Anyone else getting mails from warriordeal.com ?

by 38 replies
Hi all,

I'm getting a raft of mails to different addresses I use, all from warriordeal.com (which doesn't resolve for me at the moment).

The odd thing is that because I key my addresses to have a unique one for each list I subscribe to, I know many of those addresses are from JVzoo purchases, via different vendors.

There are some that I can't confirm that they are JVzoo purchases, but not so many.

Anyone else got any thoughts?

Regards,
Andy
#main internet marketing discussion forum #mails #warriordeal #warriordealcom
Avatar of Unregistered
  • Profile picture of the author kindsvater
    Yep. I received one to a unique address - my JVZoo account address. I was already planning on asking my friends at JVZoo for an explanation since the spam was apparently for a WSO.

    My initial thought was either email addresses at JVZoo had been compromised, or someone at JVZoo was being naughty.

    .
    Signature
    IM Product Catalog - Free. No Opt-In. Almost 40 pages of Useful Products for Your Online Business
  • Profile picture of the author RogueOne
    My initial thought was either email addresses at JVZoo had been compromised,
    Stranger things have happened.
    Signature
    Instant WordPress Website!
    So Fast & Easy You Will Be Amazed! Check It Out Right Now >>>
  • Profile picture of the author WillR
    This may be of interest to you:

    WarriorDeal.Com SPAM | Sendingwizard.com SPAM
  • Profile picture of the author Mary Stevens
    Guess I'm not in the cool crowd. I have not gotten that one yet. Either that or the spam filter caught it.
    Signature
  • Profile picture of the author kindsvater
    A common thread here is a few marketers around long enough to wisely use unique email addresses when signing up for anything.

    I don't think I have ever bought anything via JVZoo. But I have sold products using a seller's account, and the spam I received was to the seller's account email address.

    .
    Signature
    IM Product Catalog - Free. No Opt-In. Almost 40 pages of Useful Products for Your Online Business
  • Profile picture of the author Brian Tayler
    WarriorDeal.com is unresolvable... but by looking at their DNS servers ns1.hostable.com and ns2.hostable.com these domains are also hosted with the same site on the same DNS (possibly same IP but need it to be resolvable to confirm).

    Long shot but by this list you may be able to find the domain owner:
    Code:
    12u.org, 1savenow.com, 3d-wallpapers.info, 593123.com, 5lijun.com, 99route.com, alexgiangtran.me, androidpdfreader.com, anti112.com, anzhiwang.org, apparel-mart.com, aquery.me, aspul.com, bedintrudersong.com, bestformusic.net, bestrunningjackets.com, bioquellpharma.com, black-wallpaper.org, blogperest.com, bpchipmikarawang.org, bricolageevents.com, buburbalitasehat.com, burlingtoncoatfactorycouponshq.com, burningcrusadeblog.com, carsnewsinfo.com, cbcwayne.com, cheapcheaps.com, cheapgamecameras.org, cheapmorethan.com, cheaptopsale.com, cheapwirelessrouter.us, chicanoproposal.com, cn114.info, coldrockpattaya.com, cyrus-rajpal.com, dailyresidualincome4u.com, datingpromo.org, deftext.com, devrista.com, dobeln.com, dontbeatarget.com, doxyluv.com, dwarforhumanwarrior.com, electronicssymbol.com, elnidodelhalcon.com, enetfun.com, eshoppers-stop.com, esicolombia.com, etizz.com, facebuy.org, fashion-designs.net, fikedrain.com, forumlkskarawang.org, freegadgets.us, future4cp.com, ganyuxian.com, generalmalls.com, geocodedatabase.com, geocodedatabases.com, getmegasale.com, geverivagan.com, giasugiare.com, godaddycouponhq.com, greenfieldlifestyle.com, gxlearning.org, ha8ha.com, hamptonbayhq.com, herankoana.com, hoatuoitphcm.com, hollywoodchristmasparade2011.com, homepartywahm.com, horoscope2556.info, hostviet.biz, htconephonecases.com, i2go.info, ihemorrhoidmiracle.info, imfit4life.com, imposibility.com, indian-qualitytranslation.com, insite.me, intandstring.com, interactionideas.com, intunepc.com, isavemode.com, itmjtreatmentoptions.info, jeffreypalmerphoto.com, jmcrecruitmentsolutions.com, jonming.com, juliashen.com, kangsky.org, kaskusjualbeli.net, kepiaowang.com, kiki-tv.com, kitchenhotel.com, knitting4u.com, kudusblogger.com, lichkingvideos.com, liquen.org, lispsoul.info, lookfordiscount.com, lordofsave.com, lovelazy.com, lshapedcomputerdeskwithhutch.com, magicstitch.net, magnetmotor.com, markimi.com, mccoke.com, mebancondo.com, memoryvideos.info, menbobao.com, messagedynamic.com, minixspeaker.com, mocnhienspa.com, modsnclockers.com, mu9.org, multilinkchecker.com, mysea.net, nethong.com, networkwarriors.com, new-dvdreleases.us, newsoftwaredaily.com, nexus-gaming.org, nexus-media.org, nightelfcampaign.com, nikenzshoxshoes.com, notscript.com, notscripts.com, orcshamans.com, parsdaily.com, pattaya-condo.net, pcintune.com, petsofworldofwarcraft.com, photoprintersblog.com, picfloyd.com, playfine.com, poobiz.com, preburningcrusade.net, prodigystars.com, prusignal.com, psdstreet.org, pupunk.com, qiuapple.info, qiuzhijiang.com, quangthang.net, qxhid.com, rayadairy.com, reallyamazingguides.com, relief2u.com, rustyreids.com, sarasbyte.com, schoolforxraytechnician.com, shencanggongyuming.com, shizirui.com, shufean.com, sincerelybill.com, sitedataforsale.com, slicknickonthetrack.com, sothebysfl.com, southgacommercialmowers.com, sporix.net, spottingscopesforsale.net, springbraindesign.com, sunwenshu.com, supersafetyproject.com, teaminmetsu.com, techexplored.com, thaimotorreview.com, thaitreking.com, thanhlongoto.com, thecyberwiz.com, theticketstopper.com, tinnitusmiraclesystem.info, tongginghill.com, transferpaper.org, travelersrestnongkhai.com, tzswly.com, ucuruqyah.com, undeadwarlockguide.com, venchia.com, voxethanhlong.com, wangzhansheji.asia, wedogsinc.com, weightedvest.us, wendellbarrus.com, whoisstuff.org, wocehua.info, worldjewelrymall.com, worldofwarcheats.com, worldofwarcraftscheats.com, worldofwarcrafttrailers.com, worldofworldcraftfreetrial.com, wowcataclysmblog.com, wpcure.com, wpsukses.com, wrathofalichking.com, wrathofthelich.com, writersreel.com, xleg.info, xn--12casb8d1ah1etas8a5g2a7p5d.net, xn--42cfb4gzab8byaf1a3f7e9dj.com, xp-unlimited.com, xxkp.net, yijiabao.org, yomajans.com, zhangyizi.com, ziyouku.com, zlee.info, zyxjlt.com
    • Profile picture of the author Paul Myers
      warriordeal.com isn't quite as big a source of spam for me as wsoleads.com, which is run by one Danut Burlan. (or Danut Burlan-Ion, depending on which place you see his name.)

      Burlan spams from a few domains, and breaks almost every rule in the book.

      Still, whoever owns warriordeal.com needs run off the net.
      I don't think I have ever bought anything via JVZoo. But I have sold products using a seller's account, and the spam I received was to the seller's account email address.
      That is the first thing in the thread that really makes me wonder if the breakdown is inside JV Zoo. If so, my guess would be they got hacked.


      Paul
      Signature
      .
      Stop by Paul's Pub - my little hangout on Facebook.

  • Profile picture of the author briankoz
    They didn't get access to them from JVZoo it's self. If they did, you know as well as I do, that would be all over the black hat sites so fast on how to do it that everyone would start getting random emails from all over the place. There's multiple ways someone could have got your email address. People selling lists, autoresponders getting hacked, their Zoo account login and password hacked, them being a JV partner on it and getting the emails and a number of other ways.
    Just to chime in for a minute or two here...

    I believe you're wrong and that there's a very good chance that JV Zoo was indeed hacked / compromised (or the alternative is that someone inside there is giving out the lists, which I'd say is probably less likely unless you'd have reason to think otherwise).

    If people, including myself, have multiple "unique" e-mails and only the ones that bought JV Zoo products are getting compromised, that pretty much rules out 3rd party autoresponders and the like.

    And being someone who has dealt with hackers before, obtaining a list is much easier than you might think. Most membership scripts are very easy to hack, as are most forum scripts. And once a hacker is in, it can be very hard to fix the issue if they're a smart hacker.

    But I would work with the assumption that if multiple people are telling you that only their unique JV Zoo e-mails are getting spammed, it's unlikely that multiple 3rd parties were hacked, multiple vendors were all hacked at once, every vendor is selling their list, etc. and that there's a good chance it's in JV Zoo itself being compromised.

    The good news is that this can be addressed and fixed. Feel free to hit me up if you want some suggestions as I've dealt with this before (and it's a pain...).

    - Brian
    Signature
    WebFire.com -- Over 25 Tools to Get Free Traffic, Rankings, Leads, and Exposure!
    MobileAutoresponder.com -- Build a Mobile List and Send Unlimited Text Messages!
  • Profile picture of the author Victor Edson
    No one with gmail is having this problem
    • Profile picture of the author Paul Myers
      Shaun,
      Would multiple vendors who use JVZoo to sell their products all get compromised independently by the same spammer at the same time?
      Multiple 3rd parties compromised all at once? Probably not.

      Sell their lists? Maybe. That's apparently not as unlikely as I would have thought. I'm not surprised that it happens, but I'm beginning to be surprised at how much it happens.

      Victor,
      No one with gmail is having this problem
      Even assuming that's true (and it probably is) Gmail users may end up having related problems because of it.

      Spam pointing to pages at the forum could easily result in legitimate mail from the forum (or W+, JVzoo, DigiResults, etc) being blocked or spam-foldered at Gmail. That could mean missing notifications of PMs and responses to threads, registration confirmation requests, receipts for products, support responses, and more.

      There's a reason we step hard on spammers using these services. They are considered an active threat to our members.


      Paul
      Signature
      .
      Stop by Paul's Pub - my little hangout on Facebook.

    • Profile picture of the author Jason Ladlee
      [DELETED]
    • Profile picture of the author CyberAlien
      Originally Posted by Victor Edson View Post

      No one with gmail is having this problem
      I would love to know how you reached that conclusion lol - do you have access to everyone's Gmail accounts to know that none of them got these emails lol
  • Profile picture of the author onegoodman
    I did receive couple of emails from them last few days, I was wondering where they getting my email from since I didn't opt in
  • Profile picture of the author hron
    I received spam today too, to my private domain email

    from sendingwizard.com
    promoting warriordeal.com

    these domains are whoisguard.com protected.
    I filed a spam complaint for both domains.

    Just go to whoisguard.com there is a form to report spam.

    ------------

    PS. I bought Auto Pinterest Marketer from jvzoo in feb. 2013 with this email.
    I guess jvzoo has been hacked


  • Profile picture of the author ForumGuru
    Banned
    I've been getting spammed from these morons since 6-17-2013 and it's an email address that I do not use for optins --> it's a payment address so that means it had to come from only a few places. I have been spamcopping them and complaining to wiredtree etc. on each and every one. This email address is not published anywhere public on the web so ultimately it had to come from someplace like jvzoo. The last email I received from them was on 7-14 and if I get any more I will send all of them to Bryan.

    According to my records I filed 11 complaints on them and I have a copy of all of the emails. At least the domain is not resolving now...that's a good sign.
  • Profile picture of the author Eternal
    I have gotten them as well, very annoying. Should probably block them.
  • Profile picture of the author TTGSteve
    Checked my spam folder. Found an email in there from warrior deals.
  • Profile picture of the author Kingfish85
    Caught in spam filters:

    Subject: Go and get the ultimate business lead machine!
    X-PHP-Script: sendingwizard.com/apps/cli/web_send.php for 91.109.6.84
    Date: Sun, 14 Jul 2013 15:01:55 +0100
    From: Warrior Deal <news@warriordeal.com>
    Reply-to: Warrior Deal <news@warriordeal.com>
    Message-ID: <325c4c8ddc6d2c99b3fd87659d3c7427@sendingwizard.co m>
    X-Priority: 3
    X-Mailer: Email Sending System
    X-Complaints-To: admin@infusionlist.com
    List-Unsubscribe: <http://sendingwizard.com/apps/u.php?p=rx/rs/26qt/rv/ry/rs>
    X-MessageID: rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs
    X-Report-Abuse: <http://sendingwizard.com/apps/report_abuse.php?mid=rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs>
    X-SMTPAPI: {"unique_args":{"abuse-id":"rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs"}, "category":"campaign"}
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable
    Content-Type: text/plain; charset="utf-8"
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host.sendingwizard.com
    X-AntiAbuse: Original Domain - ****************.com
    X-AntiAbuse: Originator/Caller UID/GID - [501 514] / [47 12]
    X-AntiAbuse: Sender Address Domain - sendingwizard.com
    X-Get-Message-Sender-Via: host.sendingwizard.com: authenticated_id: sendingw/sender_address_domain
    Hosting Company: hostable.net - Terms of Service - Web Hosting, Linux Web Hosting, Domain Names, Email Hosting by Hostable.

    Network owner/datacenter: Internap - Internap Acceptable Use Policy

    infusionlist.com - hosted at HostGator but the messages don't seem to originate there.

    MY advice would be to contact the hosting company first. If they do not resolve it, go directly to the network provider, which is Internap. They will most certainly correct the issue as removing netblocks from blacklists can become very costly.

    The message above is a bounceback message - so everything is in reverse. None the less, there's two providers to get in contact with.
  • Profile picture of the author Jesus Perez
    I got spam from WarriorDeals also. Below is the header and details. I've removed my personal information.

    Every domain involved in the email transaction (sendingwizard.com, infusionlist.com and warriordeal.com) is unavailable.

    If this had anything to do with JVZoo, then the email I used only purchased 2 things.

    OTO Secret Weapons
    Purchased: 03/20/2012 12:31 PM
    By: Warrior Secret Weapons

    Life Coach Cash University Report PLR Package
    Purchased: 02/10/2012 2:38 PM
    By: Liz Tomey

    Both of these sellers (Jeff Dedrick and Liz Tomey) do not strike me as the type to engage in this type of practice.

    If it is JVZoo, I recommend they check their analytics and referrer logs. They should be able to cross-reference the above referring domains with a specific affiliate account and find the source of the leak.

    Code:
    Delivered-To: [removed for privacy]
    Received: by 10.76.127.4 with SMTP id nc4csp23273oab;
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    X-Received: by 10.180.107.163 with SMTP id hd3mr6040849wib.13.1373798620313;
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    Return-Path: <bounce-1064-3544544-656-248@sendingwizard.com>
    Received: from host.sendingwizard.com (ds-67775.ds-10.com. [91.109.6.84])
            by mx.google.com with ESMTPS id q16si3365750wie.62.2013.07.14.03.43.39
            for <[removed for privacy]>
            (version=TLSv1 cipher=RC4-SHA bits=128/128);
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    Received-SPF: softfail (google.com: domain of transitioning bounce-1064-3544544-656-248@sendingwizard.com does not designate 91.109.6.84 as permitted sender) client-ip=91.109.6.84;
    Authentication-Results: mx.google.com;
           spf=softfail (google.com: domain of transitioning bounce-1064-3544544-656-248@sendingwizard.com does not designate 91.109.6.84 as permitted sender) smtp.mail=bounce-1064-3544544-656-248@sendingwizard.com;
           dkim=neutral (bad format) header.i=@sendingwizard.com
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sendingwizard.com; s=default;
        h=Content-Type:Content-Transfer-Encoding:MIME-Version:List-Unsubscribe:Message-ID:Reply-to:From:Date:Subject:To; bh=Kb6BnVu6874nVF+Ai0PcQWbtHZAMTAvBJKfNVVIhCsc=;
        b=KpfO1XExh3zU7LkgeLMg/Qvuo2UuB0k2tY0mrREDv4DJe/Y8fJb4dxeE4f3eTL/hlqsaL/LSnFCZuOrambK/OgTnPKr/xpeGb0QKEwDNxIv58o31qIH5nsyjY/0LEcc54fv/TsvosA/mlXyUpwAv5c70tduSR49JD/hR7QsGJfw=;
    Received: from sendingw by host.sendingwizard.com with local (Exim 4.80.1)
        (envelope-from <bounce-1064-3544544-656-248@sendingwizard.com>)
        id 1UyJmE-0002mW-GL
        for [removed for privacy]; Sun, 14 Jul 2013 11:43:38 +0100
    To: "[removed for privacy]" <[removed for privacy]>
    Subject: Go and get the ultimate business lead machine!
    X-PHP-Script: sendingwizard.com/apps/cli/web_send.php for 91.109.6.84
    Date: Sun, 14 Jul 2013 11:43:38 +0100
    From: Warrior Deal <news@warriordeal.com>
    Reply-to: Warrior Deal <news@warriordeal.com>
    Message-ID: <3e705266055a373433828d1478a628f2@sendingwizard.com>
    X-Priority: 3
    X-Mailer: Email Sending System
    X-Complaints-To: admin@infusionlist.com
    List-Unsubscribe: <http://sendingwizard.com/apps/u.php?p=rx/rs/e6f/rv/ry/rs>
    X-MessageID: rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs
    X-Report-Abuse: <http://sendingwizard.com/apps/report_abuse.php?mid=rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs>
    X-SMTPAPI: {"unique_args":{"abuse-id":"rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs"}, "category":"campaign"}
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable
    Content-Type: text/plain; charset="utf-8"
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host.sendingwizard.com
    X-AntiAbuse: Original Domain - [removed for privacy]
    X-AntiAbuse: Originator/Caller UID/GID - [501 514] / [47 12]
    X-AntiAbuse: Sender Address Domain - sendingwizard.com
    X-Get-Message-Sender-Via: host.sendingwizard.com: authenticated_id: sendingw/sender_address_domain
    
    I want to make this message very short=0Aso..=0A =0AThis is the perfect too=
    l to create a new=0Aopportunity for your business and=0Agenerate email lead=
    s online through=0Ayour wordpress site!=0A =0A>>> http://www.warriordeal.co=
    m/wsodeal/sk8esg=0A =0AThe perfect tool for any small business =0Ato rel="nofollow" target=
     their local market by building =0Aa web presence using the Local Lead =0AB=
    ooster wordpress theme. Collect leads, =0Acreate credibility and grow our b=
    usiness!=0A =0A>>> http://www.warriordeal.com/wsodeal/sk8esg=0A =0ATo Your =
    Online Success,=0AWarrior Deal Team=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=
    =0A=0A=0A------------------------------------------------------------------=
    ----------------=0A =C2=A9 Copyright 2013. All Rights Reserved.=0A=0AThis m=
    essage is NEVER sent without your request.  We take your privacy=0Aextremel=
    y seriously and will never make your information public.=0A----------------=
    -------------------------------------------------------------------=0A=0A14=
    234 FM 2920 Suite G300, Tomball, TX 77387, United States=0A=0ATo unsubscrib=
    e or change subscriber options visit:=0Ahttp://sendingwizard.com/apps/u.php=
    ?p=3Drx/rs/e6f/rv/ry/rs
    Signature


  • Profile picture of the author Kate Davies
    Started to get lots of spam recently from
    • WSOLeads
    • JVLists
    • Zoolists

    I deleted the first few so I can't really trace it back to when the first one came in and whether of not it was close to any JVZoo purchase. Was wondering if these are all sites run by the same person?

    I'm really hoping I can keep it under control by unsubscribing and blocking senders.
    Signature
    Local internet marketing in the UK
    Only the businesses who can be found online will succeed. Improve online visibility with www.vizzibiliti.co.uk
  • Profile picture of the author david carr
    These domains seem to promote offers on digiresults, you may find if we locate this person that the lads over a jvzoo have already banned them.

    Tried to contact digiresults on their support email to ask them to have a word and it bounced back.

    If everyone finds the affiliate and all reports them to the affiliate networks it may limit their options.

    Dave
    Signature

    • Profile picture of the author kevingiles
      I am a new member of Warrior Forum.....I haven't received any emails from warriordeal.com ....... YET anyway!
      Signature

      EN affiliate links/sites are not allowed.

Trending Topics