[HN Gopher] Beware HN: The rise of weaponized "abuse" reports
___________________________________________________________________
Beware HN: The rise of weaponized "abuse" reports
Reputation management companies are hired to clean up Google search
results for their clients. They usually send scary sounding emails,
or letters demanding some "unauthorized", "sensitive" or
"threatening" content (created by a user) be removed. They can't
use a DMCA notice because it isn't a copyright complaint. If you do
not give in to their demands, they will send the same scary
sounding notices to abuse@[host], abuse@[registrar] and abuse@[dns
provider]. The most unscrupulous reputation management company
I've ever dealt with (izoologic) has apparently figured out that
"phishing" is the best way to get what they want. They claimed a
user-generated page on my site was phishing for credentials
(because it happened to mention their client's name and had a login
form on it). I got this from Namecheap: """ We are writing from
the Namecheap Legal and Abuse team. It has come to our attention
that phishing content is displayed on your website at the link:
[URL to an entirely innocent page] As a reminder, phishing is
expressly prohibited by our Universal Terms of Service Agreement,
paragraph 7. "Acceptable Use Policy (AUP)" at
https://www.namecheap.com/legal/universal/universal-tos.aspx We
need you to act promptly in removing the reported content within
the next 24 hours. While we always try to avoid having to interrupt
our customers' services, if we receive no response from you or no
action is taken within the mentioned time frame, unfortunately, we
will be forced to suspend the domain until the matter is resolved.
""" From my logs, I can see Namecheap didn't even visit the page
before requiring me to take it down within 24 hours. If I had been
on vacation, apparently my domain would have been suspended. If
you accept user generated content, you need to be vigilant about
handling these weaponized abuse complaints. They can take down your
business in a day if you are not paying attention.
Author : tothrowaway
Score : 144 points
Date : 2021-04-30 16:03 UTC (7 hours ago)
| sameboat632746 wrote:
| Can you build an autoresponder to their boilerplate emails?
| bellyfullofbac wrote:
| > They claimed a user-generated page on my site was phishing for
| credentials (because it happened to mention their client's name
| and had a login form on it).
|
| There was an incident a few years ago where an article talked
| about Facebook changing its login system. This article ended up
| being the top Google result for the search "Facebook login". What
| happens? Hundreds of angry comments asking "Why did you change
| the login page?!? "How do I login to Facebook, this is so
| complicated", etc, etc.
|
| The "reputation management company" shouldn't have a case, but
| well, idiotically, they have a little one.
|
| Another thing I've seen is a blog article talking about how to
| cancel Amazon Prime. In its comments: several dozen people
| writing "My Amazon prime account is XYZ, I would like to cancel
| it please."...
| SommaRaikkonen wrote:
| That's a bit...concerning. If I may ask, what was your solution
| to the abuse? Did you send Namecheap an email to confront them?
| tothrowaway wrote:
| I had to respond since I didn't want Namecheap to remove my
| business from the internet. The response from the support agent
| was:
|
| """ The preceding report appears to have been sent to you in
| error. Please accept our apologies for the mix-up and the false
| positive alert.
|
| Please let us also assure you that we do value our long-term
| partnership with you and value you as our loyal customer. The
| situation experienced is no more acceptable to us than it was
| to you.
|
| Such a time frame was specified in our initial email as
| phishing is considered to be a time-sensitive issue. However,
| we try to extend the time frame provided to our loyal customers
| to the maximum possible extent. Hence, the 24-hour time frame
| would have been extended in case of no-response from your side
| and we would tried to reach you again. """
|
| I CC'd the CEO, but haven't heard anything direct. I can't have
| my domains with a company that has their trigger finger glue to
| the "suspend" button. I just don't know who else to register
| with. It's all a race to the bottom in terms of service and
| pricing. There doesn't seem to be a middle ground between
| MarkMonitor and Namecheap.
| toomuchtodo wrote:
| Cloudflare appears to be an option.
| weird-eye-issue wrote:
| You can't register a domain with Cloudflare. You can
| migrate one to them though. Using AWS as a registrar is
| probably not a bad idea either.
| giantg2 wrote:
| This is not what I thought. I figured this would be about PFAs in
| divorces. I guess that's old news.
| [deleted]
| aww_dang wrote:
| I honor polite takedown requests. Many times they'll open an
| abuse ticket without even bothering to email the whois contact.
|
| They almost always use some ridiculous cyber-scare language.
| "Confirmed digital threat incident", is one of my favorites.
|
| Like the false DMCA spammers, I doubt they review the content in
| question before sending their boilerplate.
| eloff wrote:
| This is why I move all my domains to cloudflare. I want a big
| company that takes security seriously, will be resistant to
| social engineering attacks, and won't be intimidated. Plus they
| do renewal at cost, and have an excellent DNS service with an
| API. Tough to beat that combo.
| toomuchtodo wrote:
| Namecheap customer here. Is there anything you lost moving to
| Cloudflare?
| eloff wrote:
| Nothing I miss anyway. It's been a good decision in my
| opinion.
| weird-eye-issue wrote:
| Depends what you are using Namecheap for... If you are just
| registering a domain and changing the nameservers then you
| wouldn't miss anything. If you use Namecheap's DNS, mail,
| hosting, etc then obviously it is not just a direct switch.
| [deleted]
| charrondev wrote:
| I moved a few domains from namecheap to Cloudflare recently
| after the namecheap domain configuration settings wouldn't
| load (some JavaScript error).
|
| I contacted their support and after 1 hour of no one possibly
| accepting that it was a bug (just insisting over and over I
| clear my cache, use a specific version of Chrome etc) I got
| fed up. I'm a front end dev. I could see clearly one of their
| APIs the page depended on was serving a 500.
|
| Anyways I transferred my domains and haven't missed anything.
| I was already using cloud flare for DNS though.
| soco wrote:
| The reputation management company only does what has been hired
| to do. Te unscrupulous company here is in my opinion Namecheap,
| for facilitating abuse of its customers.
| sokoloff wrote:
| It's entirely possible for more than one party to be acting in
| an unscrupulous/undesirable manner in this chain.
| [deleted]
| calibas wrote:
| FYI, this post about weaponized abuse reports is being
| downvoted/flagged. It very quickly disappeared from the front
| page of HN.
|
| And I'm well aware it's against guidelines to even comment about
| this on HN, but it's directly relevant to the content of the post
| and the health of HN as a whole.
| finiteseries wrote:
| It might be falling under most people's "meta" content filters,
| I thought this was about the abuse of HN's flagging feature
| from the title.
|
| Dropped from 37 to 41 in the minute it took to write this.
___________________________________________________________________
(page generated 2021-04-30 23:03 UTC)