Taking down the weasels: Google sues the scam artists

Better late than never. Credit goes to ReadWriteWeb for being the first place where I read about this recent development.

It’s rare I find something a large corporation does that is worthy of praise, but this is one such situation. The official Google blog reveals that, finally, the corporate behemoth has decided it’s time to drag the weasels into court. Yes, weasels. Anyone remember those posts? (It’s a three-part series, in case you weren’t around in April when I first posted them.)

I lament that it took Google at least eight months to catch on to what was obviously dubious appropriation of their trademark. In fact, with the inclusion of “Google” in the dictionary, the company has already come dangerously close to losing its trademark.

At least, we hope, a few scam artists will be bankrupt shortly, and the sunlight from Google’s official blog will probably scare the rest of them into hiding for a while.

The exposure of a weasel, part 2

Recap: In our last episode, I had just revealed how Jason Hoeffer used an offsite Javascript link to fool naive potential customers into thinking he was from the same city they were living in.

I continued posing as a potential customer, and clicked the “click here” link that purports to be available for only the $2.95 shipping. Having my previous skepticism thoroughly validated, I carefully looked at the terms and conditions. I was not surprised at what I found:

Upon submitting a request for Membership, a Member ID and Password are assigned to you and can be used to gain access to googletreasurechest.com. The initial shipping and handling charge of one dollars and ninety seven cents, includes the google treasure chest kit as well as seven days worth of access to the online directories and training. After seven days, if you choose not to cancel, you will be billed your first monthly membership fee of seventy two dollars and twenty one cents for the membership fee for the googletreasurechest.com membership.

Okay, the initial shipping and handling charge as listed here is a dollar lower. Someone forgot to update the T&C document with the new one. So a week later you get hit for $72.21, spelled out in words to make it much less obvious.

Membership fees will be charged to the credit card used by you to complete the transaction. You have also unlocked a fourteen-day trial and twenty one-day trial to the Fraud SafeLockID and GrantSpring for just $38.84 and $24.87 a month thereafter (shows as “SafeLockID” and “GrantSpring”) should you choose not to cancel.

These bring the total up to $135.92 if you don’t cancel in time.

Prior charges for all programs are non-refundable but bonus subscriptions can be cancelled and future charges stopped at any time by calling toll-free 866.951.1406 Monday – Friday 9am – 5pm. All offers come with a monthly newsletter.

Translation: Not only are we going to bilk you for almost $140, we’re going to spam you.

Skipping down further:

We handle all charge backs and reversals as potential cases of fraudulent use of our services and/or theft of services.

The nerve! The hypocrisy! The absolute, unmitigated audacity! After luring people in with what is arguably fraud itself, Jason Hoeffer turns around and says “if you ask for a chargeback, you’re a fraudster.”

After this, I decided the privacy policy was only worth a quick skim. I uncovered this little gem:

THE COMPANY MAY SELL OR TRANSFER INDIVIDUAL INFORMATION TO AFFILIATES OR THIRD-PARTIES FOR ANY PURPOSE IN COMPANY’S SOLE DISCRETION.

That speaks for itself.

More to come…

The exposure of a weasel, part 1

On a recent visit to Facebook, I stumbled across an ad which links to a Web site jasongetsrich.com showing a $5000 check from Google, and the opening line “Get paid $5 to $30 for every website link that you post on Google.”

The most obvious item I found, however, was that the paragraph after the check said “Thank you for visiting my site. This is Jason Hoeffer from .” Exactly as so, without the city name. It made me wonder what was going on.

I browse on Firefox (and another similar browser, Iceweasel) with NoScript. Allowing Javascript temporarily to all the sites using Javascript from this page filled in that blank space with “Houston.” Well, I’m in Houston. I wonder if that’s coincidence? Could Jason Hoeffer really be from my hometown?

Looking in the HTML source code revealed that the city name was inserted with a bit of off-site Javascript. My skepticism that this Jason Hoeffer guy is really from Houston just grew tremendously. Someone legitimate should not need to use Javascript to insert the city where he or she is from.

Retreiving the script (by itself) via Tor a few times confirmed what I thought. I got Vienna, Paris, and Columbus on three separate attempts. Someone from outside Houston has confirmed that indeed, for her Jason is from a city near where she lives.

The ad may well be off Facebook by now, as I reported this to them.

Morals: don’t take everything at face value, and browse with Javascript off by default. Sometimes, it’s best to assume someone is a pathological liar until you have hard evidence otherwise.

But there’s even more. (To be continued in part 2…)