Bringing Down A Copycat Site

Nigel Cross wrote in with an interesting story from the world of software fraud. Cross writes "I found a copycat site fraudulently selling my own software and kept a record of the steps it took to bring him down."

Step One:

[Icarus1919 (802533)]

Step one: Find out name of evil twin from mother.

Re:Step One:

[Nigelxequte (844372)]

If you read my comment below you will see that MailList King is not spamming software

We actually created it for inhouse use to handle the people that e-mailed us to join our mailing list so they could learn about new releases. We found it so useful that we released it as a product.

I'm sure you voluntarily belong to a lot of mailing lists. Is the software that is used to send those messages spam software?

Nigel Cross

Re:Step One:

[sg_oneill (159032)]

But your screenshots show 450,000 list members. Dude what legit mail list has 450,000 mail list members?

Re:Step One:

[Ilgaz (86384)]

Maybe its in house beta (or final whatever) test copy?

Generate random mail addresses and test extreme conditions? Also if it works, use that screenshot to show how powerful it is.

I am not developers friend or something but I can sure imagine why since I have a coder friend coding opt-in maillist software for huge online store, tested EXACT SAME WAY.

Somehow, on this story, I felt like I am at download.com comment trollheaven.

Re:Step One:

[Zorilla (791636)]

I'll be the first to tell you that being forced to register with a business partner of a business partner of a business partner of a business parter in order to download trial softgware and ending up on a mailing list is not opting in.

Re:Step One:

[pipingguy (566974)]

Slashdot has more users than that, based on UsedID numbers

No one likely knows for sure, but I'd bet that up to 50% are dupes or abandoned accounts and Taco himself probably owns dozens - that's why all the good usernames are already taken. He's hoarding them for eBay sale in case he gets fired.

Re:Step One:

[hkmwbz (531650)]

"If you read my comment below you will see that MailList King is not spamming software"

Yeah, that is obvious to anyone who actually bothers to pay attention. Unfortunately, a lot of people don't, as you have noticed...

Maybe the Slashdot editors could post an update explaining that the screenshot on your site is of the scammer's site, and that mailing lists are actually used a lot by non-spammers? Even the Free Software Foundation has its Mailman mailing list software [gnu.org].

I feel sorry for you, in a way... You've become another "victim" of Slashdot, or at least some of its readers, that don't bother to pay attention before commenting on things.

Har Har Har

[acxr is wasted (653126)]

Dec. 24, 2005: I received an e-mail from a former colleague...

Talk about the mysterious future!

/. it

[Pmkool1 (827418)]

That's the solution to everything: /. it!

Think about it... Just post a link to that site saying that it's a fake, and just watch as it takes a slashdotting.

Now THAT'S how a nerd kicks some butt!

Re:/. it

[procrastitron (841667)]

One of the issues that concerned the poster was that the copycat site might show up (early) on search engine results. The probability of this would greatly increase if links were posted to it by people trying to bring the site down. As such, a /.ing might have wound up increasing the damage caused by the copycat site.

Re:/. it

[1u3hr (530656)]

One of the issues that concerned the poster was that the copycat site might show up (early) on search engine results.

I Googled for "MailList King Pro", one of his products, and most of the hits were for serial numbers and cracks...

Re:/. it

[Gilesx (525831)]

You were looking for this:

www.e-buyonline.com

More than just copyright violation...

[procrastitron (841667)]

I know that a lot of people are going to compare this with suprnova/etc to support their stance on copyright law. Rather than take a side right now I would just like to point out that this is not just simple copyright violation. The site in question was also committing fraud and trademark violation, both of which are separate issues in addition to the copyright violation.

Re:More than just copyright violation...

[Ilgaz (86384)]

Forget everything. Fraud etc...

People who gets tricked gives their personal details, credit card number to such an asshole.

I think developer was too polite or something. I'd do what network solutions suggest, call law department.

His problem is solved but that guy will definitely continue to do business (!) with other peoples software. Why? He didn't have cops showed up at his door.

Remember, because of Bin Laden asshole, Pakistan and USA law departments are nearly connected to each other. I liked to note it for those people who thinks Pakistan is (yes) backward country and they could do nothing about it.

