Anyone else getting mails from warriordeal.com ?

by andrewpeacock 38 replies
Hi all,

I'm getting a raft of mails to different addresses I use, all from warriordeal.com (which doesn't resolve for me at the moment).

The odd thing is that because I key my addresses to have a unique one for each list I subscribe to, I know many of those addresses are from JVzoo purchases, via different vendors.

There are some that I can't confirm that they are JVzoo purchases, but not so many.

Anyone else got any thoughts?

Regards,
Andy
#main internet marketing discussion forum #mails #warriordeal #warriordealcom
Avatar of Unregistered
  • Profile picture of the author kindsvater
    Yep. I received one to a unique address - my JVZoo account address. I was already planning on asking my friends at JVZoo for an explanation since the spam was apparently for a WSO.

    My initial thought was either email addresses at JVZoo had been compromised, or someone at JVZoo was being naughty.

    .
    {{ DiscussionBoard.errors[8279761].message }}
  • Profile picture of the author RogueOne
    My initial thought was either email addresses at JVZoo had been compromised,
    Stranger things have happened.
    Signature
    Affiliate Video Pack Includes Everything You Need To Create Multiple Income Streams! [Only $1]
    Get Yours Right Now! >>>
    {{ DiscussionBoard.errors[8279779].message }}
  • Profile picture of the author WillR
    This may be of interest to you:

    WarriorDeal.Com SPAM | Sendingwizard.com SPAM
    {{ DiscussionBoard.errors[8279787].message }}
    • Profile picture of the author RogueOne
      Originally Posted by WillR View Post

      This may be of interest to you:

      WarriorDeal.Com SPAM | Sendingwizard.com SPAM
      email addresses I created specifically for products I bought from JVZOO.
      If true that certainly narrows it down, apparently.
      Signature
      Affiliate Video Pack Includes Everything You Need To Create Multiple Income Streams! [Only $1]
      Get Yours Right Now! >>>
      {{ DiscussionBoard.errors[8279798].message }}
      • Profile picture of the author Shaun OReilly
        I create a unique contact e-mail address if ever I choose
        to join someone else's list - as a prospect or a buyer
        whenever possible.

        I have been receiving these WarriorDeal e-mails as well
        to numerous unique addresses.

        The one common factor in ALL of them is that they were
        purchases via JVZoo.

        I doubt that the guys at JVZoo are selling on our details,
        so I guess that their internal data systems have been
        compromised or there's a rogue internally.

        When making a purchase via JVZoo, I need to use my
        PayPal address and I also enter a unique forwarding
        contact e-mail address for each product bought.

        It's only these e-mail addresses that are receiving the
        blatant WarriorDeal spam.

        JVZoo: You have a problem that needs sorting asap.

        P.S. I don't think that this is a data compromise via the
        autoresponder company because they're coming from
        e-mail addresses provided to different autoresponder
        companies (AWeber, GetResponse, etc) but ALL given
        to JVZoo during purchasing.

        Dedicated to mutual success,

        Shaun
        Signature

        .

        {{ DiscussionBoard.errors[8280463].message }}
    • Profile picture of the author CyberAlien
      Originally Posted by WillR View Post

      This may be of interest to you:

      WarriorDeal.Com SPAM | Sendingwizard.com SPAM
      It's funny how they say "Unless someone specifically opts into a list and request information NO ONE has the right to send email advertisements of any kind… that is the law. "

      Clearly they have no idea about the CAN-SPAM Act and think that just because their hosting company requires double optin that its the law lol
      {{ DiscussionBoard.errors[8282461].message }}
      • Profile picture of the author Bryan Zimmerman
        I'll make this as simple as I can, which has always been the way I've handled this kind of stuff. If you're getting spam from someone like this, then please send me the link or copy me the email and I'll track down the affiliate who's sending it and their account will go the way of the dinosaur right quickly. We don't put up with that stuff and there's more than a few people who can attest to that when I am notified of this kind of stuff. However, we can only handle what we know about. So if ANYONE has an email from this "warrior deals" thing, then please PM it to me WITH the link in the email so I can kill this persons account.
        {{ DiscussionBoard.errors[8282486].message }}
        • Profile picture of the author Shaun OReilly
          Originally Posted by Bryan Zimmerman View Post

          If you're getting spam from someone like this, then please send me the link or copy me the email and I'll track down the affiliate who's sending it and their account will go the way of the dinosaur right quickly. We don't put up with that stuff and there's more than a few people who can attest to that when I am notified of this kind of stuff.
          This isn't about the WarriorDeal spammer using JVZoo
          affiliate links via their e-mail list.

          (In the last spam e-mails I received they were using
          affiliate links from another network).

          What this IS about is the spammer having access to
          unique e-mail addresses that I have only used when
          purchasing products via JVZoo.

          How they got access to these unique e-mail addresses
          from JVZoo is the problem that needs to be worked on
          and solved.

          Dedicated to mutual success,

          Shaun
          Signature

          .

          {{ DiscussionBoard.errors[8282695].message }}
          • Profile picture of the author Bryan Zimmerman
            Originally Posted by Shaun OReilly View Post


            What this IS about is the spammer having access to
            unique e-mail addresses that I have only used when
            purchasing products via JVZoo.

