Problem with my WSO: Coincidence or Not?

by WillR
19 replies
Warriors,

Last week I launched my first WSO and it has gone very well. I received a lot of traffic to my site and all those people were also exposed to my support email address. Within only days of launching my WSO my Hotmail email address had been hacked and spam sent out, an email address I had previously used for 12 years without any problems whatsoever. I have now been locked out of that account and even after providing all the necessary proof, they refuse to let me back in.

I mentioned this to a few other people and some others had heard about the same thing happening to other Warriors around the time they also launched their WSO. Let me get this clear. I'm not pointing any fingers or saying there is a flaw with the WSO system but I would like to at least get this out there and hear from any others who may have experienced similar problems. If this is something that is being done by members of this forum then we need to know about it and figure out some solutions.

So, has anyone else experienced a similar situation...?
#coincidence #wso
  • Profile picture of the author KLaAz0r
    Why would you use hotmail? That is the first question
    Signature
    I will create high quality graphics
    for $5
    ->CLICK HERE<-
    OFFER ONLY FOR 2 WEEKS
    {{ DiscussionBoard.errors[3981430].message }}
  • Profile picture of the author travlinguy
    I get the sense there are malicious people targeting this forum. There was a post up here last week saying that many of the fiverr type sites have people offering any WSO for $5.

    That probably means they are here, they buy an offer, quickly demand a refund and then go and sell it multiple times. There also seems to be an invasion of sig spammers around. Not paranoid, just sayin...
    {{ DiscussionBoard.errors[3981459].message }}
  • Profile picture of the author Linda_C
    I've never done a WSO yet... heck, I haven't even created a sig file yet.

    Just wanted to say sorry this happened to you. It sucks!
    {{ DiscussionBoard.errors[3981471].message }}
  • Profile picture of the author WillR
    I've just had an interesting PM from another member of this forum (who shall remain anonymous) who says he has seen posts before from people on black-hat forums talking about going through the emails of Warriors and detailing various email conversations certain Warriors have had with their customers.

    This is a serious issue...
    {{ DiscussionBoard.errors[3981472].message }}
    • Profile picture of the author NicheMayhem
      Well, considering this forum gets loads upon loads of traffic, unfortunately this sort of thing is bound to happen once you funnel some of that traffic towards yourself. I know it sucks, it has happened to me before too but not from anything here.

      Just to make a suggestion, could you put a submit form on your website or wherever it is people contact you? Instead of just having the email out there, add another step for them to have to go through before getting the address. A submission form is an easy script to add to a webpage and will actually make things easier for your customers to ask a question.

      Scammers and spammers are typically lazy idiots who won't take an extra step to get your email. Just a thought.
      Signature
      Whether you think you can, or think you can't, YOU'RE RIGHT!! <~~Henry Ford

      Check out my video gigs on fiverr!
      {{ DiscussionBoard.errors[3981497].message }}
      • Profile picture of the author WillR
        Originally Posted by NicheMayhem View Post

        Just to make a suggestion, could you put a submit form on your website or wherever it is people contact you? Instead of just having the email out there, add another step for them to have to go through before getting the address. A submission form is an easy script to add to a webpage and will actually make things easier for your customers to ask a question.
        That can be done but it doesn't really solve the problem. In order to respond to those questions you need to send those users an email which then means they eventually have your email address anyway.
        {{ DiscussionBoard.errors[3981551].message }}
        • Profile picture of the author NicheMayhem
          Originally Posted by WillR View Post

          That can be done but it doesn't really solve the problem. In order to respond to those questions you need to send those users an email which then means they eventually have your email address anyway.
          Right, that's my point, add in an extra step. That is why I said how scammers and spammers are lazy and won't go through all the trouble to send you a phony email, then wait for you to respond, then commence hacking your account. Make yourself less of an easy mark by not handing out your email on a webpage.

          Truth is if your doing things the way you are supposed to be doing, the visitor who got your email address and then hacked your account could have just as easily came from Google.

          I have no clue how the forum could possibly filter out undesirables from going to your page via a WSO. Matter of fact within the rules of the WSO area, which you agreed to, it is between you and other warriors if a problem should arise. Safeguards are your responsibility and first things first, never hand out your email address or post it on any webpage ever. There are content scraping programs out there which specifically look for the "@" symbol just to get email addresses.

          There is no way for this forum to stop anything remotely like what you describe. Best bet is for you to do your support at least via a form submission script or get a support desk on your site.
          Signature
          Whether you think you can, or think you can't, YOU'RE RIGHT!! <~~Henry Ford

          Check out my video gigs on fiverr!
          {{ DiscussionBoard.errors[3981742].message }}
          • Profile picture of the author Jill Carpenter
            Will, you are way too cool to be using hotmail. You can make your own name at your own domain, and just forward or funnel it to a free email account if you want. Gmail has some decent filtering going on.



            I think Ken would know if there was really an issue, but I personally never heard this issue from anyone. That is not to say it does not exist, but hotmail can actually have it's own issues and I suspect that a fresh email addy will alleviate the problem.

            Sorry to see you having this trouble.

            Good luck on a quick resolve.
            Signature

            "May I have ten thousand marbles, please?"

            {{ DiscussionBoard.errors[3981797].message }}
          • Profile picture of the author WillR
            Originally Posted by Ken Strong View Post

            Yes, it is, but it would be helpful to have more specifics than an unsubstantiated third-hand allegation from an anonymous party.

            I imagine it would make more sense to contact the Help Desk here if you think it's a problem with the forum software.
            Originally Posted by NicheMayhem View Post

            Truth is if your doing things the way you are supposed to be doing, the visitor who got your email address and then hacked your account could have just as easily came from Google.

            I have no clue how the forum could possibly filter out undesirables from going to your page via a WSO. Matter of fact within the rules of the WSO area, which you agreed to, it is between you and other warriors if a problem should arise. Safeguards are your responsibility and first things first, never hand out your email address or post it on any webpage ever. There are content scraping programs out there which specifically look for the "@" symbol just to get email addresses.

            There is no way for this forum to stop anything remotely like what you describe. Best bet is for you to do your support at least via a form submission script or get a support desk on your site.
            As I said in my original post, I am NOT pointing fingers or saying there is a flaw with the forum or the WSO process. I know there is not. I am trying to establish if others have experienced the same issue and what we can do about it so others do not have the same problem.

            My email address is NOT listed on an open website as I know scrapers are always looking for them - it is locked away in the members area of my website so the only people who had access to it are people who purchased my WSO - THAT is the problem I am talking about here.

            We all know about the illegal sharing of WSO's that currently go on and it is my fear that this is what may attract such activity.
            {{ DiscussionBoard.errors[3981803].message }}
            • Profile picture of the author NicheMayhem
              Originally Posted by WillR View Post

              As I said in my original post, I am NOT pointing fingers or saying there is a flaw with the forum or the WSO process. I know there is not. I am trying to establish if others have experienced the same issue and what we can do about it so others do not have the same problem.

              My email address is NOT listed on an open website as I know scrapers are always looking for them - it is locked away in the members area of my website so the only people who had access to it are people who purchased my WSO - THAT is the problem I am talking about here.

              We all know about the illegal sharing of WSO's that currently go on and it is my fear that this is what may attract such activity.
              I hear what your saying, it is a pertinent point to add that the only access to the address was within the members section. Sorry if I previously insinuated you were clueless, didn't mean to. Sadly, this just sounds like the risk you take in doing business. I really can't think of any possible way to safeguard against a dishonest PAYING customer who will take your info and abuse it.

              I wouldn't really lay blame on Hotmail, all free email addresses can get hacked. It is worth it to point out though, the most common way is through password guessing software. Simple passwords don't last long but combinations of case sensitive letters, numbers and symbols seriously add to security. This also falls into how lazy scammers are, the password guessing software might guess a correct simple password within hours, a complicated password though can take weeks.
              Signature
              Whether you think you can, or think you can't, YOU'RE RIGHT!! <~~Henry Ford

              Check out my video gigs on fiverr!
              {{ DiscussionBoard.errors[3981890].message }}
              • Profile picture of the author WillR
                Originally Posted by NicheMayhem View Post

                I hear what your saying, it is a pertinent point to add that the only access to the address was within the members section. Sorry if I previously insinuated you were clueless, didn't mean to. Sadly, this just sounds like the risk you take in doing business. I really can't think of any possible way to safeguard against a dishonest PAYING customer who will take your info and abuse it.

                I wouldn't really lay blame on Hotmail, all free email addresses can get hacked. It is worth it to point out though, the most common way is through password guessing software. Simple passwords don't last long but combinations of case sensitive letters, numbers and symbols seriously add to security. This also falls into how lazy scammers are, the password guessing software might guess a correct simple password within hours, a complicated password though can take weeks.
                Yeah I guess it's a lesson to be learnt for me. I know how secure we are suppose to make our passwords and how often we should change them as well but you tend to get a little lazy with these things UNTIL something like this happens. It's the same with backing up your files on a computer.

                If at worst this thread has made a few people decide to go out and update a few of their passwords then it was worth it. I do think the problem was to do with the traffic coming for my WSO though - that's why I thought it worth mentioning. There is a large black market surrounding WSO's nowadays and unfortunately a lot of those people hang out on very questionable websites and I am sure a number of them are up to no good.

                I'm sure a lot of them don't pay for the WSO's they are sharing all over the Internet.

                Sad but it's just the world we live in nowadays...
                {{ DiscussionBoard.errors[3981955].message }}
      • Profile picture of the author JR Consulting
        I know it doesn't help you much now, but how secure was your password? Meaning, how easy would it have been to crack? Was it a common word? Numbers in it? Mixture of uppercase and lowercase letters?

        It's the internet, there are people everywhere that will try to hack your email account. It's not a WSO or Warrior Forum issue, it's an internet issue. The only thing you can really try to do is come up with better passwords and use a good internet security suite for your computer, like Zone Alarm or something similar.

        Hell, look at what happened to Sony's Playstation network recently. No one is totally immune to it.

        Best of luck to you as you sort things out.
        {{ DiscussionBoard.errors[3981573].message }}
    • Profile picture of the author Ken Strong
      Originally Posted by WillR View Post

      I've just had an interesting PM from another member of this forum (who shall remain anonymous) who says he has seen posts before from people on black-hat forums talking about going through the emails of Warriors and detailing various email conversations certain Warriors have had with their customers.

      This is a serious issue...
      Yes, it is, but it would be helpful to have more specifics than an unsubstantiated third-hand allegation from an anonymous party.

      I imagine it would make more sense to contact the Help Desk here if you think it's a problem with the forum software. I can't figure out any way hackers could get at you through the "WSO system." It's not a system, it's just a section of the forum. The only other access points would be through your PayPal account (or whatever payment processor you're using), or your website that you're using to deliver the product.

      If there's some hidden epidemic of WSO-hacking going on, then it's news to me. (I'm not talking about pirated WSOs being given away on other sites; that's not the topic here.) But you should open a ticket with the Help Desk and present any evidence you have.
      {{ DiscussionBoard.errors[3981645].message }}
  • Profile picture of the author Jake Gray
    Will,

    It sure is a serious issue but the attacks can easily be stopped.

    If many others have been noticing huge problems like this, I should
    make a quick tutorial for everyone. As for you Will, I have sent you a
    private message.
    {{ DiscussionBoard.errors[3981476].message }}
  • {{ DiscussionBoard.errors[3981578].message }}
  • {{ DiscussionBoard.errors[3981845].message }}

Trending Topics