Re:More than just copyright violation...

[dn15 (735502)]

it is somehow okay to rip off somebodies hard work ("just a simple copyright violation"), but to rip off his *logo* is somehow mean and nasty and below the belt? dude, you have some serious prioritisation issues.....

Well, in most cases people redistribute content without the right to do so and that's the end of the story. But this thread is about someone who redistributed content without rights and impersonated the creator in the process. Neither is particularly honorable, but the latter is arguably more devious.

Re:More than just copyright violation...

[jonbryce (703250)]

Yes. Trademark infringement is generally considered to be more serious by the courts around the world.

The difference is that people are under the impression they are buying from the person who created the software or someone authorised by them.

Re:More than just copyright violation...

[zakezuke (229119)]

so, hang on, let me get my head wrapped around this - it is somehow okay to rip off somebodies hard work ("just a simple copyright violation"), but to rip off his *logo* is somehow mean and nasty and below the belt? dude, you have some serious prioritisation issues....

Piracy is one thing. You are getting something for nothing. You *could* place a dollar value based on what the software would normally cost but that's about it.

To misrepresent your self as another company is a form of flat out fraud. In this case someone was getting money for someone else's work, taking credit for someone else's work, and one could argue causing them harm through this misrepresentation. After all the guy was asking for credit card numbers. Not only is there the dollar value of the software someone else profited from but the possibility of harming the character of the rightful owner. Would you do business with a fraudster? Would you use their software or reject it? Would you tell others to reject it?

I will not say piracy is OK in this reply. I will say that bootlegging is greater offence. And to misrepresent your self as being the owner of code that doesn't belong to you and use this lie to make money one would be no better than.... I don't know.... SCO.

Godwin's Corrolary

[Rufus88 (748752)]

one would be no better than.... I don't know.... SCO.

Someone was just compared to SCO. Next thread!

Re:More than just copyright violation...

[JuggleGeek (665620)]

There is a difference between me allowing n users to upload a given movie from me, and trying to sell it. The point where I draw the line is when money comes into play.

So, you'll download free software, but you draw the line at paying $2 to download pirated stuff, because you are far too honorable for that. Got it.

Either way, if the software author can't sell his software because it's being distributed (for free, or for cheap) by someone else, he ends up out of business.

Great job

[hexed_2050 (841538)]

Awesome! Great work on taking the copycat's site down. There are way too many punks on the internet these days that will stoop to massive lows just to make a buck or two, it's pure garbage. I have many ideas always in the mix and I dare tell a couple people about them before the official release date - I've been ripped off by people before like this.

sadly, you know as well as I, it won't be long before your copycat starts up on a new hosting server and does the exact thing again.

He won with a counter threat

[lodn (532801)]

To bad the hosting provider didn't take his complaint seriously. This guy can just pick the next company and start all over again.

Seems like he has alot of work to do

[Omniscientist (806841)]

After doing a Google [google.com] of "MailList King", there unfortunately seems to be an abundance of sites that have his software for download. On the official website, you must pay first, so it appears he has quite a bit of copycats/pirates to track down.

Good luck buddy.

His effort was not enough

[statusbar (314703)]

http://www.e-buyonline.com/purchase.php [e-buyonline.com] and http://www.e-buyonline.com/mk.php [e-buyonline.com] still allows you to enter in credit card info to purchase the stolen program.

--jeff++

Re:His effort was not enough

[dasunt (249686)]

http://www.e-buyonline.com/purchase.php and http://www.e-buyonline.com/mk.php still allows you to enter in credit card info to purchase the stolen program.

That's okay, the resulting slashdotting will kill it. :)

In all seriousness, this guy doesn't seem to be beyond the reach of US law. His hosting appears to be from Pakhost, who *tada* keeps their servers in Michigan and Texas.

Remember that DMCA thing we bitch about? Time to write a takedown notice [wikipedia.org] to the hosting company citing the infringing material in question. In addition, once you have collected that information, take a few extra minutes tracking down the legitimate owners of the other software on the site, explain what you did, and share that information.

[ If I'm wrong and his hosting company isn't in the US, a careful inspection of the online store reveals no validation of ording information other than a valid email address. A bitter, wronged coder could write a script to string together valid-looking names, locations, emails, and credit card numbers, then flood their ordering page. It appears that the order information is checked manually, so the above action would end up DOSing their ordering channel. Depending on your location, and the location of the server, this may be very, very illegal, and thus I don't advise it.]

Still more work to go

[neXus_umr (844373)]

It looks like his pirater just changed the name and icon of the software. www.ebuy-online.com [ebuy-online.com] now has a program called Maillist Pro with a different icon but the exact same key features (minus extraneous whitespace) and a description that only differs in that the word King doesn't appear.

Check it out:
http://www.e-buyonline.com/maillist.php [e-buyonline.com]

just use his own software against the copycat

[circletimessquare (444983)]

i mean his product is called "maillist king", right?

well, sign the copycat loser up to every known source of spam in the universe, as befitting the skills of someone whose product is called "maillist king"

and then watch the copycat's server melt /didn't rtfa

Not far enough.

[marcushnk (90744)]

You should NOT have stopped at the pulling of your gear.
Send all the emails to the admin at the host.
Do not give this bastard an even break. He obviously will not give others a break.

Anyone paying attention? What's wrong with y'all?

[hkmwbz (531650)]

First of all, why all the comments about Xequte selling spamming software? Did you all even take the time to visit the site and actually look at the software available [xequte.com]? Most of these have to do with image manipulation, and not a single word about bulk e-mail or selling e-mail addresses.

MailList King is a piece of mailing list software, you know, the kind where you can set up a mailing list for discussion, or use it to send information to your customers. He explains it clearly on his site! Sure, you can probably use it for spam, but that's not the author's fault is it? If MailList King is spamming software, then GNU Mailman [gnu.org] from GNU.ORG is too. Can you all see how ridiculous all this spam talk sounds?

If you people had actually bothered to visit the page and read the text, you would have known that the screenshot is of the scammer's site [e-buyonline.com]. Yes, those bulk e-mail programs, e-mail addresses for sale, and so on, are all completely unrelated to the author of MailList King software, apart from his program and the content of his site being ripped off by a spammer/scammer [e-buyonline.com] (it seems that the scammer has just renamed the software, but he still has the text from the actuall MailList King [xequte.com] page on his site).

As far as I can tell, all the evidence so far clearly shows that the MailList King author is not a spammer or involved in such activities. Until someone posts evidence to the contrary, I suggest that you all stop shouting about spammers when the only spammer here is the guy who ripped off Xecute's software. Seriously, people.

One thing I'm disappointed about, though, is that he didn't follow up on this. The site clearly belongs to a spammer, and he rips off other people's sites and software, making money from spamming and scamming. As mentioned above, he simply renamed the mailing list software, but the product page on the scammer's site [e-buyonline.com] still shows text taken directly from the original page [xequte.com].

I would have hoped that this spammer/scammer could have been nailed down and kicked off the 'net. Perhaps someone else can pick it up from here and track down the scammer to put an end to his online adventure?

That was... Anti-climatic

[Albinofrenchy (844079)]

When I read the article write-up, I just assumed I was in for some great tale of some peice of scum getting fscked. This was as mundane as going to see a batman movie and batman handles the final foe by calling his mom names.

Wouldn't it be just terrible...

[benna (614220)]

if this scammers site [e-buyonline.com] suddenly got knocked off the face of the internet by thousands of large UDP packets?

A Better Strategry

[Ann Elk (668880)]

Forward a pointer to the bogus site [e-buyonline.com] to Microsoft's legal department. Notice the name? Notice the font used? Doesn't it look like it's designed to resemble Microsoft's logo? This is precisely the type of thing Microsoft Legal prosecutes with a vengeance.

Hey, just because you hate Microsoft doesn't mean you can't use them to your advantage occasionally...

The guy didn't learn yet-fry him.

[Martigan80 (305400)]

Well goto here [e-buyonline.com] and all he did was change th icons and the names a little. Match the previous link with the one in the article [xequte.com].

Overkill?

[skinfitz (564041)]

Within minutes I received the following:

okey I had remove the logo and the software completely.

And with that single line I had won. I checked his site and all references to our software were gone.

