There’s a scammer out there who wants my PayPal login information! The only link in this email is a supposed “cancel this transaction link” and, strangely enough, it currently doesn’t point to a PayPal wannabe site as is typical of these emails. The link points to resultagreeent.tk, but visiting that site gives me a, “yes, this domain has already been registered,” notice and that’s about it. The thing about this guy is not just that he’s a spammer but apparently a stupid one. How can he possibly benefit from sending out these emails?

Typically these emails contain links to PayPal look-alike sites that are only set-up to steal your login information and from there your balance, credit card info, etc. So don’t click those links! They may be disguised inside of domain names, stupid things like, my–paypal–com.info or something, or they may be IP addresses and just look like random numbers, or they could be anything. I’ve heard tale of a certain get-a-phone-call-from-Santa website out there hosting PayPal scams, actually… If you are ever unsure about the veracity of a PayPal email, go to your PayPal account by typing in the address in your browser, not clicking email links!

But take a look at the email, if you’ve gotten one. Whenever you get an email that claims to be from PayPal, always look first at who is addressed. If it says, “dear Member,” like this one does, then delete it – it’s completely fake and you have nothing to worry about. A valid PayPal email will always, always, always greet you by your first and last names!

Now, that right there is enough evidence, but there is one other thing I notice about this email. In fact, I notice it before seeing the whole “dear member” thing. They hid the “to” field. My address and name are not listed as being who the email is to.

There are many more, what do YOU see? :)

This morning, the first thing I saw in my email box was a trackback to my most recent entry (which, btw, I was on the way to make private). Visiting this site, I was presented with my whole entry, complete with every little word I wrote, every page I linked to. Looking at the bottom of the page for a comment form or contact information, I found one, but also found links to other entries of mine. It lists 440 total. They ripped off my whole site!

And not only this, but they plaster the website with Google ads. (Oh, trust me, as soon as I finish this post, I’m contacting Google. They also have a Gmail login box from their main page.)

Yes, they do link back to my site with the titles, but only because they stole my complete HTML and that’s what my site does: links to itself. And since they ripped off my complete HTML, they also have my Flickr photos on there. That, also, really ticks me off. Those photos are not to be used by anyone who’s not friend/family, and here they have not only stolen photos of my kid, but hotlinked them as well. Therefore, if I hadn’t been using Flickr for all my photos (or nearly all), they would be stealing my bandwidth as well. Along these lines, as well, they are violating Flickr’s terms by using these photos and not linking back to the photo’s page on Flickr as is required by the tos. They are also doing with Flickr photos from everyone what they are doing with blog content. They have a search where you end up searching Flickr photos and then each one has its own page at bitacle.org before you can get to the actual Flickr page. Furthermore, they want you to Digg the articles on bitacle.org rather than the real, true website. How sneaky/suspicious is that!?

Their “sitemap” is a list of sites they have ripped off with links to those posts within bitacle.org, not the true blog.

To top it all off? At the bottom of each page is a Creative Commons license! My blog is not Creative Commons, I have never said it was, I honestly never will. It’s my personal blog site, it is licensed All Rights Reserved and NO ONE has permission to reprint it, especially without asking, and especially in whole part like this!

There’s a “help” link at the bottom, that gives no help at all. Here’s what some of their questions, answers are (since they ripped off my content, I can rip off theirs):

#1 – What is ‘Bitacle Search Cache’?

‘Bitacle Search Cache’ it’s the specific technology for blogs developed by Bitacle.

Bitacle has faith in the autoedition publishing phenomenon that supposes the use of blogs. We hoped that ‘Bitacle Search Cache’ help our users to explore the universe of blogs of more effective way, and perhaps obtains that many users follow this revolution. As much if it’s looking for books, political commentaries, travels or any other thing. ‘Bitacle Search Cache’ allows you to find what the others think about any subject that you wish to inquire.

Our index of blogs is updated constantly to always obtain the most precise and updated results. In addition we look for blogs written in French, Italian, German, Spanish, Chinese, Korean, Portuguese, Japanese and other languages.

#3 – What type of blogs are inlcuded in the search?

All blogs that has a feed. This it can be RSS or Atom.

#7 – What happens if I don’t wish to appear in the list?

If you doesn’t publish feed, it won’t be included in the blog’s search. Nevertheless, if you previously has published feed of the site that was indexed, the old entrances will remain in the index, although the new ones aren’t added.

The blog search don’t follow the archives ‘robots.txt’ or META labels like NOINDEX, NOFOLLOW.

Reminiscent of Stalker Girl, these guys actually want me to block all search engines via Meta tags to keep out their sticky fingers? Ha, little do they know.

Solution?

Step #1, I emailed them (not from my “real” address):

It has come to the attention that you have ripped off content from my ENTIRE website, spoken-for.org. Some examples:

http://en.bitacle.org/blogs/viewblog/-txl7did0/440

http://en.bitacle.org/blogs/viewblog/-txl7did0/439

http://en.bitacle.org/blogs/viewblog/-txl7did0/1

The list goes on and on.

My blog is NOT Creative Commons and you did and do NOT have permission to reprint it. There’s a reason those posts can only be found at spoken-for.org – I WANT IT THAT WAY. You have also stolen my photos which are licensed All Rights Reserved and not allowed to be used by ANYONE, especially the likes of you.

This is your official notice to remove any and all of my posts, IMMEDIATELY, or I will be having a chat with your host and then taking legal action.

Thank you,
valerie

I doubt I’ll receive a response, of course.

Secondly, Owen has written me a little script and made some htaccess rewrite rules so that these idiot people should only be able to access a bad feed saying they’ve stolen information, etc. Thanks, Owen. :)

UPDATE: Check out Owen’s post on this, and if you’re a WordPress user, download his new plugin that will do the same thing I mentioned above for you!

For reference to you all out there, this is what was in my access logs:

212.22.59.251 – - [01/Sep/2006:09:17:08 -0400] “GET /feed/ HTTP/1.1″ 200 47584 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [01/Sep/2006:18:16:23 -0400] “GET /feed/ HTTP/1.1″ 200 47591 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [02/Sep/2006:04:19:21 -0400] “GET /feed/ HTTP/1.1″ 200 47961 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [03/Sep/2006:03:43:18 -0400] “GET /feed/ HTTP/1.1″ 200 47570 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [04/Sep/2006:03:42:23 -0400] “GET /feed/ HTTP/1.1″ 200 45858 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [05/Sep/2006:17:14:47 -0400] “GET /feed/ HTTP/1.1″ 200 45098 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [06/Sep/2006:14:18:32 -0400] “GET /feed/ HTTP/1.1″ 200 46540 “http://bitacle.org” “Bitacle bot/1.1″
212.22.59.251 – - [07/Sep/2006:02:48:09 -0400] “GET /feed/ HTTP/1.1″ 200 46568 “http://bitacle.org” “Bitacle bot/1.1″

See a pattern there? It goes on and on.

Has this happened to you? Do you want to keep them from stealing your content?

WordPress user? Install Owen’s AntiLeech plugin to take care of the likes of Bitacle for you!

Not a WordPress user? Try some of these solutions:

1. Block that IP address in your htaccess and redirect the bot to a 403 (Forbidden) page for your feed:

Put this in your htaccess:

RewriteBase /
RewriteCond %{REMOTE_ADDR} ^212\.22\.59\.251$ [OR]
RewriteCond %{HTTP_USER_AGENT} Bitacle
RewriteRule .? – [F]

Thanks, Owen!

2. Block the bot via your robots.txt

I’m not exactly sure what the bot’s name is (I’m not too up on all this), but this should cover your bases:

User-agent: Bitacle bot/1.1
Disallow: /
User-agent: Bitacle bot
Disallow: /
User-agent: Bitacle
Disallow: /

If you’re new to robots.txt files and don’t already have one, just take that text there, put it in a blank txt file and save it to your site so that it is yoursite.com/robots.txt

NOTE: Regarding above, their FAQ #7, there seems to be some confusion on what exactly they mean… in English. At first I read it that they do listen to the robots.txt and such while others have interpreted it to mean the opposite (see comments). I have no idea what they truly mean, but it can’t hurt to try and block them there, can it?

3. Email Google Adsense

Here’s their standards for abuse emails:

1. Draft a new email. If possible, please use the email address currently associated with your AdSense account
2. Write ‘AdSense Policy Violation’ as the subject of your message
3. Please include all of the following in the body of your message:
— The URL of the violating website
— A description of the violation
— The specific location of the violation, if applicable
4. Send this email to adsense-abuse at google.com

This is basically what I sent to Adsense. A bit… choppy, but it gets the job done:

It has come to my attention that the site bitacle.org is ripping off content in whole from blogs and re-licensing it under Creative Commons. They took my complete website, images and everything, and reposted it though my blog is All Rights Reserved.

This site uses only stolen content and then has Google ads (adsense) plastered everywhere around this stolen content. There’s an adbar at the top (horizontal) and then a block towards the bottom by content forms. Look to http://en.bitacle.org/blogs/viewblog/-txl7did0/439 for an example.

They also have a Gmail address they are using in conjunction with this site and have a Gmail login box from their main page of bitacle.org. I’ve not tried this box. I am not aware if it is legitimate or if it just steals passwords, or both, etc.

I appreciate your attention to this matter as this is not acceptible in my book. As an adsense user myself – a legitimate one – I am very distressed to see sites like this that attempt to make money from other people’s hard work.

Thank you.

I’m sure I’ll be updating this post (or making more) as time goes on and things unfold. Share your steps of combating this, if you would – and let us know if you run across any other sites like Bitacle!

More (in no particular order):

• Digg it (hey, sweet, thanks guys :))
• asymptomatic.net/…help-defeat-the-sploggers-with-antileech
• tdjc.be/…bitacleorg-stealing-content/
• allanjenkins.typepad.com/…bitacle_thieves.html
• lutrov.com/blog/80
• stopbitacleorg.wordpress.com/
• theaterofthesoul.unitybiz.net/…all-your-blogs-are-belong-to-bitacle/
• monkeynotions.com/blog/…how-much-is-bitacle-biting/
• monkeynotions.com/blog/…and-the-bitacle-saga-continues/
• frenchysfracas.com/…onmymind20060922/
• frenchysfracas.com/…bitacle-and-splogs-final-thoughts/
• hollywood2020.blogs.com/….bitacle_debacle.html
• arb0rv1tae.typepad.com/…bite_me_bitacle.html

So, yesterday, I got some more spam-by-mail. This time from a company who just identifies themselves as LISTINGCORP.COM and then “Website Listing Service.”

Basically these people want me to pay them to list one of my domains “to 20 major search engines” with “eight keyword / phrase listings” and “quarterly search engine position and ranking reports.” All this for the very low price of $50.00 for one year starting April 21st!! </sarcasm>

But you know what? There is no phone number for this company anywhere on this “notice.” There’s their website: listingcorp.com and the email address info@listingcorp.com. I know this because I looked all over it for a number to call and demand they take me off their list. So I look at their website and click the “contact” link. I’m presented with three email addresses and the following message:

Please contact us via Email:

General Information – info@listingcorp.com
Billing Questions – billing@listingcorp.com
Technical Support – support@listingcorp.com

Due to current large volumes of email, requests can take up to 10 business days to receive a reply.

Ten business days!?
Of course, I know that it’s pointless to try and contact them by email. For one, I’m sure that after ten days they will neither respond nor will I remember anything about them. And for two, the last thing I want to do is give them a valid email address for me.

The really ironic thing? This is for a domain that’s not mine, only registered by me – so, of course, they got my info from the whois. And the domain name has 2006 in it. If they had actually looked at the domain name, they’d see that by April 21, 2006, the function of the domain will have ceased (as it will on April 7th), this is obvious as soon as you visit the site. Just goes to show you they’re trying to get anyone and everyone to fall for this scam.

The really sad thing? There are people that will fall for this. I have a specific person in mind as I write this. I’ve done their website but they registered their own domain name, so their own info is going to be on the whois. So eventually they’re going to start getting mailings like this and the registration scam I’ve talked about before and they are the kind of people who are likely to fall for this type of thing. So, off I go to compose an email…

Oh, so you people who want to be in search engines? Try some meta tags instead:

<meta http-equiv=”Pragma” content=”no-cache” />
<meta http-equiv=”expires” content=”0″ />
<meta name=”keywords” content=”keywords here” />
<meta name=”description” content=”site description here” />
<meta name=”robots” content=”Index, Follow” />
<meta name=”robots” content=”noimageindex, nomediaindex” />
<meta name=”robots” content=”noarchive” />
<meta name=”revisit-after” content=”5 Days” />

Edit them to read the values you want. There are more, of course, but start here. I actually know very little about search engine optimization, but I do know that whatever I’m doing seems to work well. ;-)

From: Post@cia.gov

Dear Sir/Madam,

we have logged your IP-address on more than 30 illegal Websites.

Important:
Please answer our questions!
The list of questions are attached.

Yours faithfully,
Steven Allison

++++ Central Intelligence Agency -CIA-
++++ Office of Public Affairs
++++ Washington, D.C. 20505

++++ phone: (703) 482-0623
++++ 7:00 a.m. to 5:00 p.m., US Eastern time

———–

list.zip 1K

Um, yeahhhhhhhhh. Riiiiiiiight.