Greenguy's Board

Greenguy's Board (http://www.greenguysboard.com/board/index.php)
-   General Business Knowledge (http://www.greenguysboard.com/board/forumdisplay.php?f=10)
-   -   Account Deactivated for Sending a Hacker (http://www.greenguysboard.com/board/showthread.php?t=29350)

Halfdeck 2006-02-26 09:49 AM

Account Deactivated for Sending a Hacker
 
GG & Jim, I apologize in advance for ranting about a sponsor; I have talked to the folks at Moonangel privately via email and things are at a standstill. I'm about to drop these guys and move on, and I also realize a sponsor has the right to drop an affiliate for any reason -- call me a noob, but this is a weird situation I've never encountered before.

A few days ago, I opened up Feb. statement from these guys, whom I hardly promote:

Quote:

Promotion Statistics
>>>>Start Date Feb 1, 2006
>>>>End Date Feb 28, 2006
>>>>Clickthroughs 23
>>>>Sales 1
>>>>Sales/Click Ratio 1:23 (4.3%)
>>>>Chargebacks 0
>>>>Chargeback/Sales Ratio 0%
>>>>Returns 1
>>>>Filtered Returns 0

Sales and Return Balance
>>>>Total Resubs 0
>>>>Total Sales 24.95
>>>>Merchant Fees (6%) (1.49)
>>>>Chargeback Amount (0.00)
>>>>Return Amount (24.95)
>>>>Sales Subtotal -1.49
>>>>Paid to Moon Angel (50%) (-0.74)
>>>>Chargeback Fees ($12.50 per cb) (0)
>>>>International Processing Fees (0.00)
>>>>Total Payout USD $-0.74
So I think, WTF -0.74 for a sale?? I shoot them an email. Ryan promptly responds:

Quote:

The original purchase of $24.95 went through, which incurred merchant charges. The merchant charges are split between the partner and our site at 50/50. In this case since its your only order that was returned, the balance is in the negative (50% of the 6% merchant charges) Don't worry about this negative balance as it will not carry over to next month (we will asorb the cost).
Fair enough. But what the hell is a "return"? So I ask them. A few hours later, they email me back this message:

Quote:

A return is made normally when either:

1) A transaction is deemed fraudulent.

2) A user is attempting to hack our system.

3) A customer has requested for a return under unusual circumstances.

In your case, a user named "stevee" was signed in through your site, who
in turn tried to hack our members system for scripting holes from an
Austrian IP. This is also why we have deactivated your partnership
altogether as introducing a hacker of this magnitude is definite
grounds for such a deactivation.


Sincerely,
Moon Angel
I went through my server stats and fished out 3 australian IPs. One is 211.26.186.17 -- he came to my site from http://search.yahoo.com/search?fr=FP...rnsite reviews at 2006-02-11 083227 and landed on http://www.paysitestripsearch.com/

Another Australian IP 202.67.83.62 also came in from Yahoo with a similar keyword around Jan 20. Last IP 203.88.225.47 that hit my site mid February had no referrer info so I'm guessing he bookmarked a ref url previously and revisted the paysite with a different IP.

Anyway, I told these guys I'll keep my links up even if I get no credit for any sales, and won't beg them to reactivate my account. Still, I can't make heads or tails out of their decision to deactivate my account. I mean...I'm sending them decent SE traffic. I'm sorry the sob tried to hack their paysite, but how the hell am I supposed to screen Yahoo traffic for hackers? |huh

Tommy 2006-02-26 10:38 AM

Halfdeck

dont waste your time and energy
just replace your links and move on

do the smart thing

to many good sponsors to waste your time and traffic on one that doesnt want you

SirMoby 2006-02-26 10:44 AM

You made a post about 1 sale/refund? Tommy is right. Move on. You've already wasted more time then they're worth.

Toby 2006-02-26 10:51 AM

Sponsors do seem to be making some odd decisions.

I signed up for a CCBill program back in December, single girl site, and due to a number of reasons hadn't gotten around to promoting it yet. I get an email from her via the CCBill admin yesterday, cancelling my account due to "click inactivity".

Why cancel inactive accounts? It costs nothing to leave them alone, and the next affiliate "newsletter" may jog me and many others into getting around to promoting the program.

Halfdeck 2006-02-26 11:06 AM

Quote:

Originally Posted by SirMoby
You made a post about 1 sale/refund? Tommy is right. Move on. You've already wasted more time then they're worth.

tommy's advice is spot on. Sir Moby, this isn't about one sale/refund. It's about a sponsor deactivating an account for a reason that makes no sense to me. If they happened to owe me a few K, I woudn't be posting about it here. Besides, I thought I already said this :D

Quote:

I'm about to drop these guys and move on
I'm working with over 370 sponsors so losing one sponsor that I don't even actively promote isn't a big deal. The thing that nagged me was their reasoning for account deactivation. I had nothing to do with their paysite getting hacked, except for the fact that the hacker came from my site through yahoo with a clean keyword "paysite reviews." If the keyword was "free asian passwords" or something like that, I'd feel responsible.

I'm done with my rant.

Greenguy 2006-02-26 11:20 AM

I agree with Tommy as well, but I would have psoted this info if it happened to me - that's fucked up & I really like how they only told you that your account was deactivated after 2 emails from you asking about the negative balance.

I've never heard of this program & I'm glad I now know about them.

MrYum 2006-02-26 11:39 AM

Wow...that is some seriously fucked up stuff!

Agree with the others Halfdeck...dump their asses and move on. And thanks very much for the heads up...that's definitely a sponsor I'll be sure to never sign up with...they're obviously incredibly stupid...crazy...or BOTH |crazy|

digifan 2006-02-26 12:02 PM

Oh and read again.. it says Austrian and not Australian, big difference :D

plateman 2006-02-26 01:14 PM

yup move on and pull links, I have a well know rev-share sponsor that I had a 100.00 sale on(he must have clicked the wrong monthly option and later found out and charged back, so then a few weeks later I check my stats and see a return and minus 50.00 the 50% cut and they charged me 15.00 half of the charge back fee... some rev-share sponsors make you pay half the costs on charge backs.... But did they close my account - NO... And that was my only charge back in 3 years with them.....

Mr. Blue 2006-02-26 03:56 PM

Yep move on, but it was good that you posted...the sponsor is definitely one to avoid.

natalie 2006-02-26 04:08 PM

Quote:

Originally Posted by Halfdeck
In your case, a user named "stevee" was signed in through your site, who
in turn tried to hack our members system for scripting holes from an
Austrian IP. This is also why we have deactivated your partnership
altogether as introducing a hacker of this magnitude is definite
grounds for such a deactivation.

Oi!! Don't blame shit that a European did on an Aussie!!! Like Digifan said theres a big difference between Austrian and Australian man. |banghead|

ronnie 2006-02-26 05:11 PM

Another one to put on the "Dont promote" List.

ronnie

Halfdeck 2006-02-26 07:49 PM

Quote:

Originally Posted by natalie
Oi!! Don't blame shit that a European did on an Aussie!!! Like Digifan said theres a big difference between Austrian and Australian man. |banghead|

No offense to Aussies, I love 'em. Still, as far as I know, the guy meant Australia. Not one hit came into my domain or clicked out from Austria. It's not hard to do DNS lookups for 23 clickthrus :D

EDIT: Hits came from:

Singapore
Saudi Arabia
Malasia
Atlanta, Georgia
China
Australia, sydney
Thailand, Bangkok
Mountain View, California
Reston, Virginia
Indonesia
Vancouver, Canada
West Bloomfield, Michigan
Seol, Korea
Calgary, Canada

Anyway, time to move on :)

moonangel 2006-02-26 10:45 PM

Moon Angel
 
This is Moon Angel. After reading all the "carnage" that occurred on this message board I decided to jump in and defend myself and explain exactly why I decided to deactivate Half Deck's affiliate account with us.

First of all, I told Half Deck it was an Austrian IP that hacked my site, using an account purchased via an Australian IP. I made a slight mistake, it wasn't an Austrian IP, it was actually a Czech IP. The user in question, "stevee" first logged on in 2-11-2006:

February 11th 2006 05:32:02 AM|211.26.186.17|stevee|Login Successful Session=3XRryFgd9RwwlPzjMNSyygxGaVZWYl
PK||

211.26.186.17 is indeed an australian IP. However, a few days after his "purchase", this user decided to make hack attempts against my site as follows:

February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|
moonauth.02-14-06:February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|
moonauth.02-14-06:February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|

I'm not sure about any of you guys, but I take it as a severe insult when someone is attempting to break into my site.