            How they got access to these unique e-mail addresses
            from JVZoo is the problem that needs to be worked on
            and solved.
            They didn't get access to them from JVZoo it's self. If they did, you know as well as I do, that would be all over the black hat sites so fast on how to do it that everyone would start getting random emails from all over the place. There's multiple ways someone could have got your email address. People selling lists, autoresponders getting hacked, their Zoo account login and password hacked, them being a JV partner on it and getting the emails and a number of other ways.

            Originally Posted by Shaun OReilly View Post

            This isn't about the WarriorDeal spammer using JVZoo affiliate links via their e-mail list.
            So yes, it is about this person spamming our links regardless of if the last email you got had another networks link in it. I need to find out who it is, what they've been a part of and how they got the details so I can track it etc etc.
            {{ DiscussionBoard.errors[8282806].message }}
            • Profile picture of the author Shaun OReilly
              Originally Posted by Bryan Zimmerman View Post

              They didn't get access to them from JVZoo it's self. If they did, you know as well as I do, that would be all over the black hat sites so fast on how to do it that everyone would start getting random emails from all over the place. There's multiple ways someone could have got your email address. People selling lists, autoresponders getting hacked, their Zoo account login and password hacked, them being a JV partner on it and getting the emails and a number of other ways.
              I first started seeing the WarriorDeal spam on 9th July
              but it was to my main PayPal e-mail address so there
              was no traceability.

              However, 14th July, I started to get more WarriorDeal
              spam but this time to unique e-mail addresses that I
              have ONLY used for JVZoo purchases from multiple vendors.

              Those unique e-mail addresses should only be present
              in 5 places: My computer, my server (where I created
              the unique and traceable forwarding e-mail address),
              the autoresponder company used by each vendor, the
              vendor's list backup and JVZoo.

              Most of these traceable e-mails are within AWeber and
              another is within GetResponse. (So to me, it makes the
              compromise of the third-party autoresponder unlikely).

              One of the unique e-mail addresses I created was for
              E Brian Rose (ebrianrose@example.com) and I'm getting
              the WarriorDeal spam to that. I'm sure that Brian is NOT
              sharing or selling e-mail addresses.

              Would multiple vendors who use JVZoo to sell their products
              all get compromised independently by the same spammer at
              the same time?

              Dedicated to mutual success,

              Shaun
              Signature

              .

              {{ DiscussionBoard.errors[8282913].message }}
            • Profile picture of the author kindsvater
              Originally Posted by Bryan Zimmerman View Post

              them being a JV partner on it....
              Hmmmm. I have not used JVZoo enough to know who gets what information. But the flip side is my limited use creates a limited universe of leaks.

              In fact, my JVZoo account is telling me only one affiliate has driven sales to my JVZoo product. Bryan, I'll send you a PM and maybe it will cross-reference with data from others.

              This affiliate was involved in a big spam problem a couple years ago, but had an explanation and Paul didn't ban him, so I approved him.

              Do JVZoo buyers get my JVZoo email address, or my PayPal address, or neither? Again, another possible leak point with a very small universe.
              {{ DiscussionBoard.errors[8283706].message }}
        • Profile picture of the author andrewpeacock
          Originally Posted by Bryan Zimmerman View Post

          I'll make this as simple as I can, which has always been the way I've handled this kind of stuff. If you're getting spam from someone like this, then please send me the link or copy me the email and I'll track down the affiliate who's sending it and their account will go the way of the dinosaur right quickly. We don't put up with that stuff and there's more than a few people who can attest to that when I am notified of this kind of stuff. However, we can only handle what we know about. So if ANYONE has an email from this "warrior deals" thing, then please PM it to me WITH the link in the email so I can kill this persons account.
          Hi Brian,

          To be honest, I didn't think this came from yourselves anyway.

          I know Aweber has been hacked at least twice since I started using unique emails, so I suspected the same thing here. I am just not aware of whether the lists in question are hosted via aweber or getresponse - I can't be bothered digging that far, to be honest, as my time is too precious for this. I just blacklist the specific addresses and move on.

          However, I'll PM you with the email address which are hacked, and some pointers as to where the address was used. I can forward you as many of the as you want, if you want the specific emails. I would have reported the affiliate, but as someone said earlier, the domain is not resolving, so I can't track down the links.

          Regards,
          Andy
          {{ DiscussionBoard.errors[8286805].message }}
          • Profile picture of the author Shaun OReilly
            Originally Posted by Paul Myers View Post

            Shaun,Multiple 3rd parties compromised all at once? Probably not.

            Sell their lists? Maybe. That's apparently not as unlikely as I would have thought. I'm not surprised that it happens, but I'm beginning to be surprised at how much it happens.
            Paul,

            One of the unique traceable e-mail addresses was for
            E Brian Rose and I don't think he'd be selling on my
            details.

            I also doubt that just these vendors using JVZoo for
            payment processing all got compromised by the same
            spammer at the same time.

            Originally Posted by andrewpeacock View Post

            I know Aweber has been hacked at least twice since I started using unique emails, so I suspected the same thing here. I am just not aware of whether the lists in question are hosted via aweber or getresponse - I can't be bothered digging that far, to be honest, as my time is too precious for this. I just blacklist the specific addresses and move on.
            I'm getting these WarriorDeal spam e-mails to unique
            e-mail addresses that are housed within AWeber AND
            GetResponse. I doubt that they have been compromised
            by the same spammer. If they did, how would they know
            to only get the JVZoo-related e-mails?

            Incidentally, I was able to expose the AWeber data
            compromises back in 2009 and 2010 precisely because
            I use unique trackable e-mail addresses whenever I
            can:

            http://www.warriorforum.com/main-int...sed-again.html

            http://www.warriorforum.com/main-int...mpromised.html

            I don't make statements willy-nilly without having thought
            things through and having some proof to back-up my
            conclusions.

            My unique traceable WarriorDeal spammed e-mail addresses
            point to one common source: JVZoo.

            This is no time to be burying heads in the sand.

            Dedicated to mutual success,

            Shaun
            Signature

            .

            {{ DiscussionBoard.errors[8287221].message }}
            • Profile picture of the author Bryan Zimmerman
              There's no burying heads in the sand, never been our way of dealing with things. We've had multiple people combing through everything since hearing of this yesterday to make sure IF there is something network wise, that we not only find it but take care of it. People are also going to see some extra precautions coming this evening in case accounts were compromised. However, I still want any emails anyone gets pm'd to me with the link so I can track who ever it is so their account can be banned.
              {{ DiscussionBoard.errors[8287742].message }}
              • Profile picture of the author Paul Myers
                Shaun,
                One of the unique traceable e-mail addresses was for E Brian Rose and I don't think he'd be selling on my details.
                I missed that the first time.

                Was this used only for communicating directly with Brian? No other roles or functions? If so, that's a big clue for the folks at JV Zoo.


                Paul
                Signature
                .
                Stop by Paul's Pub - my little hangout on Facebook.

                {{ DiscussionBoard.errors[8287927].message }}
                • Profile picture of the author Shaun OReilly
                  Originally Posted by Paul Myers View Post

                  Shaun,I missed that the first time.

                  Was this used only for communicating directly with Brian? No other roles or functions? If so, that's a big clue for the folks at JV Zoo.

                  Paul
                  Hi Paul,

                  I created that unique forwarding e-mail on 23rd December
                  2011 when I purchased a Webinar Workshop offer via JVZoo
                  from Brian.

                  The initial receipt came from JVZoo (via SendGrid) and then
                  I was added to the list in AWeber.

                  I have NOT used that unique e-mail address anywhere else.
                  It's a forwarding e-mail address too so I haven't used in in
                  one-on-one communication either. Just a purchase via JVZoo
                  and the subsequent list subscription for E Brian Rose/JVZoo.

                  It's a similar case for the other WarriorDeal spammed e-mail
                  addresses too. That's how I know that all vectors point to
                  JVZoo.

                  I noticed this on Sunday but didn't say anything here on the
                  forum until other Warriors mentioned that they had seen a
                  similar pattern.

                  Being hacked/compromised is not a rare situation as many
                  other companies can confirm.

                  Dedicated to mutual success,

                  Shaun
                  Signature

                  .

                  {{ DiscussionBoard.errors[8289026].message }}
                  • Profile picture of the author kpmedia
                    Here's mine:

                    There x.x.x.x, mydomain.com, and xxx.org was mine. Hence the removal.

                    Code:
                    Return-path: <bounce-1064-30184700-656-248@sendingwizard.com>
                    Envelope-to: affiliates@mydomain.eu
                    Delivery-date: Sun, 14 Jul 2013 11:01:29 -0500
                    Received: from mydomain.com ([x.x.x.x]:57380 helo=mail.mydomain.com)
                        by server4.xxx.org with esmtp (Exim 4.80.1)
                        (envelope-from <bounce-1064-30184700-656-248@sendingwizard.com>)
                        id 1UyOjp-0001TB-T8
                        for affiliates@mydomain.eu; Sun, 14 Jul 2013 11:01:29 -0500
                    Received: with MailEnable Postoffice Connector; Sun, 14 Jul 2013 11:01:01 -0500
                    DomainKey-Status: no signature
                    Received: from host.sendingwizard.com ([91.109.6.84]) by mydomain.com with MailEnable ESMTP; Sun, 14 Jul 2013 11:00:59 -0500
                    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sendingwizard.com; s=default;
                        h=Content-Type:Content-Transfer-Encoding:MIME-Version:List-Unsubscribe:Message-ID:Reply-to:From:Date:Subject:To; bh=D/03qvzuVqTgjhSsnV2KD4Yogdbd3LHjJ65Dao6ZUU8=;
                        b=NCY+UJwRr2ohy0k4JoA39oKyTUXJ7UAnIgA/WL5d+DU2DAE+EPlgrsnLGfLHIBL+1YwkfAWakHwML7R6EvsQlnbeoiSyXO0NK0a4Sspxo9+k0td6d9j1XjtM0b7+jZ1T2Do47U8XvKgjwG/gvkxBR8ju+VS8auCBMGXUjC77+pI=;
                    Received: from sendingw by host.sendingwizard.com with local (Exim 4.80.1)
                        (envelope-from <bounce-1064-30184700-656-248@sendingwizard.com>)
                        id 1UyOjf-0003jz-Ru
                        for affiliates@mydomain.com; Sun, 14 Jul 2013 17:01:19 +0100
                    To: "affiliates@mydomain.com" <affiliates@mydomain.com>
                    Subject: Go and get the ultimate business lead machine!
                    X-PHP-Script: sendingwizard.com/apps/cli/web_send.php for 91.109.6.84
                    Date: Sun, 14 Jul 2013 17:01:19 +0100
                    From: Warrior Deal <news@warriordeal.com>
                    Reply-to: Warrior Deal <news@warriordeal.com>
                    Message-ID: <8d527887f43b85387750759c0b715ed2@sendingwizard.com>
                    X-Priority: 3
                    X-Mailer: Email Sending System
                    X-Complaints-To: admin@infusionlist.com
                    List-Unsubscribe: <http://sendingwizard.com/apps/u.php?p=rx/rs/36xw/rv/ry/rs>
                    X-MessageID: rx-36xw-YWZmaWxpYXRlc0BkaWdpdGFsRkFRLmNvbQ%3D%3D-rv-rt-rs
                    X-Report-Abuse: <http://sendingwizard.com/apps/report_abuse.php?mid=rx-36xw-YWZmaWxpYXRlc0BkaWdpdGFsRkFRLmNvbQ%3D%3D-rv-rt-rs>
                    X-SMTPAPI: {"unique_args":{"abuse-id":"rx-36xw-YWZmaWxpYXRlc0BkaWdpdGFsRkFRLmNvbQ%3D%3D-rv-rt-rs"}, "category":"campaign"}
                    MIME-Version: 1.0
                    Content-Transfer-Encoding: quoted-printable
                    Content-Type: text/plain; charset="utf-8"
                    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
                    X-AntiAbuse: Primary Hostname - host.sendingwizard.com
                    X-AntiAbuse: Original Domain - mydomain.com
                    X-AntiAbuse: Originator/Caller UID/GID - [501 514] / [47 12]
                    X-AntiAbuse: Sender Address Domain - sendingwizard.com
                    X-Get-Message-Sender-Via: host.sendingwizard.com: authenticated_id: sendingw/sender_address_domain
                    X-Spam-Status: No, score=
                    X-Spam-Score: 
                    X-Spam-Bar: 
                    X-Ham-Report: 
                    X-Spam-Flag: NO
                    
                    I want to make this message very short=0Aso..=0A =0AThis is the perfect too=
                    l to create a new=0Aopportunity for your business and=0Agenerate email lead=
                    s online through=0Ayour wordpress site!=0A =0A>>> http://www.warriordeal.co=
                    m/wsodeal/sk8esg=0A =0AThe perfect tool for any small business =0Ato target=
                     their local market by building =0Aa web presence using the Local Lead =0AB=
                    ooster wordpress theme. Collect leads, =0Acreate credibility and grow our b=
                    usiness!=0A =0A>>> http://www.warriordeal.com/wsodeal/sk8esg=0A =0ATo Your =
                    Online Success,=0AWarrior Deal Team=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=
                    =0A=0A=0A------------------------------------------------------------------=
                    ----------------=0A =C2=A9 Copyright 2013. All Rights Reserved.=0A=0AThis m=
                    essage is NEVER sent without your request.  We take your privacy=0Aextremel=
                    y seriously and will never make your information public.=0A----------------=
                    -------------------------------------------------------------------=0A=0A14=
                    234 FM 2920 Suite G300, Tomball, TX 77387, United States=0A=0ATo unsubscrib=
                    e or change subscriber options visit:=0Ahttp://sendingwizard.com/apps/u.php=
                    ?p=3Drx/rs/36xw/rv/ry/rs
                    {{ DiscussionBoard.errors[8289893].message }}
      • Profile picture of the author Paul Myers
        Folks, it should be mentioned that I've found the people at JV Zoo to be extremely helpful in shutting down spammers. To report someone spamming links at their service, go to:

        Select a department - Powered by Kayako Resolve Help Desk Software

        Before you do anything, make certain you haven't actually bought something from the sender, or subscribed to their list. If you haven't done either of those, say so in your report, and then paste in the email.

        If you know how, include the full headers. Note: If you don't see at least one Received: line in what you're pasting in, they're not full headers.

        In Gmail, go to the down arrow icon to the right of the sender's name. Click that and you'll see a menu which includes "Show Original." When you select that option, you'll see the full content of the message, including headers.

        In Pegasus Mail, just hit the Backspace key on any open message.

        In Yahoo mail, go to the Actions menu and click "View Full Header." Oddly, that one shows you only the headers, and not the complete content. So, you'd need to copy the two parts separately, which may not pass along the offending URL if the message is in HTML format.

        Typically inept Yahoo mail handling...

        Anyone want to chime in with instructions for other mail clients?


        Paul

        Added: I can attest to the truth of what Bryan just said. He has always been very helpful (and often surprisingly fast) about nuking spammers promoting offers with JVZoo links.
        Signature
        .
        Stop by Paul's Pub - my little hangout on Facebook.

        {{ DiscussionBoard.errors[8282503].message }}
        • Profile picture of the author Brian Tayler
          Originally Posted by Paul Myers View Post

          ...Anyone want to chime in with instructions for other mail clients?


          Paul

          Added: I can attest to the truth of what Bryan just said. He has always been very helpful (and often surprisingly fast) about nuking spammers promoting offers with JVZoo links.
          In Outlook (Desktop Version) right click on a message in the "Reading Pane" and select "Options". Select all of the text in the "Internet headers" box and copy. Forward the original message ALONG with the text from the "Internet headers" box to JVZoo.
          {{ DiscussionBoard.errors[8282786].message }}
  • Profile picture of the author Mary Stevens
    Guess I'm not in the cool crowd. I have not gotten that one yet. Either that or the spam filter caught it.
    Signature
    {{ DiscussionBoard.errors[8280468].message }}
  • Profile picture of the author kindsvater
    A common thread here is a few marketers around long enough to wisely use unique email addresses when signing up for anything.

    I don't think I have ever bought anything via JVZoo. But I have sold products using a seller's account, and the spam I received was to the seller's account email address.

    .
    {{ DiscussionBoard.errors[8282165].message }}
  • Profile picture of the author Brian Tayler
    WarriorDeal.com is unresolvable... but by looking at their DNS servers ns1.hostable.com and ns2.hostable.com these domains are also hosted with the same site on the same DNS (possibly same IP but need it to be resolvable to confirm).

    Long shot but by this list you may be able to find the domain owner:
    Code:
    12u.org, 1savenow.com, 3d-wallpapers.info, 593123.com, 5lijun.com, 99route.com, alexgiangtran.me, androidpdfreader.com, anti112.com, anzhiwang.org, apparel-mart.com, aquery.me, aspul.com, bedintrudersong.com, bestformusic.net, bestrunningjackets.com, bioquellpharma.com, black-wallpaper.org, blogperest.com, bpchipmikarawang.org, bricolageevents.com, buburbalitasehat.com, burlingtoncoatfactorycouponshq.com, burningcrusadeblog.com, carsnewsinfo.com, cbcwayne.com, cheapcheaps.com, cheapgamecameras.org, cheapmorethan.com, cheaptopsale.com, cheapwirelessrouter.us, chicanoproposal.com, cn114.info, coldrockpattaya.com, cyrus-rajpal.com, dailyresidualincome4u.com, datingpromo.org, deftext.com, devrista.com, dobeln.com, dontbeatarget.com, doxyluv.com, dwarforhumanwarrior.com, electronicssymbol.com, elnidodelhalcon.com, enetfun.com, eshoppers-stop.com, esicolombia.com, etizz.com, facebuy.org, fashion-designs.net, fikedrain.com, forumlkskarawang.org, freegadgets.us, future4cp.com, ganyuxian.com, generalmalls.com, geocodedatabase.com, geocodedatabases.com, getmegasale.com, geverivagan.com, giasugiare.com, godaddycouponhq.com, greenfieldlifestyle.com, gxlearning.org, ha8ha.com, hamptonbayhq.com, herankoana.com, hoatuoitphcm.com, hollywoodchristmasparade2011.com, homepartywahm.com, horoscope2556.info, hostviet.biz, htconephonecases.com, i2go.info, ihemorrhoidmiracle.info, imfit4life.com, imposibility.com, indian-qualitytranslation.com, insite.me, intandstring.com, interactionideas.com, intunepc.com, isavemode.com, itmjtreatmentoptions.info, jeffreypalmerphoto.com, jmcrecruitmentsolutions.com, jonming.com, juliashen.com, kangsky.org, kaskusjualbeli.net, kepiaowang.com, kiki-tv.com, kitchenhotel.com, knitting4u.com, kudusblogger.com, lichkingvideos.com, liquen.org, lispsoul.info, lookfordiscount.com, lordofsave.com, lovelazy.com, lshapedcomputerdeskwithhutch.com, magicstitch.net, magnetmotor.com, markimi.com, mccoke.com, mebancondo.com, memoryvideos.info, menbobao.com, messagedynamic.com, minixspeaker.com, mocnhienspa.com, modsnclockers.com, mu9.org, multilinkchecker.com, mysea.net, nethong.com, networkwarriors.com, new-dvdreleases.us, newsoftwaredaily.com, nexus-gaming.org, nexus-media.org, nightelfcampaign.com, nikenzshoxshoes.com, notscript.com, notscripts.com, orcshamans.com, parsdaily.com, pattaya-condo.net, pcintune.com, petsofworldofwarcraft.com, photoprintersblog.com, picfloyd.com, playfine.com, poobiz.com, preburningcrusade.net, prodigystars.com, prusignal.com, psdstreet.org, pupunk.com, qiuapple.info, qiuzhijiang.com, quangthang.net, qxhid.com, rayadairy.com, reallyamazingguides.com, relief2u.com, rustyreids.com, sarasbyte.com, schoolforxraytechnician.com, shencanggongyuming.com, shizirui.com, shufean.com, sincerelybill.com, sitedataforsale.com, slicknickonthetrack.com, sothebysfl.com, southgacommercialmowers.com, sporix.net, spottingscopesforsale.net, springbraindesign.com, sunwenshu.com, supersafetyproject.com, teaminmetsu.com, techexplored.com, thaimotorreview.com, thaitreking.com, thanhlongoto.com, thecyberwiz.com, theticketstopper.com, tinnitusmiraclesystem.info, tongginghill.com, transferpaper.org, travelersrestnongkhai.com, tzswly.com, ucuruqyah.com, undeadwarlockguide.com, venchia.com, voxethanhlong.com, wangzhansheji.asia, wedogsinc.com, weightedvest.us, wendellbarrus.com, whoisstuff.org, wocehua.info, worldjewelrymall.com, worldofwarcheats.com, worldofwarcraftscheats.com, worldofwarcrafttrailers.com, worldofworldcraftfreetrial.com, wowcataclysmblog.com, wpcure.com, wpsukses.com, wrathofalichking.com, wrathofthelich.com, writersreel.com, xleg.info, xn--12casb8d1ah1etas8a5g2a7p5d.net, xn--42cfb4gzab8byaf1a3f7e9dj.com, xp-unlimited.com, xxkp.net, yijiabao.org, yomajans.com, zhangyizi.com, ziyouku.com, zlee.info, zyxjlt.com
    {{ DiscussionBoard.errors[8282202].message }}
    • Profile picture of the author Paul Myers
      warriordeal.com isn't quite as big a source of spam for me as wsoleads.com, which is run by one Danut Burlan. (or Danut Burlan-Ion, depending on which place you see his name.)

      Burlan spams from a few domains, and breaks almost every rule in the book.

      Still, whoever owns warriordeal.com needs run off the net.
      I don't think I have ever bought anything via JVZoo. But I have sold products using a seller's account, and the spam I received was to the seller's account email address.
      That is the first thing in the thread that really makes me wonder if the breakdown is inside JV Zoo. If so, my guess would be they got hacked.


      Paul
      Signature
      .
      Stop by Paul's Pub - my little hangout on Facebook.

      {{ DiscussionBoard.errors[8282417].message }}
  • Profile picture of the author briankoz
    They didn't get access to them from JVZoo it's self. If they did, you know as well as I do, that would be all over the black hat sites so fast on how to do it that everyone would start getting random emails from all over the place. There's multiple ways someone could have got your email address. People selling lists, autoresponders getting hacked, their Zoo account login and password hacked, them being a JV partner on it and getting the emails and a number of other ways.
    Just to chime in for a minute or two here...

    I believe you're wrong and that there's a very good chance that JV Zoo was indeed hacked / compromised (or the alternative is that someone inside there is giving out the lists, which I'd say is probably less likely unless you'd have reason to think otherwise).

    If people, including myself, have multiple "unique" e-mails and only the ones that bought JV Zoo products are getting compromised, that pretty much rules out 3rd party autoresponders and the like.

    And being someone who has dealt with hackers before, obtaining a list is much easier than you might think. Most membership scripts are very easy to hack, as are most forum scripts. And once a hacker is in, it can be very hard to fix the issue if they're a smart hacker.

    But I would work with the assumption that if multiple people are telling you that only their unique JV Zoo e-mails are getting spammed, it's unlikely that multiple 3rd parties were hacked, multiple vendors were all hacked at once, every vendor is selling their list, etc. and that there's a good chance it's in JV Zoo itself being compromised.

    The good news is that this can be addressed and fixed. Feel free to hit me up if you want some suggestions as I've dealt with this before (and it's a pain...).

    - Brian
    Signature
    WebFire.com -- Over 25 Tools to Get Free Traffic, Rankings, Leads, and Exposure!
    MobileAutoresponder.com -- Build a Mobile List and Send Unlimited Text Messages!
    {{ DiscussionBoard.errors[8283338].message }}
  • Profile picture of the author Victor Edson
    No one with gmail is having this problem
    {{ DiscussionBoard.errors[8283727].message }}
    • Profile picture of the author Paul Myers
      Shaun,
      Would multiple vendors who use JVZoo to sell their products all get compromised independently by the same spammer at the same time?
      Multiple 3rd parties compromised all at once? Probably not.

      Sell their lists? Maybe. That's apparently not as unlikely as I would have thought. I'm not surprised that it happens, but I'm beginning to be surprised at how much it happens.

      Victor,
      No one with gmail is having this problem
      Even assuming that's true (and it probably is) Gmail users may end up having related problems because of it.

      Spam pointing to pages at the forum could easily result in legitimate mail from the forum (or W+, JVzoo, DigiResults, etc) being blocked or spam-foldered at Gmail. That could mean missing notifications of PMs and responses to threads, registration confirmation requests, receipts for products, support responses, and more.

      There's a reason we step hard on spammers using these services. They are considered an active threat to our members.


      Paul
      Signature
      .
      Stop by Paul's Pub - my little hangout on Facebook.

      {{ DiscussionBoard.errors[8285033].message }}
    • Profile picture of the author CyberAlien
      Originally Posted by Victor Edson View Post

      No one with gmail is having this problem
      I would love to know how you reached that conclusion lol - do you have access to everyone's Gmail accounts to know that none of them got these emails lol
      {{ DiscussionBoard.errors[8287989].message }}
      • Profile picture of the author Eternal
        Originally Posted by Chase Watts View Post

        I would love to know how you reached that conclusion lol - do you have access to everyone's Gmail accounts to know that none of them got these emails lol
        I have a gmail account and I am getting them. This is false.
        {{ DiscussionBoard.errors[8291632].message }}
  • Profile picture of the author onegoodman
    I did receive couple of emails from them last few days, I was wondering where they getting my email from since I didn't opt in
    {{ DiscussionBoard.errors[8285056].message }}
  • Profile picture of the author hron
    I received spam today too, to my private domain email

    from sendingwizard.com
    promoting warriordeal.com

    these domains are whoisguard.com protected.
    I filed a spam complaint for both domains.

    Just go to whoisguard.com there is a form to report spam.

    ------------

    PS. I bought Auto Pinterest Marketer from jvzoo in feb. 2013 with this email.
    I guess jvzoo has been hacked


    {{ DiscussionBoard.errors[8285070].message }}
  • Profile picture of the author ForumGuru
    Banned
    I've been getting spammed from these morons since 6-17-2013 and it's an email address that I do not use for optins --> it's a payment address so that means it had to come from only a few places. I have been spamcopping them and complaining to wiredtree etc. on each and every one. This email address is not published anywhere public on the web so ultimately it had to come from someplace like jvzoo. The last email I received from them was on 7-14 and if I get any more I will send all of them to Bryan.

    According to my records I filed 11 complaints on them and I have a copy of all of the emails. At least the domain is not resolving now...that's a good sign.
    {{ DiscussionBoard.errors[8287114].message }}
  • Profile picture of the author Eternal
    I have gotten them as well, very annoying. Should probably block them.
    {{ DiscussionBoard.errors[8287962].message }}
  • Profile picture of the author TTGSteve
    Checked my spam folder. Found an email in there from warrior deals.
    {{ DiscussionBoard.errors[8287973].message }}
  • Profile picture of the author Kingfish85
    Caught in spam filters:

    Subject: Go and get the ultimate business lead machine!
    X-PHP-Script: sendingwizard.com/apps/cli/web_send.php for 91.109.6.84
    Date: Sun, 14 Jul 2013 15:01:55 +0100
    From: Warrior Deal <news@warriordeal.com>
    Reply-to: Warrior Deal <news@warriordeal.com>
    Message-ID: <325c4c8ddc6d2c99b3fd87659d3c7427@sendingwizard.co m>
    X-Priority: 3
    X-Mailer: Email Sending System
    X-Complaints-To: admin@infusionlist.com
    List-Unsubscribe: <http://sendingwizard.com/apps/u.php?p=rx/rs/26qt/rv/ry/rs>
    X-MessageID: rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs
    X-Report-Abuse: <http://sendingwizard.com/apps/report_abuse.php?mid=rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs>
    X-SMTPAPI: {"unique_args":{"abuse-id":"rx-26qt-YmVuQGVuZ2xpc2hwaG90b2dyYXBoZXIuY29t-rv-rt-rs"}, "category":"campaign"}
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable
    Content-Type: text/plain; charset="utf-8"
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host.sendingwizard.com
    X-AntiAbuse: Original Domain - ****************.com
    X-AntiAbuse: Originator/Caller UID/GID - [501 514] / [47 12]
    X-AntiAbuse: Sender Address Domain - sendingwizard.com
    X-Get-Message-Sender-Via: host.sendingwizard.com: authenticated_id: sendingw/sender_address_domain
    Hosting Company: hostable.net - Terms of Service - Web Hosting, Linux Web Hosting, Domain Names, Email Hosting by Hostable.

    Network owner/datacenter: Internap - Internap Acceptable Use Policy

    infusionlist.com - hosted at HostGator but the messages don't seem to originate there.

    MY advice would be to contact the hosting company first. If they do not resolve it, go directly to the network provider, which is Internap. They will most certainly correct the issue as removing netblocks from blacklists can become very costly.

    The message above is a bounceback message - so everything is in reverse. None the less, there's two providers to get in contact with.
    {{ DiscussionBoard.errors[8288047].message }}
  • Profile picture of the author Jesus Perez
    I got spam from WarriorDeals also. Below is the header and details. I've removed my personal information.

    Every domain involved in the email transaction (sendingwizard.com, infusionlist.com and warriordeal.com) is unavailable.

    If this had anything to do with JVZoo, then the email I used only purchased 2 things.

    OTO Secret Weapons
    Purchased: 03/20/2012 12:31 PM
    By: Warrior Secret Weapons

    Life Coach Cash University Report PLR Package
    Purchased: 02/10/2012 2:38 PM
    By: Liz Tomey

    Both of these sellers (Jeff Dedrick and Liz Tomey) do not strike me as the type to engage in this type of practice.

    If it is JVZoo, I recommend they check their analytics and referrer logs. They should be able to cross-reference the above referring domains with a specific affiliate account and find the source of the leak.