Boy that really showed him! I'm sorry but I don't think emailing someone and asking them to remove the software "otherwise you will complain to the hosting company" quite constitutes the phrase "steps it took to bring him down". I was hoping for a story of how you chartered a private bounty hunting squad of ex-navy SEALs and pursued him through the jungle while your software was tied to a site under threat of being sold - hell it would have been nice if he'd been sued for $50 but asking him to remove it? Come on - more like "steps it took to send an email asking him to remove it" may be more appropriate!

Make the bastards suffer!

Some digging on e-buyonline.com

[merc (115854)]

Nigel: I don't know if the original story was dealing with "e-buyonline.com", as someone on slashdot already pointed out it appears they just changed the name of your software and altered your logo (if at all):

"http://www.e-buyonline.com/purchase.php"

Some interesting things I've noticed about the domain:

Name: e-buyonline.com [67.18.82.84]
Aliases: www.e-buyonline.com

root@argc:~> g 67.18.82.84 | m
[whois.geektools.com]

OrgName: ThePlanet.com Internet Services, Inc.
Address: 1333 North Stemmons Freeway
Address: Suite 110, Dallas, TX 75207
Phone: 214-782-7800, Fax: 214-782-7801

Inverse DNS: welcome.topakistan.com [67.18.82.84]

ToPakistan.com Registrant Contact:
Welcome.ToPakistan.com
Khalil Ahmad (khalil@paksys.com)
+92.427596659 , Fax: +92.427583039
6-L, 73 Business Center, Shadman
Lahore, PUNJAB 54000 PK

I take it that's where your pak***.net (and also paksys.com is the same company, maps to the same IP address and WHOIS registration data)

WHOIS Administrative Contact:
Ahmad, Khalil khalil@paksys.com
116 Salem Road, North Brunswick, NJ 08902
732-297-8908, Fax: 732-297-8906

They are a U.S. company. The phone number confirms they are paksys software, also a gander at their website shows the same address and phone number. Calling the New Jersey phone number reveals someone with a thick Arab accent announcing "you have reached paksys software..."

They are located INSIDE the U.S., telco exchange shows that prefix (732-297) to be in Franklin Park, NJ.

Their hosting website also shows the same information, their "U.S." address available for visits by appointment only (could be a residence)

https://www.pakhost.com/?sect=0&subsect=40

The State of New Jersey will sell you the company filing information for a nominal fee, it looks like PAK SYS SOFTWARE is listed, their file # is
ID: 0400053874, go to the State of NJ's Business Entity search at

https://accessnet.state.nj.us/GatewayWatchNameSe ar ch.asp

Start with filing a complaint with the New Jersey state attorney general, this could get you some type of response (though I noticed you're
in New Zealand.

http://www.state.nj.us/lps/

Consumer Complaint form:

http://www.state.nj.us/lps/ca/ocp/ocpform.htm

Franklin Park, NJ is in Somerset county, start at:

http://www.co.somerset.nj.us/

Toni Arts has a worse problem

[Skiron (735617)]

This happened to Tony Arts - only worse - his domain was ripped away from him, and then whoever done it started charging for his free[ware] software!! (and he codes some good stuff - I used to use a few in my winders days)

The 'Official' Toni Arts page now:

http://personal.inet.fi/business/toniarts/index.ht m [personal.inet.fi]

and the unofficial 'ripped off' one:

http://www.toniarts.com/ [toniarts.com]

If ever a site needs removing, it's that one :-(

7 Steps To Infringer Takedown

[RonBurk (543988)]

1. Immediately(!) purchase the stolen software, using a Mastercard or Visa. The resulting download is evidence, and the purchase itself will be used later. Make every effort to identify who (URL, domain name, contact info, company name, etc.) is actually processing this credit card transaction (hint: it's usually not the kid in Pakistan).
2. Notify the contact info of the domain of the infringement. Use a DMCA-compliant notification.
3. Notify the next upstream ISP of that domain of same.
4. Notify the domain's registrar. Some have TOS which forbid illegal activity.
5. Is the bad guy still up? Then start notifying the credit card processor that they have participated in a sale of stolen goods. Use a letter that calmly documents the date of purchase, how you identified the download as a stolen copy of your software, etc.
6. When your credit card bill arrives, follow the instructions on the back of the bill to contest that purchase. Inform the credit card company of everything that's happened, including dates and times and copies of correspondence
7. Join the ASP [asp-shareware.org]. It's a chance to notify fellow software producers that their software is being ripped off along with yours (and increase the pressure on a particular pirate site). It's also a way of supporting an organization that works to support your right to make a living selling software.