Anyhow, I commonly group the Austrians and Czechs together in one subnet verification pool since they're so close in geographic proximity, my bad.

I have been running Moon Angel for over 10 years now (go ahead and do a whois on moonangel.com for the Record creation date ) and my affiliate site for nearly a year now, and rarely in the history of my site have I seen a hack attempt of this magnitude against my members gallery scripting. Since it was the first order that came through with half deck, and very little traffic was exchanged, I decided it would be in our best interest to deactivate his affiliate account to avoid the introduction of any future "hacked" accounts.

Anyhow, I think my last message to Half Deck pretty much sums it all up:

We reserve the right to terminate partnership at anytime as our policy states. You have not made any money for us nor have we made any money for you, so I think its fair that you just move on to another affiliate. This was a worst-case scenario of an extremely malicious (and rare) hacker, and if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.

Sincerely,
Moon Angel

Toby 2006-02-26 11:27 PM

Quote:

Originally Posted by moonangel
...if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.

I can see why Halfdeck is pissed. The implication of the above statement is not only unwarranted based of the available facts, but it's also borderline slanderous. Implying that he is in the slightest way responsible for a hacker finding your site is way out of line.

ronnie 2006-02-27 12:15 AM

Guess we are all responsible for hackers now also? Thats BS.

Not only do we need to try and keep out minors, but screen for hackers. geezz...

ronnie

MrYum 2006-02-27 12:30 AM

Yea...the simplest solution is still to walk away...shaking your head and thinking "What the Fuck?"...but walk away nonetheless.

HOWEVER, this is way up there on the STUPID scale for a sponsor to term an affiliate on these grounds. There's no mention of having SEEN anything on his site(s) that would have 'attracted' the cockroach. Just that the roach came from there...some twisted fuckin logic there from someone who 'should' know something about the net' |loony|

Said it before...will say it again...thanks for the heads up Halfdeck! That's a sponsor I wouldn't touch with the proverbial 10 foot pole...they're a bit tetched in the head |crazy|

SirMoby 2006-02-27 12:34 AM

Quote:

Originally Posted by moonangel
I'm not sure about any of you guys, but I take it as a severe insult when someone is attempting to break into my site.

Get used to it. If your site becomes popular people will try to hack it.

Mr. Blue 2006-02-27 06:10 AM

Quote:

Originally Posted by MrYum
Said it before...will say it again...thanks for the heads up Halfdeck! That's a sponsor I wouldn't touch with the proverbial 10 foot pole...they're a bit tetched in the head |crazy|

Yep. I'm glad halfdeck posted this because this is borderline insane. I could see if halfdeck was running a warez site or something like that, but he was just promoting through standard means.

So, way off base cancelling his account and I don't know anyone in their right mind would touch the Moon Angel program after reading this thread. |crazy|

Papa 2006-02-27 06:15 AM

Sad but true. I hate when this happens. Luckly, it happened to me only twice in a decade. Yeah worth posting and also, don't waist time on this. Change your links

cosmiccat 2006-02-27 06:29 AM

Really gotta agree with everyone on this one. Total bullshit. Scrape 'em off and move on, Halfdeck!

johnnybg 2006-02-27 07:21 AM

moonangel, I will never register with your affiliate program.

I understand that you were pissed with that cracker attack, I would be also.

On the other hand, after only one case you terminated Halfdeck account, becouse cracker came through his site.

Don't you think it would be rather stupid of Halfdeck to use HIS affiliate code to signup and crack your site?! Thats like he robbed a bank and left his ID card to police... Come on.

BTW, person that tried to crack your site is "cracker" not "hacker". "Hackers" are generally known as creative people while "crackers" are destructive.

Simon 2006-02-27 07:27 AM

I see this thread grew a little...

Quote:

Originally Posted by moonangel
...if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.

That's just fucked up thinking. |noclue|
If you want to use an "IF" logic in your equation, then you should consider an "ELSE" along with your "THEN" decision. Too late for you now, I'm sure Halfdeck would be pissed at being spit at like this, but you sure lost yourself a good affiliate. A little checking around would have been a good idea. Personally I'd take all the traffic he could send me. You really stepped on your foreskin with this one.

(we need a smiley for that one)

Quote:

Originally Posted by SirMoby
Get used to it. If your site becomes popular people will try to hack it.

Sometimes even if it's just been around a long time. We have some older domains that get hacked at all the time. Not popular, just old. But yeah, it's a sign you're getting more popular as the number of hack attempts increase.

Quote:

Originally Posted by natalie
Oi!! Don't blame shit that a European did on an Aussie!!!
Like Digifan said theres a big difference between Austrian and Australian man.

Aw fuck, ya mean Arnold Swarzenegger isn't an Aussie???? :D


Simon

Toolz 2006-02-27 09:42 AM

Moonangel,

First off, of course you've been in this biz 10 years everyone has now funny but 9 years ago at some of the first trade shows there were less than 300 people, this biz is like Woodstock 250k went and 25 million say they did.

Secondly,
It's not your affiliate's fault a user tried to hack your system why even try and pass the buck to them?

Useless 2006-02-27 09:57 AM

Quote:

Originally Posted by moonangel
This was a worst-case scenario of an extremely malicious (and rare) hacker, and if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.[/i]

Sincerely,
Moon Angel

How does your last meal look? I'm guessing you can see it directly in front of you with your head that far up your ass.

How can you blame an affiliate for a hacking attempt? If the sale came directly from Google, would you deny Google's traffic? I sense a grand future in republican politics for you, moonbeam.

Surfn 2006-02-27 10:13 AM

Quote:

Originally Posted by moonangel
We reserve the right to terminate partnership at anytime as our policy states. You have not made any money for us nor have we made any money for you, so I think its fair that you just move on to another affiliate. This was a worst-case scenario of an extremely malicious (and rare) hacker, and if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.

Sincerely,
Moon Angel

You have certainly chosen the right nick. Good luck getting any good affiliates from this board.

Gnus 2006-02-27 10:54 AM

When I read moonangel's post I had to laugh. Nothing like killing off your affiliate program. Nobody in their right mind will promote you program now. Good luck with it, you will definitely need it.

Gary

Jim 2006-02-27 10:59 AM

Quote:

Originally Posted by Toolz
Moonangel,

First off, of course you've been in this biz 10 years everyone has now funny but 9 years ago at some of the first trade shows there were less than 300 people, this biz is like Woodstock 250k went and 25 million say they did.

Secondly,
It's not your affiliate's fault a user tried to hack your system why even try and pass the buck to them?

The first Trade show I went to was at Danny and Carol Cox's house. :) There were about 15 of us. I like to look at the person't first domain and if it was a long time ago, add a few months for the site starting on that person's isp account to find out when they started. My first site was jamesandvictoria.com but it was on my isp's server about 6 months before I got a domain. (Record created on 07-11-1996)

But, I agree...how can you possibly blame someone sending traffic for what the person sent does.

Halfdeck, too bad you couldn't find out where that person came from so they could make sure that person never got an account with them, and then the person that sent you traffic could look and see where the person came from and they could be blocked too. Until finally it might be a search engine or even AOL. Damn, they should most likely block all people that come from search engines or AOL.

Just move on...you really can't argue with the ignorant.

mist 2006-02-27 01:48 PM

Quote:

Originally Posted by moonangel
This was a worst-case scenario of an extremely malicious (and rare) hacker, and if your site is somehow attracting these types of individuals, i'd rather not be linked nor partner with your site.

This is just so darn ridiculous that I have big problems believing it’s true at all…
|banghead|

moonangel 2006-02-27 06:32 PM

Theres alot of wasted hot air in here...
 
You guys need to chill the |shocking| out!

Surfn 2006-02-27 06:46 PM

BAN the lamer moonangel GG :D

Toby 2006-02-27 06:54 PM

Quote:

Originally Posted by Surfn
BAN the lamer moonangel GG :D

I'll second that motion. Placing a 810x1280 image in his sig, lamer is right. Uh, make that a disrepectful lamer.

swedguy 2006-02-27 07:11 PM

Quote:

Originally Posted by moonangel
February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|
moonauth.02-14-06:February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|
moonauth.02-14-06:February 13th 2006 03:46:08 AM|195.47.32.27|stevee|Illegal Characters in Request (/fruity/new3/ma/anya/../.
./../../../.htaccess)|

Quote:

Originally Posted by moonangel
and rarely in the history of my site have I seen a hack attempt of this magnitude against my members gallery scripting.

Quote:

Originally Posted by moonangel
This was a worst-case scenario of an extremely malicious (and rare) hacker

I don't know what to say but.... |haha |haha

Malicious and rare? |haha

fetish1 2006-02-27 07:32 PM

Quote:

Originally Posted by moonangel
You guys need to chill the |shocking| out!

You shot yourself in the foot by being an ass...so you come back and pull your pants down to show your ass??? Smooth move!

MrYum 2006-02-27 09:37 PM

Quote:

Originally Posted by moonangel
You guys need to chill the |shocking| out!

Hey...you brought it on yourself by being a complete dumbass Mr |shocking|

Don't be surprised when helpful folks of these forums take their valuable time and effort to point out your dumbassedness :D

Halfdeck 2006-02-27 11:29 PM

Quote:

Originally Posted by Jim
Halfdeck, too bad you couldn't find out where that person came from

Quote:

February 11th 2006 05:32:02 AM|211.26.186.17|stevee|Login Successful Session=3XRryFgd9RwwlPzjMNSyygxGaVZWYl
PK||
Quote:

I went through my server stats and fished out 3 australian IPs. One is 211.26.186.17 -- he came to my site from http://search.yahoo.com/search?fr=FP...rnsite%20reviews at 2006-02-11 08:32:27
Jim, the hacker came into my site directly from Yahoo (times like this I'm glad I wrote a script that tracks everything :)). The backward timestamps are probably due to our servers being in different time zones.


Last night, Ryan wrote me an email saying that he dropped me solely for security reasons -- and that he is willing to reactivate my account. I chose to think it over. This afternoon, he called me up on the phone.

He explained his site has a bad history with traffic coming from an affiliate that promoted him using a fake TGP. He also said he regularly flies over to Asia to shoot his models, so he feels a bit protective about his content. He added that his affiliate program has only been up for about a year.

Apprently, he freaked out when he received a hack attempt alert and deactivated my account on impulse. He told me that in hindsight, he realizes he made a mistake.

He also said he was about to apologize to me before I posted this thread. I did warn him several hours before actually posting, and I emailed him the link after I posted so he has a chance to make his case. His previous emails lead me to think he already made up his mind, and his first post in this thread didn't at all sound apologetic, though at that point I figure he was too annoyed at reading what was being posted to do much else but defend himself.

In the end, everyone fucks up. What matters to me is when you fuck up, you admit you fucked up, make amends, and try not to make the same mistake twice. That's how I like to operate. Though it took alot of doing, Ryan has apologized to me and offered to reactivate my account. After thinking it over, I've decided to accept.

For the guys who came to my defense in this thread and pumped up the heat in the oven, all I can say is thanks.

fetish1 2006-02-27 11:33 PM

It's nice hearing that you two made up and you wish to continue doing biz with him, but I strongly believe that his comments and crap attitude here towards people who showed concern over a stupid situation cost him in the long run.

MrYum 2006-02-28 12:29 AM

Quote:

Originally Posted by fetish1
It's nice hearing that you two made up and you wish to continue doing biz with him, but I strongly believe that his comments and crap attitude here towards people who showed concern over a stupid situation cost him in the long run.

I agree completely...glad he smoothed things over with you Halfdeck |thumb

But, he really did bite himself in the ass in this thread. He'd probably be doing himself a favor by posting again in this thread admitting the impulsive error. Had he never shown up and posted here, the act of apologizing to you...the injured party so to speak...would most likely have saved him some affiliates. As it stands, he'd be wise to go into damage control mode.

Greenguy 2006-02-28 06:05 AM

So the moral of the story is that traffic from Yahoo is bad? |couch|

johnnybg 2006-02-28 06:10 AM

Quote:

Originally Posted by Greenguy
So the moral of the story is that traffic from Yahoo is bad? |couch|

Yes, lowest conversion ratios then ever before! :D

Not to mention those returns...


All times are GMT -4. The time now is 11:43 PM.

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc