com]
2.6 URIBL_OB_SURBL Contains an URL listed in the OB SURBL blocklist
[URIs: eggmind.com]




Received: (fqmail 10537 invoked from network); 13 Feb 2008 07:49:33 -0000
Received: from mx14.futurequest.net (mx14.futurequest.net [69.5.6.187])
by pt02.futurequest.net ([69.5.6.173])
with FQDP via TCP; 13 Feb 2008 07:49:33 -0000
Received: (qmail 17828 invoked from network); 13 Feb 2008 07:49:33 -0000
Received: from pt02.futurequest.net (pt02.futurequest.net [69.5.6.173])
by mx14.futurequest.net ([69.5.6.187])
with QMQP via TCP; 13 Feb 2008 07:49:33 -0000
Date: 13 Feb 2008 07:49:33 -0000
Message-ID: <20080213074933.10535.qmail@pt02.futurequest.net>
To: <webmaster@casinomeister.com>
In-Reply-To: <20080213154932.16526.qmail@khalil>
From: "Casinomeister's Newsletter" <subscribe@casinomeister.com>
Subject: Re: February 70% OFF


If you'd like to subscribe to Casinomeister's newsletter, please visit the Newsletter page where you can read the latest issue and subscribe from there. Thanks!
https://www.casinomeister.com/newsletters/


Cheers!


Bryan
Received: (fqmail 10522 invoked from network); 13 Feb 2008 07:49:33 -0000
Received: from mx05.futurequest.net (mx05.futurequest.net [69.5.6.176])
by pt02.futurequest.net ([69.5.6.173])
with FQDP via TCP; 13 Feb 2008 07:49:33 -0000
Received: (qmail 549 invoked from network); 13 Feb 2008 07:49:31 -0000
Received: from mx05.futurequest.net (mx05.futurequest.net [10.2.1.176])
by mx05.futurequest.net ([69.5.6.176]); 13 Feb 2008 07:49:31 -0000
Received: from khalil ([91.74.60.143])
by mx05.futurequest.net ([10.2.1.176])
with SMTP via TCP; 13 Feb 2008 07:49:31 -0000
Received: (qmail 16524 by uid 288); Wed, 13 Feb 2008 11:49:32 +0400
Message-Id: <20080213154932.16526.qmail@khalil>
To: <subscribe@casinomeister.com>
Subject: February 70% OFF
From: <subscribe@casinomeister.com>
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Antivirus: avast! (VPS 080212-0, 02/12/2008), Outbound message
X-Antivirus-Status: Clean


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">


So I wonder how much traffic will be headed over to the newsletter section. Guess I should check my stats :rolleyes:

I'm not saying that the a-hole webmaster who is violating my trademark rights is behind this - but a coincedence is a coincedence.

By the way, 888.com got back to me stating that this is an issue with Roar (thus the rour username in the aff codes) The casinos subscribe to a feed, and they have no contral where the feed goes. Ingenious :rolleyes:

So I guess I'll be dealing with these people now.
 
Here are some of the URLs hidden in the email message:
http://gfx2.phamv.com/
http://gfx2.hnhfz.com
http://mail.gccpe.com/mail/options.aspx
http://gfx2.ezaqa.com
http://gfx2.utooo.com
http://get.yuomb.com/
http://gfx2.utooo.com
http://h.cbuay.com/

There are a crapload more, mostly there to bring up images in the pharmaceuticals :rolleyes:

Obviously, this is an email intended to damage Casinomeister and not to generate a profit.
 
Here are some of the URLs hidden in the email message:


There are a crapload more, mostly there to bring up images in the pharmaceuticals :rolleyes:

Obviously, this is an email intended to damage Casinomeister and not to generate a profit.

I agree, think it stinks to high heaven, and also think it's a bit of a suspicious 'coincidence' -- though some recently banned folks could also be trying a 'pay back'.
 
Here are some of the URLs hidden in the email message:
Link Removed ( Old/Invalid)
Link Removed ( Old/Invalid)
You do not have permission to view link Log in or register now.

Link Removed ( Old/Invalid)
Link Removed ( Old/Invalid)
Link Removed ( Old/Invalid)
Link Removed ( Old/Invalid)
Link Removed ( Old/Invalid)

There are a crapload more, mostly there to bring up images in the pharmaceuticals :rolleyes:

Obviously, this is an email intended to damage Casinomeister and not to generate a profit.

It's a shame there are so many wankers in the world. His/her best friend is probably the computer - I guess it's quite sad really that they have so little of interest going on in their own lives that they have to try and get their kicks by trying to hurt other people.
 
It's a shame there are so many wankers in the world. His/her best friend is probably the computer - I guess it's quite sad really that they have so little of interest going on in their own lives that they have to try and get their kicks by trying to hurt other people.
Exactly, and look at these choice domains that are getting scooped up. I was planning on launching a new site called utooo.com. Now I'll have to add another "o" :rolleyes:
 
So I wonder how much traffic will be headed over to the newsletter section. Guess I should check my stats

I'm not saying that the a-hole webmaster who is violating my trademark rights is behind this - but a coincedence is a coincedence.

Perhaps you should release a "special" on this, so that all this traffic, if it comes, sees what is going on here. Currently, they may think you are spamming your own newsletter, but you could explain how you complained about this rip-off site, and how "by coincidence" your Email was spoofed and used in a bulk spamming campaign, perhaps as "revenge" for attempting to stand up to the industry spammers.
You might even get a few more Casinomeister members out of this, who will become far more informed about online casinos, and how to tell the bad sites from the good.
 
IMO, it would be a mistake to think that this was a single person, "Who's best friend is his computer."

I have had this kind of thing happen to me several times... Mostly when I made 888 and their pet Russian spammers angry... There are even threads about it around here.. When I Rogued 888 about a year ago.

BTW - those links in the email... will hurt your site if you don't take some action. Those sites that are linked in that email have all been banned from google (looks like google hand removed those sites for being very bad - they are real search engine poison).

Bryan, I just did an Link Removed ( Old/Invalid) check on casinomeister... Bryan you NEED to add an SPF record to help stop these spoofed emails... If you don't get an SPF record set up very soon, your going to regret it... Take it from someone that has been there.
 
It's a long shot, but you could check the IP from which that email was sent against the IP's of recently banned members.
 
Where art thou, foul spammer

In-Reply-To: <20080213154932.16526.qmail@khalil>
And Then
Received: from khalil ([91.74.60.143])
by mx05.futurequest.net ([10.2.1.176])
Received: (qmail 16524 by uid 288); Wed, 13 Feb 2008 11:49:32 +0400

Fire Up the rusty old tools :

Queried whois.ripe.net with "-B 91.74.60.143"...

inetnum: 91.74.60.0 - 91.74.63.255
netname: JBR-NET
descr: Jumeirah Beach Residence
country: AE
remarks: ************************************
remarks: ** For SPAM or any illegal activity CONTACT: **
remarks: ** lir@du.ae **
remarks: ************************************
notify: notify@du.ae
changed: sydney.dsouza@du.ae 20070811
address: Emirates Integrated Telecommunications
address: P.O.Box:502666
address: Shatha Tower 25th Floor, Dubai, UAE
phone: +97143600000
fax-no: +97143916800
e-mail: nixon.reberia@du.ae


Jumeirah Beach Residence = Outdated URL (Invalid)
The worlds largest single phase project, Jumeirah Beach Residence comprises more than 40 towers, most of them for residential purposes.

So, either you have a very rich spammer taking the piss.. Or, unfortunately most likely, you have a real spammer who knows what he is doing and they used a bot to send the spam..

Mails hit futurequest.net first, with a UID (288), you might want to speak to them as well. To me, that says he has an account with them

Then
Had a look at the source code on casinmeister.com, he liked using specific link names. Hit google for "486-blackjack" and you see dozens of sites come up :

You do not have permission to view link Log in or register now.

Iowa removed from the search results 'cos the first 3 results are for the Iowa Lottery.

Looked through a random sampling of results on the first page, mostly on Fabulous.com (Domains for sale, buy buy buy), Similar page design (look for the associated/Optional Links, using the same numbering system)..

And find links to : Europa, Carnaval, Prestige, 32vegas, Joyland, Eurogrand.
Search google using these terms too :
483-las-vegas
484-lottery
491-baccarat
492-keno
557-bingo
913-slot-machines
921-poker-online
486-blackjack
488-craps
490-roulette

Fair amount of sites there relevant/associated to meisters issue

Have fun, climbing back into my hole
 
Roar

Got tired of the dark, want to play some more..

One of the google results is bestcasinobonuscode.net
Link at the bottom of their home page : Advertise With Us. Link is to : httpxx://dbbsrv.com/refer/14339/10388/14339-10388
Which redirects to
httpxx://www.roar.com/bserv/landing/signup/rl4.htm

Roar.com Pty Ltd
Level 23
12 Creek Street
Brisbane QLD 4000

Roar Customer Care
Phone: + 61 7 3007 0070
Facsimile: + 61 7 3007 0075
Email: customercare@roar.com
Web:
You do not have permission to view link Log in or register now.


Manager Roar
Mr Graham Latter

Sales Manager
Mr Paul Pamenter

Customer Care Manager
Mr Peter Stevenson


Welcome to Roar.com - The world's leading Pay-per-click portal!
Roar is a wholly owned subsidiary of Dark Blue Sea Pty Ltd., and is a market leader as an Internet Search Engine.


Google for Dark Blue Sea Pty Ltd
OOOOO, They been WIPO'd :
You do not have permission to view link Log in or register now.


Most Interesting bit there is :
(xv) According to search extracts exhibited by the Complainant, Dark Blue Sea Limited is a shareholder of the Respondent. The current registered office and principal place of business of the Respondent and Dark Blue Sea Limited (as well as DBS Administration Pty Limited) are the same, namely, Level 23, Comalco Centre, 12 Creek Street, Brisbane, Queensland. Further, two of the directors and the company secretary of Dark Blue Sea Limited (namely, Vernon Alan Wills, Richard Edward Moore and Gregory John Platz) are also the current directors and company secretary for the Respondent. It is also noted that the "ICANN accredited" Registrar of each of the Domain Names, Fabulous.com Pty Limited (formerly known as Domain Intellect Pty Limited), has the same registered office and principal place of business, as well as the same directors and company secretary as the Respondent. [The Panel also notes that the e-mail replies received by the Center from the Registrar of the Domain Names contain a disclaimer by "Dark Blue Sea"].

Then you get httpxx://www.darkbluesea.com
Dark Blue Sea is listed on the ASX (Code: DBS). The Company also has a Level 1 ADR program through the Bank of New York (Code: DKBLY)
Share Price History from Yahoo :
You do not have permission to view link Log in or register now.


Case Study about them : httpxx://www.insor.com.au/case_studies.html
An Australian Internet company focussed on Domain Names and on revenues from direct navigation and secondary sales of Domain names. Dark Blue Sea owns a portfolio of 550,000 domain names, which are predominantly dot com domains, which are freely operated and traded in the unregulated US market.

All done playing, back in the hole
 
Thanks all - much appreciated.

I'm having my server (which is futurequest.net) take a look at the SPF thing. For some reason this is not set up.

I have a feeling that the spam I received failed to get out since the traffic is normal on the newsletter.php page. There is relatively no one clicking through an email to that site. So my guess is that this spam-hole is just trying to show what he can do without a mailing list. A possibility :rolleyes:

I contacted Roar two months ago complaining about this domain - they said they had nothing to do with it. Now I know they do - at least they have something to do with the aff links. Here goes another email <sigh> like I have nothing better else to do with my time.
 
Thanks all - much appreciated.

I'm having my server (which is futurequest.net) take a look at the SPF thing. For some reason this is not set up.

I have a feeling that the spam I received failed to get out since the traffic is normal on the newsletter.php page. There is relatively no one clicking through an email to that site. So my guess is that this spam-hole is just trying to show what he can do without a mailing list. A possibility :rolleyes:

I contacted Roar two months ago complaining about this domain - they said they had nothing to do with it. Now I know they do - at least they have something to do with the aff links. Here goes another email <sigh> like I have nothing better else to do with my time.


I just looked into SPF, and it looks great - as long as the recipient's mailserver supports it as well. It will definitely cut down on forgeries getting through, but not 100%.
 
Got tired of the dark, want to play some more..

One of the google results is bestcasinobonuscode.net
Link at the bottom of their home page : Advertise With Us. Link is to : httpxx://dbbsrv.com/refer/14339/10388/14339-10388
...
dbbsrv.com is a 2nd tier affiliate program (Dark Blue gets affiliate deal with casinos, and affiliates get commissions from Dark Blue) and likely has nothing to do with the affiliate spamming. If someone sends Dark Blue the affiliate tag of the spammer, they will probably ban him from the program.
 
What does SPF actually DO?

Suppose a spammer forges a hotmail.com address and tries to spam you.

They connect from somewhere other than Hotmail.

When his message is sent, you see MAIL FROM: <forged_address@hotmail.com>, but you don't have to take his word for it. You can ask Hotmail if the IP address comes from their network.

(In this example) Hotmail publishes an SPF record. That record tells you (your computer) how to find out if the sending machine is allowed to send mail from Hotmail.

If Hotmail says they recognize the sending machine, it passes, and you can assume the sender is who they say they are. If the message fails SPF tests, it's a forgery. That's how you can tell it's probably a spammer.
Source: Link Removed ( Old/Invalid)

spf records are being used by most all of the big free email providers like google, msn, hotmail and most of the big hosting companies are now using SPF records... it is slowly becoming the standard.

However as has been posted it is not foolproof.

I have received two spoofed emails in the entire year, after I implemented SPF... Before I implemented SPF, I was being hit by spoofed emails at the rate of hundreds a day and those were only the ones I was seeing, 1000x times those got thru to who ever they were being sent too. So I would say that while not foolproof, it does work better than anything else out there does.


Bryan, I almost forgot, you will want to use a blackhole along with the SPF record.
 
Bryan, I almost forgot, you will want to use a blackhole along with the SPF record.
I have a blackhole implemented. My server does not support SPF, but they do support DomainKeys which I'll need to look into.

And Fabulous legal got a hold of me and they've removed the affiliate template from casinmeister.com. The BS site is virtually gone.

It's a full time job trying to protect one's trademark. It always amazes me how many a-holes there are in this world. :rolleyes:
 
I have a blackhole implemented. My server does not support SPF, but they do support DomainKeys which I'll need to look into.

And Fabulous legal got a hold of me and they've removed the affiliate template from casinmeister.com. The BS site is virtually gone.

It's a full time job trying to protect one's trademark. It always amazes me how many a-holes there are in this world. :rolleyes:

Don't get your hopes up too high. Although they're not on the front page, if you click on "casino", you'll be led to a page where the casino affiliate links are listed.
 
Don't get your hopes up too high. Although they're not on the front page, if you click on "casino", you'll be led to a page where the casino affiliate links are listed.

You always have to check out for the cloaked one's like Win just did...
 
Don't get your hopes up too high. Although they're not on the front page, if you click on "casino", you'll be led to a page where the casino affiliate links are listed.
My main concern was that the title of the page was "Casinomeister" and that an misguided Internet traveler might confuse this bogus site for the real one.
 
I'm aware of a scumbag affiliate who is ripping off the Casinomeister brand.

I would'nt even give this wannabe mini-me a second thought if I were you. He has no idea!!! I find that just the mention posting on the Casinomeister site scares people off and gets them to respond quicker when you have a problem.:notworthy

I have been lurking around for a while now without posting but have just generally been trying to find my way around the site - it takes ages, because there are so many interesting things to read but have come to know that there is no-one that even comes close when dealing with casino issues etc.
 

Users who are viewing this thread

Meister Ratings

Back
Top