slef-reflections: These People Spammed


Spam

This is my hall of shame for spammers. If one of these companies spams you, please link to their entry on this page, to help people find out about them.

If you spam me, I will list you here and hopefully people searching for your company will find this page. Please advertise responsibly instead.

The Leading Company

Posted by mjr 2007-12-14 (permalink)

Today I was cold-called by someone announcing themselves as "UK Bank Claim", a service of "the leading company", asking me questions about my bank charges.

Now, that put my back up right away. I co-own most of my banking service providers (aren't cooperatives and mutuals great?), and you can't get much more confusing service and company names if you tried.

Then they claimed to be registered with the Ministry of Justice, but I can find no mention of this registration service on the MoJ web site. I've emailed the ministry to let them know.

The phone number they called is registered with the Telephone Preference Service. The call did not send any Caller Line ID and refused to give a telephone number when asked, so I suspect it may have been from overseas. I registered a TPS complaint nonetheless.

The caller gave me the domain theleadingcompany.co.uk which is registered to The Leading Company ltd - UK Limited Company, (Company number: 6081225), 28-32 church street, slough. Strangely, that is not the Registered Address: Excelsior House, 3-5 Balfour Road, Ilford Essex shown on their web site, nor the one listed at Companies House:- ROPE WALK SHOPPING CENTRE, ROPE WALK, RYE EAST SUSSEX - are companies allowed to use multiple registered addresses? I thought that was forbidden.

In short, who is this company, why are they claiming government support and why are they allowed to behave like this?

How far should I go with this? Do you think I should contact hedleycreative.co.uk (whose email address is in their web source) and ask them why they're working for phone-spammers?

I guess I shouldn't waste any more time, but I think it's worth publicising this behaviour a bit, to try to avoid these people finding unwary victims.

Ross wrote:

"Go on, push it as far as you can. People who cold-call TPS-listed numbers and refuse to give you any details or stop you being called in the future deserve to be caught."

I'll drop their webmaster an email. Wonder what will come back. No reply to other complaints yet.

On 10 Jul 2008, David Hedley commented:

"MJR: I am the owner of hedleycreative, and having produced a website in good faith for a company who have approached me, I suggest you find it in you to address me personally before publicly assuming that my business reflects the decisions that one of my clients makes as to how they operate their business activities. Hedley Creative makes no representation for the Leading Company, legally or morally, and if you have had a bad experience with them may I suggest you direct any further comments to the company directly, rather than associating the name of my business with any such negative feedback."

Well, I did address you personally. I sent an email to david@hedleycreative on Thu, 20 Dec 2007 13:51:22 (I kept a copy because my memory often fails me) and this is the first reply you sent.

If you have a problem with being associated with phone-spammers, why did you put your email address on their website? I would never have linked hedleycreative with them otherwise.

I tried directing comments at them but they refused to give me a phone number, they blocked Caller Line ID and emails go unanswered - what a surprise.

How about writing here and now that phone-spam is wrong? Then anyone reading this website will see that it was a one-off mishap.

I think most webmasters have made mistakes at some point (and me more than many), but I also think people should try to behave themselves and avoid profiting from unethical businesses. I still don't know whether you realised that hedleycreative were working for phone-spammers.

David Hedley commented:

"I have received no e-mail from you, unless it has fell in to my own spam filter. Your comments still suggest that by default I am associated with the business activities of the Leading Company, and by asking me to "say no to spam" what you are really asking me to do is "say no to the Leading Company". I completely agree that spam in it's own entity is wrong, but I am not in a legal position to comment on the activities of another company of which I have no experience of within their normal line of business. I would perhaps consider that producing a website for a company does not assume that a designer or developer automatically delves into their business dealings first, or looks at their phone records, or views their accounts. I think the notion of "avoiding profiting from unethical businesses" is completely relevant and indeed admirable in today's current climate, but what I resent is your immediate assumption on my own practices, that I am am knowingly promoting any such "unethical business". If your point was simply to highlight the behavior of the Leading Company, then I would suggest you consider the tone in which you make your comments, as it comes across extremely accusational in the face of my own business without any grounds whatsoever. I would also consider the fact that, if I had any evidence of my own to support your theories on the Leading Company, or if I was profiting from what I believed to be "unethical business" I would not have added my contact details in the first place. I believe your approach to my "assumed" role in this matter has been juvenile and your comments very accusational. To any member of the public reading this, I have no part in such spamming activities, to you, MJR, perhaps you need to re-think your process of "judge and jury" and maybe your mission of removing spammers would be a lot more effective, having designers such as myself on your side, and much more aware of your cause, rather than being left to pick up the the bad name of any company they may have completed a project for."

Sorry the email didn't arrive. I think I also tried telephoning, but I've not dug through the Zip file of my outgoing call logs to check that.

You're not associated with the business activities of the Leading Company "by default" but your company associated with the company by working for them and leaving your contact details on their website. By asking you to say no to spam, I was asking you to say no to spam - nothing more.

I'm offended by your suggestion that I've assumed anything about you. Note that I've never claimed hedleycreative took part in the phone-spamming and I've not assumed either way about hedleycreative's business practices or view on phone-spamming - I emailed you to ask if you knew you were working for phone-spammers, as described above! I think the answer is no, but it's been rather tortuous to get this far. I was hoping that you'd have some working contact details for the Leading Company, as the TPS complaints department couldn't contact them either.

You may consider that web designers shouldn't look into the business dealings of potential clients first, but I believe that needs to change. I've turned unethical business away, like my bank does, and I think more businesses should do the same.

However, these pages aren't really meant to be kicking webmasters. It's meant to be warning people (including webmasters), about the spammers, as I explained when I started. I'm not the only one doing this - see, for example, the CodeHelp hall of shame.

Removing the spammers takes place in other channels, far away from the glare of the web...

Gofernet

2007-10-16 (Permalink): Gofernet.net 466395 (or is it gofernet.co.uk? They seemed confused about that - maybe it's Jekyll and Hyde, one spammy, one not?) of Sutton Coldfield spammed an associate on 5 Oct 2007. The spam claimed it was sent to their client list. That associate is not and has never been a client of gofernet.

The spam claimed to be "in full compliance with the Privacy and Electronic Commerce Statutory Instrument 2003, No 2426". I think they mean the the Privacy and Electronic Communications (EC Directive) Regulations 2003, which usually forbids

"unsolicited communications for the purposes of direct marketing by means of electronic mail unless the recipient of the electronic mail has previously notified the sender that he consents for the time being to such communications being sent by, or at the instigation of, the sender."

Gofernet don't have consent and none of the exceptions apply AFAICS. So it's spam, even by their standards.

Total Language Solutions Limited

2007-09-15 (Permalink): My personal email account was spammed by Jennifer Kirkham-Sandy (Phone 0800 6 121 151) of Total Language Solutions Limited, 3 The Courtyard, New North Road, Exeter EX4 4EP, Devon. Registered number (England and Wales) at the above address: 03933805. They seemed to be using a service called qwertywordmarketing. I've reported it to the hosting company, so we'll see what happens.

Look who's squatting on Jono Bacon

2007-09-07 (Permalink): So, for some reason, I was using advogato and, for some reason, I was looking at jono and, for some reason, I clicked on the link to the JonoCam. What I saw was unpleasant and not what I was expecting.

Someone's squatting on the JonoCam address, hiding behind eNom's privacy service. In fact, it looks like all of kdedevelopers.net is spam now, including jono.kdedevelopers.net.

Not only that, but http://www.jonobacon.co.uk/ is squatted too, by futuregate aka Mindcom Internet Limited of 20 Meridian Way, Meridian Business Park, Norwich NR7 0TA. If you're reading this from near Norwich, would you post some pictures of the home of these serial domain-squatters, please?

