News

TechTSS.com - “CASL-Compliant” SEO Spammers, hosted by BlueHost [UPDATED]

In the past, we've written about the extremely dim view we take of SEO & web development spammers; while it's nowhere near as dangerous as other types of spam, it can be a bigger annoyance because of the sheer volume & the fact that it's harder to block, making it more likely for SEO spam to get through spam filters compared to viruses or phishing EMails. And an increasing number of those spammers have switched to sending spam through website contact forms rather than EMailing directly, since that's harder to block & report (since messages sent through a contact form typically come from your own mail server). For those reasons, my current preferred trick for dealing with those types of spammers is respond & ask if their services are "CASL-compliant" - with CASL being the Canadian Anti-Spam Legislation.

That serves two purposes. The first is simply to get a response from the spammers, which gives me an EMail that can be reported as spam to their hosting provider - and if they're particularly dumb, they may even respond from their real domain name and/or with their real website address, rather than the throwaway Hotmail/GMail accounts they typically use to keep their spamming operations at arm's length. The second purpose is admittedly more petty: as a trick question (that I already know the answer to), to see if they're desperate and/or dishonest enough to claim that they are CASL-compliant - which is particularly hilarious, given that they've already violated CASL by spamming us in the first place. Which brings us to TSS Sales, AKA TechTSS.com: "CASL-compliant" SEO & web dev spammers. Read on for the details.

So far, this spammer has followed the usual pattern: the initial contact came from an @gmail.com address, from a "Dominic Joy" - and when we wrote to ask about the CASL-compliance of his services, he quickly replied "Yep, our services are CASL-compliant." Normally we would just report the EMail as spam & leave it at that, but "Dominic" has managed to stand out thanks to his persistence: since originally spamming us on July 14th, he's sent an additional four follow-up EMails, with the latest one arriving today. So, in addition to this article, we've decided to reward his persistence by filing a report with the CRTC that TechTSS.com is sending spam that violates CASL, while simultaneously claiming to comply with CASL... in the very same EMails where they're violating that law. Which will also help serve as a simple experiment to determine just how blatantly someone can violate CASL before the CRTC will actually take action (not holding my breath, to be honest).

And that brings us to the third-parties who are providing "spam support" services for TSS Sales, particularly their web hosting provider: Bluehost.com, AKA one the least-competently run large providers (second only to OVH) I've had the displeasure of dealing with in the past 20 years (they're the owners of HostMonster, the company that put us through a ridiculous comedy of errors back in 2014). Bluehost currently provides hosting for TechTSS.com, and we have reported 4 spam EMails to them which advertise that address - yet two weeks later, the site is still online. By comparison, responsible hosting providers with competent abuse staff typically resolve issues like this within 48 hours, at most. Not only that, but when reporting the latest EMail via SpamCop, I noticed a note in the report details stating that "ISP does not wish to receive reports regarding http://www[.]techtss[.]com/" (URL munged to avoid giving the site an undue SEO boost). Those notices only appear when a website address has been reported via Spamcop, and the recipient(s) of the report has then clicked a link indicating that they don't want to receive any further reports related to that address - likely meaning that Bluehost just blindly forwarded the Spamcop report to the spammers themselves, without bothering to remove the "Don't send reports for this address in the future" link, giving the spammers the ability to prevent Bluehost from receiving future complaints against that URL.

UPDATE 2017-07-26: we contacted Bluehost directly about the issue. The person I spoke with claimed that Bluehost had not received any of the complaints I sent, and that the address I had sent them to (malware@bluehost.com) was not valid; they asked to forward the offending EMails to a different address and gave assurances that their abuse department would address the issue. We'll see.

UPDATE 2017-08-01: Bluehost appears to have validated my earlier skepticism, by failing to take any evident action against the spam site in the 6 days (and counting) since giving assurances they would address it. So it would appear, contrary to their terms of service & the claims of their staff, that Bluehost is A-OK with their servers being used to host spam-support websites.See below for the transcript of our latest conversation with Bluehost.






Comments

Tom Ericson on August 10 2017

Thanks for sharing

Linux and Windows web hosting plans start at just $7.95/mo.