Snoskred – Life in the Country

Eric from MyBlogLog dropped by and left a comment, which I would like to respond to here.

Thanks for dropping by, Eric. I’d like to show you the bigger picture. You seem to be seeing one tree in the forest. There’s a lot of trees to be seen, and here are some things you might want to consider.

You think that a 419 scammer can’t set up a blog and make it interesting enough that people will join their communities? These guys are not stupid. They create fake banking websites constantly and some of them are good enough that the *banks* wonder how they’re doing it. They would probably steal content from lesser known bloggers, but how would any of us ever know that they were scammers until they sent us the scam email?

Plenty of people would not even know they were scammers once they GOT the scam email. The situation with education on this topic is not good. New people join the internet every day, many of them elderly people with life savings in the bank.

You think the scammers speak a different language and it would give them away? Incorrect. When you receive a scam letter with terrible spelling and grammar – that is actually TACTICS on their part, because they want the great white hope to think they are less educated and easy to manipulate. They can write just as well as you or I.

You forget that SCAMMING PEOPLE IS THEIR FULL TIME JOB. They get up in the morning and go to the internet cafe. Email isn’t working too well for them these days, and they are always looking for new ways of contacting the “maga” – their word for scam victim. They’re already using social networks. Tagged is their current favourite, it seems, but they are always looking for the next big thing. They work in large gangs, and they have “lower down” scammers doing all the grunt work. Those guys are constantly thinking up new ways to scam people in order to get higher up the chain.

If someone joins your community, most people join theirs in return. I’ve done it myself. I’m sure others have too. That’s the way these social networking things work. So if a scammer signs up and goes around joining communities, its likely they would get a lot of members fairly quickly, who they can then spam.

If you don’t think it is possible, you’re wrong. These guys will use any chance they can. Ask Ebay and Paypal. The next thing you know they’ll be sending out phishing emails to get blogger logins – yes, that is one way they will be able to spam people, by stealing the accounts of established bloggers. They’ll target the bloggers signed up to a lot of communities. Have you organised an education drive on a phishing scam, ever? People fall for it so easily, and they will fall for it just as easily on this occasion. You ready to deal with the fall out of bloggers having their passwords stolen?

Ebay can’t manage to get the message through to people. Paypal can’t manage to get the message through to people. Banks and ISP’s can’t manage to get the message through to people. We scambaiters can’t get the message through to people and trust me, we’re not resting on our laurels. The Anti Phishing Working Group can’t get that message through to people and look at all the influential members they have to help them out. Thousands of online email, banking, Ebay, paypal and ISP accounts are compromised daily. Do you think you’ll be an exception and able to get the message through to all 180,000 members of MyBlogLog?

Even Yahoo has problems with this – the scammers send out emails which look like this - You probably look at it and think – who would fall for that? People fall for these phishing tricks all the time. I’m not kidding. If MyBlogLog people got a message that said – we’re spring cleaning, please log in to show us you wish to remain a member – and it linked to a fake site the scammers set up which looked exactly like MyBlogLog and it asked people to log in..

These guys got game. Some of them have teamed up with the Vlads – scammers from Romania and Russia, in order to do these phishing scams and fake sites. You want to take them all on and make yourself and every member of MyBlogLog a target? Ask Ebay how well that worked out for them. They never took this problem seriously and now it is such a huge problem for them, it’s given them a very bad name, and frankly they will never overcome it. New auction sites setting up know about this problem and take steps to avoid it.

Having a private messaging system is bad enough – the scammers will turn up at some point. I have already received 419 scams via Bumpzee private messaging. But you give them a mechanism to get their 419 messages out en masse to a large group of people, and all they have to do is join a bunch of communities? Sold! That’s a lot easier than messaging people one on one. But if you offer them messaging one on one, they’ll take that. I would recommend you get rid of the private messages as well, in order to keep them off MyBlogLog.

Now you can say ok, we’ll ban all Nigerian IP addresses. That won’t work, the scammers are all over the world – the US, UK, Europe, Middle East, even here in Australia. Canada has a huge group of check scammers working there, sending out fake checks, take a look at some of their work (checks they sent to me) here. There are large scammer contingents in Houston, Atlanta, Amsterdam, London, Abu Dhabi, Romania, Johannesburg and Delhi. This is a global problem without anyone working on a global solution.

There is so much more to this issue than the one tree in the forest that you are seeing. That’s why people are so angry and upset about it – they LIVE with the spam and scams, and they do not want you to offer another mechanism for them to receive that. It won’t go away by your saying “We’re keeping this system, thanks for your feedback” – no, what will happen then is you will lose a lot of your members. Maybe that’s not important to you now you’ve sold out to Yahoo.

You’ve grabbed a tiger by the tail here. How about letting it go and listening to your members? If you don’t believe me or the other outspoken ones, put in a poll and see for yourself – I personally feel the majority of people on MyBlogLog do not want this community messaging system. Many of them will just quietly leave, or stop using MyBlogLog.

Other people who have written about this topic –

MyBlogLog Community Mass Message SPAM Controversy – Alex (new)
Mybloglog messaging system and why I think it sucks – Yack Yack
MyBlogLog Mass Messaging – Swallow Spam or Die – Avinash
MyBlogLog New Features – The Abusive and the Incomplete – Andy Beard
Think Twice Before You Launch A New Service – MyBlogLog – Jon
Community Messages on MyBlogLog – Meg

For those users of the internet who wish to continue using MyBlogLog but want to show their users that they will never spam them using the Community Messages system, I have good news for you.

