Hi,
sorry for delay in response.
We had to deal with scammy adverts which were published through our ad network. Maybe you notice them as well, they were coming from all other bitcoin related ad networks too. Problem was that this "advertiser" used 3 of our clients accounts (he somehow obtained their credentials) which led to their ban (as we thought they are causing these ads showing up).
We want to apologize to bitcoinalien, he was among those affected. We simply followed our TOS and (without knowledge that someone else uses his account) we banned him. I was in contact with him via pm and I hope it is sorted.
Here you can see the ads:
first one led to this website:
If anyone filled up the field requiring their bitcoin wallet ID they were transferred to dummy blockchain.info website which was set up to steal login credentials.
Now most of the people would notice that is a fake site but plenty simply did not and they gave away their details to scammer.
We wanted to find
a) reason for this mess happening,
b) identify the source and person behind it,
c) make everything possible it wont happen again.
We hired 3rd party to run diagnosis and to specify eventual vulnerabilities (if any exist) and the results came only yesterday. We were happy that the worst scenarios (SQL injection, XXS attack) were not on place, all was done via social engineering probably (from over 500 users accounts only 4 were affected).
We know that plenty of publishers don't care what kind of ads are being posted on their website as far as they get some profit of it. This won't happen with us, there will be ZERO tolerance towards any suspicious activity even this will cost us revenue. Obviously we can not decide about every ad - if miners offer is real or is it a scam, its up to users to find out, but we will try to block any ad coming with "scam" written over it.
To avoid this happening we took these actions:
1) There is
secure https access to bee-ads.com now implemented.
2)
Auto "reset password" function added (linked to users email accounts so its impossible to re-gain access to bee-ads unless you are owner of the email). If you feel there is any suspicious activity going on with your account just change your password.
3)
All new advertisements have to be manually validated before becoming functional. We are aware it could be inconvenient for some advertisers but it is simply necessary measure we had to take now. No more malicious ads leading to scam websites will be possible to put via bee-ads.com.
I hope you will understand our position. We value honest users and we want to protect them.