    Code:
    Delivered-To: [removed for privacy]
    Received: by 10.76.127.4 with SMTP id nc4csp23273oab;
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    X-Received: by 10.180.107.163 with SMTP id hd3mr6040849wib.13.1373798620313;
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    Return-Path: <bounce-1064-3544544-656-248@sendingwizard.com>
    Received: from host.sendingwizard.com (ds-67775.ds-10.com. [91.109.6.84])
            by mx.google.com with ESMTPS id q16si3365750wie.62.2013.07.14.03.43.39
            for <[removed for privacy]>
            (version=TLSv1 cipher=RC4-SHA bits=128/128);
            Sun, 14 Jul 2013 03:43:40 -0700 (PDT)
    Received-SPF: softfail (google.com: domain of transitioning bounce-1064-3544544-656-248@sendingwizard.com does not designate 91.109.6.84 as permitted sender) client-ip=91.109.6.84;
    Authentication-Results: mx.google.com;
           spf=softfail (google.com: domain of transitioning bounce-1064-3544544-656-248@sendingwizard.com does not designate 91.109.6.84 as permitted sender) smtp.mail=bounce-1064-3544544-656-248@sendingwizard.com;
           dkim=neutral (bad format) header.i=@sendingwizard.com
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sendingwizard.com; s=default;
        h=Content-Type:Content-Transfer-Encoding:MIME-Version:List-Unsubscribe:Message-ID:Reply-to:From:Date:Subject:To; bh=Kb6BnVu6874nVF+Ai0PcQWbtHZAMTAvBJKfNVVIhCsc=;
        b=KpfO1XExh3zU7LkgeLMg/Qvuo2UuB0k2tY0mrREDv4DJe/Y8fJb4dxeE4f3eTL/hlqsaL/LSnFCZuOrambK/OgTnPKr/xpeGb0QKEwDNxIv58o31qIH5nsyjY/0LEcc54fv/TsvosA/mlXyUpwAv5c70tduSR49JD/hR7QsGJfw=;
    Received: from sendingw by host.sendingwizard.com with local (Exim 4.80.1)
        (envelope-from <bounce-1064-3544544-656-248@sendingwizard.com>)
        id 1UyJmE-0002mW-GL
        for [removed for privacy]; Sun, 14 Jul 2013 11:43:38 +0100
    To: "[removed for privacy]" <[removed for privacy]>
    Subject: Go and get the ultimate business lead machine!
    X-PHP-Script: sendingwizard.com/apps/cli/web_send.php for 91.109.6.84
    Date: Sun, 14 Jul 2013 11:43:38 +0100
    From: Warrior Deal <news@warriordeal.com>
    Reply-to: Warrior Deal <news@warriordeal.com>
    Message-ID: <3e705266055a373433828d1478a628f2@sendingwizard.com>
    X-Priority: 3
    X-Mailer: Email Sending System
    X-Complaints-To: admin@infusionlist.com
    List-Unsubscribe: <http://sendingwizard.com/apps/u.php?p=rx/rs/e6f/rv/ry/rs>
    X-MessageID: rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs
    X-Report-Abuse: <http://sendingwizard.com/apps/report_abuse.php?mid=rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs>
    X-SMTPAPI: {"unique_args":{"abuse-id":"rx-e6f-amVzdXNAYmx1ZXNxdWFyZXMudXM%3D-rv-rt-rs"}, "category":"campaign"}
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable
    Content-Type: text/plain; charset="utf-8"
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - host.sendingwizard.com
    X-AntiAbuse: Original Domain - [removed for privacy]
    X-AntiAbuse: Originator/Caller UID/GID - [501 514] / [47 12]
    X-AntiAbuse: Sender Address Domain - sendingwizard.com
    X-Get-Message-Sender-Via: host.sendingwizard.com: authenticated_id: sendingw/sender_address_domain
    
    I want to make this message very short=0Aso..=0A =0AThis is the perfect too=
    l to create a new=0Aopportunity for your business and=0Agenerate email lead=
    s online through=0Ayour wordpress site!=0A =0A>>> http://www.warriordeal.co=
    m/wsodeal/sk8esg=0A =0AThe perfect tool for any small business =0Ato target=
     their local market by building =0Aa web presence using the Local Lead =0AB=
    ooster wordpress theme. Collect leads, =0Acreate credibility and grow our b=
    usiness!=0A =0A>>> http://www.warriordeal.com/wsodeal/sk8esg=0A =0ATo Your =
    Online Success,=0AWarrior Deal Team=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=0A=
    =0A=0A=0A------------------------------------------------------------------=
    ----------------=0A =C2=A9 Copyright 2013. All Rights Reserved.=0A=0AThis m=
    essage is NEVER sent without your request.  We take your privacy=0Aextremel=
    y seriously and will never make your information public.=0A----------------=
    -------------------------------------------------------------------=0A=0A14=
    234 FM 2920 Suite G300, Tomball, TX 77387, United States=0A=0ATo unsubscrib=
    e or change subscriber options visit:=0Ahttp://sendingwizard.com/apps/u.php=
    ?p=3Drx/rs/e6f/rv/ry/rs
    Signature


    {{ DiscussionBoard.errors[8292112].message }}
  • Profile picture of the author Kate Davies
    Started to get lots of spam recently from
    • WSOLeads
    • JVLists
    • Zoolists

    I deleted the first few so I can't really trace it back to when the first one came in and whether of not it was close to any JVZoo purchase. Was wondering if these are all sites run by the same person?

    I'm really hoping I can keep it under control by unsubscribing and blocking senders.
    Signature
    Local internet marketing in the UK
    Only the businesses who can be found online will succeed. Improve online visibility with www.vizzibiliti.co.uk
    {{ DiscussionBoard.errors[8355234].message }}
  • Profile picture of the author david carr
    These domains seem to promote offers on digiresults, you may find if we locate this person that the lads over a jvzoo have already banned them.

    Tried to contact digiresults on their support email to ask them to have a word and it bounced back.

    If everyone finds the affiliate and all reports them to the affiliate networks it may limit their options.

    Dave
    Signature

    {{ DiscussionBoard.errors[8673281].message }}
    • Profile picture of the author kevingiles
      I am a new member of Warrior Forum.....I haven't received any emails from warriordeal.com ....... YET anyway!
      Signature

      EN affiliate links/sites are not allowed.

      {{ DiscussionBoard.errors[8673342].message }}
Avatar of Unregistered

Trending Topics