Topic: TradeHill Spam - page 2. (Read 8300 times)
I didn't provide that person with my email address or opt-in to their messages. This makes it spam.
Seven emails from someone I don't know, giving me advice I don't need, encouraging me to change exchanges even though I already have accounts at both, and trying to get referral fees out of it - that sure meets my definition of spam.
Spam is getting advertisements for male performance products or whatever, for no good reason, out of the blue.
Ms. BS's timely and responsive email blast was primarily an advisory about the MtGox situation, with the additional option of using TradeHill as a handy replacement also being provided.
Your objections just go to show that no good deed goes unpunished.
getting the same message now using this account TH-R15977
Tighten your belts, a new wave of TH-related spam is on the way!
Just got another email... will I get emails from all TH users? Scary just think about it!
People, my data plan doesn't support for all this spam! Please! I rather switch off my MtGox email from my BB.
Just got another email... will I get emails from all TH users? Scary just think about it!
People, my data plan doesn't support for all this spam! Please! I rather switch off my MtGox email from my BB.
Yep, I just got the following spam from '[email protected]':
Quote
The latest in a string of hacks to Mt Gox has made me move to Trade Hill. Use this referral code to get 10% off all trade fees: TH-R13698
Sign up at Trade Hill today!
http://www.tradehill.com/?r=TH-R13698
Sign up at Trade Hill today!
http://www.tradehill.com/?r=TH-R13698
Tighten your belts, a new wave of TH-related spam is on the way!
Just got another email... will I get emails from all TH users? Scary just think about it!
People, my data plan doesn't support for all this spam! Please! I rather switch off my MtGox email from my BB.
Just got another email... will I get emails from all TH users? Scary just think about it!
People, my data plan doesn't support for all this spam! Please! I rather switch off my MtGox email from my BB.
No need to to go overboard. If Mt.Gox had NO security precautions then there passwords would have been in the clear, OR they would have actually lost the bitcoins out of their back end wallet.
Some of the older passwords are damn close; they're hashed with unsalted MD5, which is not exactly high-grade security. They seem to have missed obvious security measures whenever those would require significant effort. I'm more paranoid than this about security in toy web applications, for goodness sake!Just because tradehill hasn't been compromised means absolutely nothing. Why would anybody even bother? All the current traders are on Mt. Gox. since you have no idea what security Tradehill has, then implying that they are doing something better then Mt. Gox is just spreading a false sense of security.
An entirely founded sense of security, thank you very much. Similar CSRF vulnerabilities have been found on some of the other smaller sites - there are people actually looking for them now. (It appears from a quick glance that Tradehill have CSRF protection on at least their login and registration forms, so they're aware of the issue.) Sure, it's impossible to be entirely certain how secure other aspects of the site are, but it's a promising sign that they've taken this seriously. 
Seven emails from someone I don't know, giving me advice I don't need, encouraging me to change exchanges even though I already have accounts at both, and trying to get referral fees out of it - that sure meets my definition of spam.
As I mentioned in another thread, I'd like to point out this person is not affiliated with The Bitcoin List in any way.
As I mentioned in another thread, I'd like to point out this person is not affiliated with The Bitcoin List in any way.
Seems like an entrepreneur responding to economic incentives to disseminate news to interested parties. Helpful.
Loved the "Ms BS" touch! 
Quote
Delivered-To: [email protected]
Received: by 10.52.183.73 with SMTP id ek9cs4491vdc;
Sun, 19 Jun 2011 16:15:17 -0700 (PDT)
Received: by 10.91.72.28 with SMTP id z28mr5024515agk.61.1308525316970;
Sun, 19 Jun 2011 16:15:16 -0700 (PDT)
Return-Path: <[email protected]>
Received: from bonecrusher.gulfsouthmedia.com (bonecrusher.gulfsouthmedia.com [209.223.236.66])
by mx.google.com with ESMTPS id f2si9221695anb.176.2011.06.19.16.15.16
(version=TLSv1/SSLv3 cipher=OTHER);
Sun, 19 Jun 2011 16:15:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of [email protected] designates 209.223.236.66 as permitted sender) client-ip=209.223.236.66;
Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of [email protected] designates 209.223.236.66 as permitted sender) [email protected]
Received: from goemitar by bonecrusher.gulfsouthmedia.com with local (Exim 4.69)
(envelope-from <[email protected]>)
id 1QYRD2-0004XV-Fn
for [email protected]; Sun, 19 Jun 2011 18:15:16 -0500
To: [email protected]
Subject: Mt Gox has been hacked
X-PHP-Script: www.goemitar.com/mailto.php for 84.194.195.139, 173.245.53.210
From: A Bitcoin Supporter <[email protected]>
Message-Id: <[email protected]>
Date: Sun, 19 Jun 2011 18:15:16 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - bonecrusher.gulfsouthmedia.com
X-AntiAbuse: Original Domain - x.com
X-AntiAbuse: Originator/Caller UID/GID - [639 634] / [47 12]
X-AntiAbuse: Sender Address Domain - bonecrusher.gulfsouthmedia.com
Dear Sir or Madam,
A few hours ago the Bitcoin trading website Mt Gox has been hacked. Malicious individuals have been able to obtain a database containing usernames, email address and encrypted passwords. This information has been posted publicly on the internet.