Jon from Smart Wealthy Rich created a little image you can put in your sidebar, probably under your MyBlogLog widget, to let people know you won’t be spamming them anytime soon. He also made a commitment, and I’d like to make my own commitment to readers of my blog here and now -

My Commitment –

I will not use the community message service, and you will not receive any mass message from me on MyBlogLog. I may use the private message system to reply to you if you message me, or if I have something specific to say to you personally, though usually I would just send you an email or contact you via your blog.

It’s nothing personal.

If you did send out a message to your community, don’t take this like a slap in the face. You probably thought it was a great new feature and a good way to get in touch with everyone at once. But that’s what your *blog* is for. You can make your own commitment if you also feel strongly about this, and display the image on your own blog.

Communities are great, I have gained a lot from being a part of them, but I’m reading your blog daily in google reader and if you have a message to send to members of your community your blog is the place to do it, not via a mass message to all people in your community on MyBlogLog.

Please note, I am not talking about private messaging. Sending one message to someone is not spam. In my opinion, people should not be able to send more than one message at a time. If they want to sit there and message every member of their community individually that is fine, I have no issue with that. It’s when they are able to type one message and instantly send it to hundreds of people that it becomes spam – and a potential problem for every member of MyBlogLog.

It’s a real shame because MyBlogLog has such potential but the moment you allow a system where spam like this can happen and be easily done, you are just opening up a can of worms – the *real* spammers and scammers will be along in no time. I get enough “Enlarge your penis” mail (especially for someone who doesn’t OWN a penis, being female!) through my normal email addresses, thanks very much.

The Nigerian 419 lads will really love this system and I say that because I know them very well and they already abuse similar systems on dating sites and other community sites, and they’ll be along before you can blink, joining OUR communities in order to send US mails intending to SCAM us out of our hard earned money. Worst of all, they WILL get money from people who don’t know anything about those scams. I do not think MyBlogLog really wants to provide a service for scammers – they want to provide a service for bloggers.

The solution is to quickly get rid of this community messaging system. However from what I am reading on the MyBlogLog blog, they seem to want to keep this or wait until people give them feedback. I think that’s a mistake. People will leave, and there’s other sites out there providing the same service, but without the spam.

Also, I don’t belong to a lot of communities yet, but I do read on average 200+ blogs a day. One of the blog communities I read on the RSS feed has over 200 blogs posting to it. In point number 4 of Eric’s blog post – “I’ll leave it for other people to debate why someone would join 5,000 communities” – it sounds like a judgment of people who belong to a lot of communities and that people who belong to less communities won’t have an issue.

At this time I think I belong to less than 5 communities, NOBODY has spammed me, not ONE person, yet I have a problem with this because I can see the potential for disaster and because I know scammers well.. If you have an issue with people belonging to a certain amount of communities, put in a limit. Don’t use this to justify the community messaging system.

I was about to sign up for the MyBlogLog Pro service because they do offer a lot of great features, especially the stats, they are some of the best I have seen on the web but I’ll take a raincheck for now until I see how this plays out.

Meg from Dipping into the Blogpond posted on this topic here, so go and read it if you’re not aware of the situation. Other posts I found are here -

Mybloglog messaging system and why I think it sucks – Yack Yack
MyBlogLog Mass Messaging – Swallow Spam or Die – Avinash
MyBlogLog New Features – The Abusive and the Incomplete – Andy Beard
Think Twice Before You Launch A New Service – MyBlogLog – Jon

From yesterday’s post, Em had a question –

What is your opinion of spam filters. My gmail one seems to work quite well and the spam doesn’t bother me because I don’t see it…

I’ve got about 40 gmail accounts actually. Being a scambaiter, you tend to have a lot of email addresses. The spam stuff, like viagra and cialis and people trying to sell you stuff, gmail does reasonably well with. However, they do NOT do as well with the *scam* emails, and also phishing gets through on a regular basis.

You might not be getting much in the way of spam as yet, but if you have an email address which is anywhere out there on the internet, it will be coming to you as a surprise some time in the future. Here’s a screenshot from one of my email accounts which is on a scam blog. The people emailing it do not know it is on a scam blog because they use an email extractor program to get the addresses.

The emails you see there arrived over the space of less than an hour. That account regularly receives around 40 emails per hour. That’s 960 emails a day. Can you imagine how this would mess up your inbox?

For most people, a single gmail account with a spam filter might work just fine – until someone gives out your email address somewhere. It’ll start out being 3-4 spam emails a day, and keep going upwards until you want to throw things at people you’re getting so much of it. If you have one email account which you use for everything, it’s a real nightmare when that happens. And you would be surprised at whom is doing what with your email address as we speak.

I’ve done a lot of email warnings to scam victims over the years, and many times some of these people have decided I am their friend and added me to their forwards list. They then send me any “joke” or “inspirational” email that they stumble across during their interweb travels. The trouble is, they add all the email addresses as “cc” – carbon copy, which means me and everyone else who got the mail can see who it was sent to! That means, if a scammer or spammer gets their hands on it, they have a bunch of new targets to email.

So there’s the lesson for today – use BCC when you want to email to more than one person. *Blind* carbon copy – it means nobody else can see who you sent that mail to.

The reason I am suggesting the email plan rather than just one gmail account is because if you break it down into groups it is much less of a hassle when that account is compromised. I say when because it is highly likely to happen. Spam and Scam is getting worse, and there really isn’t much that can be done to stop it, so it is much better to be prepared.

I hope that answers the question.