The linchpin in this effort is credit card processing. I don't care if you live on a small island that you rule yourself, if you take Mastercard/Visa transactions, you rely on American companies and American law. These giant companies grant smaller companies the right to parcel out merchant accounts, and they can cause non-trivial financial pain for merchant accounts that generate too many complaints for them.

The wheels of the law can take much time to grind to a conclusion, and not always in your favor. Visa/Mastercard can issue a $20,000 fine in a much shorter time, and they don't have to consult a jury.

In the Wild West of Internet fraud that involves money flow, Mastercard/Visa is judge, jury, and executioner. Most victims simply don't know enough to bring their case to them, or the amount of fraud would be dropping.

Just a question

[ducomputergeek (595742)]

Yesterday there was a story about a priacy ring and people being sentance to 15 years for charging for access to pirated materials. There were a number of highly modded post about how wrong it was to sentance that guy to years in prison and a few posts about the evils of the DMCA and closed source software that always accompanies just stories.

Today we have this story where someone was selling pirated software taking credit from the creator, but because this wasn't some giant software company overwhelming there are modded responses about "way to go", "stick it to 'em", etc. etc.

My questions is what is the difference between yesterday and today? Both folks committed copyright, trademark, and fraud, but because its the work of some smaller outfit it is more of an evil than the same thing happening to "Evil giant corperations"?

Piracy is theft. Fraud is Fraud. Infrigement is Infrigement. End of story. It doesn't matter if its small guy or giant huge megacorp.

I hope that the creator(s) of this program nail this guy and take 'em to the cleaners. Its times like these that lawyers are not an evil word and lawsuits in federal court aren't either.

Re:MailList: Used by Spammers?

[lxt (724570)]

Maybe, but from what I can tell it doesn't actually get supplied with any email addresses - it's just a mailing list utility program (which looks pretty good, actually), with hundreds of legitimate uses.

That said, some of the tools the software provides do look like being tailored towards the bulk advertising market...but they too also have some legitimate use...

Re:MailList: Used by Spammers?

[balloonhead (589759)]

So, it's ok for KaZaA/BitTorrent/P2P as they have legitimate uses, even if they are used mostly for copyright violation, but it's not ok for this guy as it could be used for spam?

Give us a break. Can't have it both ways. The guy is just trying to make a living. If someone uses it to send spam, it's THEM that are at fault, not the writer of the software.

It's the same as guns don't kill people, people kill people.

Re:MailList: Used by Spammers?

[balloonhead (589759)]

As I understand it, being a hitman is illegal and generally considered to be immoral. Writing software on the other hand is not.

Mailing lists are useful to:
-clubs
-websites with subscriptions
-charities
-schools
-businesses
-newsletters
-friends

and all of these are legitimate uses. I am not denying that spammers use these tools as well, but far more legitimate users use bulk mailing programs (think of the tens of thousands of clubs, websites, charities etc who use them) than spammers. Spammers may generate more email, I agree. But there are more legitimate mailing lists than spammers.

P2P, as I understand it, uses over 50% of the traffic on the internet (random source from google search) [cachelogic.com], so I think it could be said it does a lot more damage to the internet through being a bandwidth hog.

Don't get me wrong, spam is a royal pain in the arse. But the guy has done nothing wrong. And the fact that his software is a useful tool for a few spammers doesn't change the fact that most users are likely to be using it for legitimate purposes. Most spam is sent from Windows computers. Most windows computers are not used for spam. The developers of windows are not at fault for the other uses their software is used for (like running 3rd party spam apps).

What you are saying is that Microsoft should stop complaining about pirated software because they are responsible for most spam, so the sell software to exactly the sort of people who pirate their software.

Re:MailList: Used by Spammers?

[Datasage (214357)]

I will give him the benifit of the doubt though. Even if i get flamed for it.

Yes his software does make it easy to send email messages to alot of people, but there are uses other than spam for that. Not everyone knows how to use or knows about open source mailing list software. For novices, guis are good.

Just browsing his site and forums, it doesnt appear that he intents this software to be used by spammers. Though the name really sucks.

Used by spammers? maybe.. but i dont think it would give you great performance as other software will.

Re:MailList: Used by Spammers?

[eclectro (227083)]

Just browsing his site and forums, it doesnt appear that he intents this software to be used by spammers. Though the name really sucks.

Agreed. This guy deserves the benifit of the doubt on this one.

If you take a look at his other software [xequte.com] it is clear that his business is not spam-centric.

Maillist King is no "SpamShoveler 3000" either, as it doesn't have many of the features that I see in the spam I have been regularly receiving.

Also, there are legitimate businesses that send out mailings to customers. There are a couple that I don't mind receiving that tells me about new stuff on the shelves.

So the criticisms are not justified IMHO.

Re:MailList: Used by Spammers?

[1u3hr (530656)]

For Christ's sake, people, write something useful.

Look at the guy's site [xequte.com] before you spout off. He has a lot of other software, most of it related to graphics. And MailList, like any mailing software, could be used for spamming, but its features seem more designed for (legit) mailings, discussion lists, etc. I don't think it has stealth features, to hide the sender, add chaff to confuse filters, and other such that would mark it as evil by design.

Re:MailList: Used by Spammers?

[ctr2sprt (574731)]

I hate to do it, but I'm going to have to trot out my standard freedom argument. Much like proponents of free speech sometimes have to support really objectionable speech (like KKK rallies), I have to support this guy's right to make software which might be used for spamming. After all, there's nothing wrong with BitTorrent, even though one of its major uses (perhaps its primary use) is distribution of pirated materials. Bulk mailers can have perfectly legitimate uses; it's not fair to blame their developers for what spammers sometimes do with them.

Is this karma? Well, maybe so. But two wrongs don't make a right. The proper way of dealing with this guy - if his program really is intended to aid spammers - is to make his software illegal or, better yet, convince him to stop writing and selling it. And even then, stealing and reselling the program is hardly an effective vigilante response!

Re:Hardly steps

[Nigelxequte (844372)]

For the record MailList King is more about managing a mailing list (handling subscribes, unsubscribes, bounces, double opt-in requests) rather than a bulk mail sender. Sure, like any e-mail software that can handle a lot of addresses it _can_ be used for spamming, but we deliberately do not add the tools that spammers like (random word insertion, obfuscation of headers, etc) so in that respect MailList King is not really spam software.

Nigel Cross

Re:Hardly steps

[Felipe Hoffa (141801)]

Have you considered changing its name? If for most people a name like "MailList King" sounds like an evil spammer's tool (it does for me, that was my first impression) maybe it's time to change that name. You know, if you want your product to be successful, you should pay attention to marketing issues.

Fh

Re:Spam software?

[goMac2500 (741295)]

He didn't write those. Take a look at his site. Only MailListKing belongs to him. All the other software was only advertised on the fake fraudulent site. Jees... lay off the poor guy and rtfws...

Re:Spam software?

[Diabolical (2110)]

RTFA. The copycat only copied Maillist King which is a mailing list management package not a mass mailer. He abused the images for other software by applying them to spam tools. The rest was not software or any other tools from the original site. So the copycat is the one with the spamsoftware.

Re: Spam Software

[Tony Hoyle (11698)]

There is in mailman too... is that suppposed to be spam software?

Sometimes mailing lists need to be anonymous.

Re:Shouldn't he just change his business model?

[malkavian (9512)]

And I prefer the words "Copyright Infringement", as that's what it is, not stealing.
Theft is removing an item or service from someone, so that the owner is deprived of it.
Copyright infringement is duplication of an item or service. Copyright infringement doesn't even mean a sale would have been made even if the copy weren't made.
But that topic's been done to death everywhere in /..
And personally, I don't "Infringe Copyright" because I can afford to pay for the services I want. So I pay for what I want/nee