So I hopped onto the lugradio IRC and asked jono. Apparently he lost it ages ago(!) nominet says the domain was registered in 2004 and last updated April 2007, so I didn't know if that means it's been a while, or just a few months. Does the registration date change if an owner loses control? astinus told me that it does.

Anyway, I wonder how many advogato users have disused person pages with spam/squatted links. Is there a nice way we could spot them all and tag them somehow? Is there some common "about me" format which advogato (and social networking sites?) could use to keep up-to-date on our movements? List three locations in case we lose our primary domain?

Also, I had another email yesterday from someone apologising for losing control of their domain, asking me to change my links and I've removed a couple more from my friends bookmarks category recently.

Are people still losing personal domains to squatters? If so, is there a new reason for this, or is it the same old problems of registrar-lock-in and it being cheaper to register a new domain than to go to dispute resolution?

An anonymous commenter wrote:

"You want photos of the people's offices? I drive past these when going to the Sainsburys and will be going there later tonight. I recall that this place is loads of new office buildings mainly rented by new companies. I won't have good light tonight but if you want photos another time let me know."

Well, if you have good light any time, I think it'd be fun to see where they live, to see what sort of lifestyle domain-squatting can buy.

Another anonymous commenter wrote:

"I checked out the postcode you quoted last night but had forgotten the building number of the spammers and it was to dark anyway so that a phonecam wouldn't have helped anyhow. Looking up that way there are lots of "new" companies, a couple of bank branches, nursery, audi dealership... and a company called breakwater IT. They have a rep as being a "good" "new" company and have lots of good press about it. Either way, they are number 20... breakwaterit.co.uk and they have a fuckoff huge sign showing over the main road. I hate them but that might be because they are full of shit and microsoft solutions and have slagged off Linux in the past. Learning they are squatters is even more interesting tbh :) at least it means i can slag them off with authority. Thanks for the tip off ;)"

Kevin Mark wrote:

"Time and time again, people talk about stolen website domains and it leads me to question the relationship between any digital entity with which we do business. People provide some personal data which can be stolen and used in identify theft to their digital entity which they say is required for business. A computer compromise later and your identify can be stolen. Then we have Jono's case. Was other stolen info used to gain acccess, was this social engineering or did the entity do little checking on the transaction? What should be required to do online business with someone that you will never see in person? There will always be a continuum between easy transaction and tin-foil-hat transactions. Someone mentioned losing a valuable email account password for access to time-critical data. Yahoo, the email host, could not give this person access. What data should be required to authenticate such transactions as the recovery of a lost email account password or domain transfers like a secure way that does not risk identify theft with someone/company that you will never meet face to face."

I don't think there was any stolen info used to grab jonobacon.co.uk - just wait for the registrant to fail to renew, for whatever reason. Official advice on doing business online and spotting impersonation is surprisingly weak, at least in the UK.

Alexandre Franke commented:

"Have you tried to check on archive.org when the change for Jono's domain occured?"

No, I didn't think of that (surprising, as I used it for finding out when people became debian developers recently). web.archive.org first recorded the futuregate squatters there on 16 Oct 2004.

What does akst spam mean?

2007-08-13 (Permalink): I've just put 2 and 2 together and maybe I got 5. What do you think of this hypothesis?

The effect is lots of spam with From-lines starting akst... Is the cause Alex King's Share This?

It seems Time for Blogging asked "A Losing Battle with Blog Comment Spam? Is Share This Plugin at Fault?" but I see nothing relevant on WordPress: Support: Plugins and Hacks: Alex King's Share-This about exploits.

I can't see how to exploit the current version to send mail, but I think I can see an exploit for an older version. Also, if you'd got a redirect script into someone's comments, you could use Share This to collect marks.

Spam + Bloggers = Sploggers

I've heard about sploggers before, but I've never seen a non-trivial one. It looks like nixforce.com is a splogger that is harvesting all Planet Debian posts and using it to promote their Ubuntu/ Fedora/ Windows services site. (Sod that. You should all buy debian services from my cooperative OK?) I know about this because they sent me a pingback. Unsurprisingly, I've not approved it!

Are any other Debian planeteers unhappy that nixforce.com seem to be claiming that "We are a group of people in Durban, South Africa. We provide services on Ubuntu Linux, Fedora Core Linux ,Microsoft Windows Servers, XP Professional Desktops, Ubuntu Desktops [...] Macromedia Coldfusion Server [...] MysQL and Microsoft SQL Server [...] Unilever" for them? I asked: Should we try to stop them, or just post that "Nixforce look like an unscrupulous load of swines trying to trade on Debian Developer names without permission" all over their site?

Paul wrote:

"They are violating Google's Adsense policies by inviting people to click on their ads on their front page ("If you dont want to enter, at least go to one of our Advertisers below").

You could, at the very least, have this line of their income terminated by reporting them here "

Works for me.

Brandon Holtsclaw suggested:

"Or set something to look for the referer pulling the feed and redirect just that nixforce domain to a 404 or some nasty pr0n feed :) just a thought."

I would, but I think most things will fail to pull if I send a 40x and I can't think how to do a redirect or proxy neatly without messing with RewriteRule or similar - nixforce aren't worth messing with RewriteRules. I also suspect they're pulling from Planet Debian, rather than my web host, so if I made a mistake, I'd be very unpopular.

Also: Russell Coker and Antti-Juhani Kaijanaho

Jigsaw Insurance Marketing

I've had a couple of silent phone calls from 01158507616. It seems that Jigsaw Insurance Marketing (UK) Ltd of 3rd floor, 16, King St, Nottingham, Nottinghamshire NG1 2AS are notorious nuisance callers. I've fed them to Ofcom's web-based silent call complaints system and with any luck, the next time I hear about them will be when they are fined. (I don't hear about them when they call. It's just silent.)

Dave commented:

"This company are a total pain in the arse !! I have also received calls from them (9 in all) which have got me out of bed, the bath and in from the garden. Each time silence. Today I reported them to Ofcom and was given their office number 0115 850 7600. I called this and demanded that my number be removed from their system and threatened legal action if any further calls occur. We shall see !!"

Elizabeth Smith commented:

"Thank yourselves lucky you were restricted to phone calls - they've been taking money out of my bank account for insurance on a mobile phone - never had a mobile! Plus, now I seem to get called at least once a week by them. Last week's call was about them trying to persuade me that I needed insurance against identify thieves. All went quiet when I asked whether it would cover insurance companies taking money from my account for a services I don't have!

And everytime I have to move the dogs from their strategic positions (trying to delay putting heating on so something needs to keep my feet warm!)"

Sun via Kingpin

I just had some spam from "Kingpin Intelligence" about Sun's London Tech Days '07 A Worldwide Developer Conference 13th - 15th March 2007 - Central Hall, Westminster SW1. It seemed to include some filter-defeating random strings. Why are Sun using spam to promote their events?

I've obsoleted the email address from LWCE2004 that it was using. Please use the enquiry form to contact me at work.

Digital Parts

Today's featured spam is from Digital Parts, Rowan House, Bricklehampton Lane, Pershore, Worcestershire, WR10 3JT sent via ukcompanydeals.com and reroute-all.com.

They get a special mention for including the fully buzzword-compliant footer

"Marketing communications are delivered in accordance with EU Directive on Privacy and Electronic Communications. [...] All communications are targeted to business users only."

and then sending their weasel words to one of my personal org.uk addresses, clearly marked as "UK non-trading individual" at Nominet.

No real contact details included, so if you get the same spam, please link this to help them find themselves on search engines.


Comments are moderated (damn spammers) but almost anything sensible gets approved (albeit eventually). If you give a web address, I'll link it. I won't publish your email address unless you ask me to, but I'll email you a link when the comment is posted, or the reason why it's not posted.

This is copyright 2007 MJ Ray. See fuller notice on front page.