As a Bitcoin supporter I'm now sending a message to every email address contained in the hacked database. This is to warn you that your username, email address and password have been leaked. I therefore strongly advice you to change your passwords. If you have used the same password on different websites it's highly recommended to change your password on all of your accounts!
For a more secure alternative to Mt Gox, the community appears to be moving to TradeHill. So this is no reason to lose faith in Bitcoin itself. It must be seen as a warning that not every website can be trusted with your data however! Their link is http://www.tradehill.com/?r=TH-R15683 (Note: You can remove the Referral Code when registering if you want!) This is certainly not the only website where you can exchange Bitcoins, also check out http://www.thebitcoinlist.com/dp_bitcoin/bitcoin-exchange/
Sincerely,
A Bitcoin supporter
1CWSjov2N7ix41bZ8bJfHXkdLLbkUsG9Y7
I for one, think that TradeHill should block referrer TH-R15683 from any commission.
Ms. Bitcoin Supporter should be given a double commission for her timely assistance to the bitcoin community in its hour of greatest need, not punished!
She has provided a valuable service by informing the compromised users with info they badly needed to know and respond to, while MtGox was still in denial mode and dropping the ball. The same thing happened at Gawker!
By including a link to the leading MtGox alternative, Ms. BS also gave compromised users the option of using that tool in their responses.
Let's examine the altruism meme that demands Ms. BS not gain anything for herself but possible self-satisfaction.
- Without the greater incentive provided by the referral link, Ms. BS may have been less motivated and waited longer to send out her email blast.
- Because Ms. BS opens herself up to (now demonstrated) recriminations from TradeHill, and possible retaliation from the MtGox hackers, there is an unspoken, subtle demand that Ms. BS sacrifice herself for others, without reward.
I could go on, but I'm sure all you bright bitcoiners have already gotten the point.
this kind of advertising shows what kind of ethics the people running tradehill have.. not exactly the #1 qualification for a guy you entrust with your money and to run a fair exchange.
I don't really see what's wrong with this. He even said you can remove the code. Besides that it actually is an informative email. He's just giving you a sort of voluntary place to tip?
+1At the very least we will remove all the referrals from this users account.
Why?As said just above, he even said one's could remove the referral code
Hi JackJack,
It is not within our value system to applaud/condone the use of stolen goods whether they benefit us or not.
We recognize this person is a ‘fan’ but we will NOT be giving them commissions. Likewise, our partners will discuss any further actions and we will report back.
Thanks,
Adam Stradling
I don't really see what's wrong with this. He even said you can remove the code. Besides that it actually is an informative email. He's just giving you a sort of voluntary place to tip?
Seriously? People believe it is not spam if they say you can remove the ref code.50% of the spamposts on forums contain that sentence, the other 50% camouflages the ref url with url of the original site
This is clearly spam not an info mail, the info mail I've allready got from MtGox themselves before I got 8 mails from our nice btc supporter.
yeah WTF?!?! nobody likes spammers... 
I'd save that for the guy that set up a website handling millions of dollars' worth of other people's money without even basic security precautions. At least those e-mails are vaguely useful. He or she is even recommending a sensible replacement for Mt Gox; as far as I know Tradehill's the only bitcoin trading site that no-one's found CSRF vulnerabilities on yet, which hopefully means they're actually taking security seriously.
No need to to go overboard. If Mt.Gox had NO security precautions then there passwords would have been in the clear, OR they would have actually lost the bitcoins out of their back end wallet.
Just because tradehill hasn't been compromised means absolutely nothing. Why would anybody even bother? All the current traders are on Mt. Gox. since you have no idea what security Tradehill has, then implying that they are doing something better then Mt. Gox is just spreading a false sense of security.
http://forum.bitcoin.org/index.php?topic=19619.msg246455#msg246455
Cant tell if it was him sending it or the first to report it...
Cant tell if it was him sending it or the first to report it...
I don't really see what's wrong with this. He even said you can remove the code. Besides that it actually is an informative email. He's just giving you a sort of voluntary place to tip?
+1At the very least we will remove all the referrals from this users account.
Why?As said just above, he even said one's could remove the referral code
We simply cannot condone using stolen information to promote TradeHill.
I don't really see what's wrong with this. He even said you can remove the code. Besides that it actually is an informative email. He's just giving you a sort of voluntary place to tip?
For one thing MtGox already sent out a lovely "informative" Email to every effected user, and only one per user at that
. And They didnt try to drum up a few shillings out of the disaster like this chap 
This is not the way we want to grow our business. At the very least we will remove all the referrals from this users account.
I want to make it very clear that TradeHill is not spamming the compromised user list from Mt Gox.
Posting his personal information would violate our privacy terms which we take very seriously.
I want to make it very clear that TradeHill is not spamming the compromised user list from Mt Gox.
Posting his personal information would violate our privacy terms which we take very seriously.
Thank you, glad to hear action will be taken against this individual. It's one thing to make a forum post, but a totally different beast to use the emails from the leaked DB.
Go one step further.
We should find him, torture him and cut him in pieces
I'd save that for the guy that set up a website handling millions of dollars' worth of other people's money without even basic security precautions. At least those e-mails are vaguely useful. He or she is even recommending a sensible replacement for Mt Gox; as far as I know Tradehill's the only bitcoin trading site that no-one's found CSRF vulnerabilities on yet, which hopefully means they're actually taking security seriously. We should find him, torture him and cut him in pieces
Jump to: