(The quickest way to register)

Forum

  1. User picture
    • ders on Thu 06 Dec 2012
    • 10:06:39 AM UTC

    skillpages.com addressbook spamming

    skillpages.com is mark as trusted.

    I believe this should be red.

    Currently a victim receives a mail from a "friend". Upon clicking the link, the victims address book is uploaded and all the addresses in the victims address book now in turn receive an email as if from the victim. Rinse and repeat.

    Motivation for reporting:
    Personal experience of two close associates leading to severe privacy issues.

    References:
    http://touch.budstikka.no/nyheter/advokat-jeg-fole...
    http://itsecurity.weblogs.anu.edu.au/2012/12/05/sp...
    http://www.chrismortimer.se/2011/06/review-skillpa... (comment - John Kast, 6 Nov)
    http://www.ipfraudreporter.com/173-193-133-23-ip-a...
    http://forum.calgarypuck.com/showthread.php?p=3952...
    https://profiles.google.com/116620626199925206931/...
    https://apps.secure.me/a/skillpagesapp
    etc etc

    If WOT is to have any credibility, we can't allow this website to be green, as it most definitely is not!

Comments:

  1. User picture
    • mr_clark on Fri 07 Dec 2012
    • 09:34:10 PM UTC

    RE: skillpages.com addressbook spamming

    Yes, these guys suck.

    If you're on an Exchange system their java application will dump every address from the Global Address List and try spamming them too.

    All recipients have to manually opt-out from skillpages spam. That is simply unacceptable for a reputable company to be doing in this day and age.

    This company should be rated very poorly for their underhanded tactics.

  2. User picture
    • rum on Tue 11 Dec 2012
    • 11:35:58 PM UTC

    RE: skillpages.com addressbook spamming

    Agree - same experiences: unauthorized access to adressbooks and sending mai to each and every contact found there.
    This is unacceptable in a "World Of Trust"

  3. User picture
    • c۞g on Wed 12 Dec 2012
    • 04:38:35 AM UTC

    RE: skillpages.com addressbook spamming

    @ ders
    It's been awhile since you've posted on the forum; WB.

    rated

    FYI, the IP's load the website as well:
    http://54.243.174.255/
    http://23.23.97.145/
    http://23.23.218.50/
    http://107.20.180.65/

    ∞ - and you and I Opto, ergo sum

  4. User picture
    • Super Hero! on Wed 12 Dec 2012
    • 05:06:04 AM UTC

    RE: skillpages.com addressbook spamming

    Agreed

  5. User picture
    • ImaGreenie on Mon 17 Dec 2012
    • 02:46:40 PM UTC

    RE: skillpages.com addressbook spamming

    So, why IS SkillPages listed as a trustworthy site on WOT?? There is absolutely NOTHING trustworthy about spamming someone's entire address book without their knowledge!! I would've gladly sent my SkillPages account info out to *certain selected people* within my contacts upon setting up my pages within the site. But to mass spam EVERYONE?!?! This includes businesses I've chosen NOT to do business with and ex-family members - all receiving an email from "me". I just don't even have words for how unethical this is...

  6. User picture
    • ☼NNY on Wed 19 Dec 2012
    • 04:04:21 PM UTC

    RE: skillpages.com unauthorized facebook account access

    Unauthorized access to my facebook account. It posted to my business facebook page and sent out a request - as though from me - a "request to recommend my skills"..... very very upsetting and annoying! Worse than spammers! Why is this site rated as trustworthy? What does one have to do to get rated poorly?

  7. User picture
    • ellescuba on Thu 20 Dec 2012
    • 04:22:30 AM UTC

    RE: skillpages.com addressbook spamming

    Needs to be red. I totally was fooled by MyWOT with this one. It's SPAM, SPAM, SPAM. Almost every single comment agrees with me.

  8. User picture
    • scottsla on Mon 07 Jan 2013
    • 07:52:14 PM UTC

    RE: skillpages.com addressbook spamming

    I really wanted to trust mywot, but the fact that skillpages is still rated green after so much negative feedback for such an unethical and dangerous site gives me pause to trust mywot at all. Seriously if we can't get a scumbag site like this listed as untrustworthy what use is mywot?

  9. User picture
    • Jazspeak on Mon 07 Jan 2013
    • 10:23:30 PM UTC

    RE: skillpages.com addressbook spamming

    The rating is on the way down to where it belongs.

    ~Music is not just for the Masses~

  10. User picture
    • tellonem on Tue 08 Jan 2013
    • 05:46:42 AM UTC

    RE: skillpages.com addressbook spamming

    Too many people rated them green. Were doing the best we can. Hopefully some who rated them green will see what happened and change their rating.

    "Bri" for short. Surf safely.

  11. User picture
    • carlmccall on Tue 19 Aug 2014
    • 03:30:11 PM UTC

    RE: skillpages.com addressbook spamming

    Originally posted by: tellonem
    Too many people rated them green. Were doing the best we can. Hopefully some who rated them green will see what happened and change their rating.
    They are STILL At It!!! Some stupid Robot invited me to be their NEXT Victim this morning ....

    Heh-heh-heh ... all skillpages had to do to game the WOT system is to have their contact stealing JAVA App also rate skillpages at 100% on all 4 bars with the Victims 'always logged in' WOT browser extension (while it was ransacking every folder on your hard drive and local network for short text strings with an "@" in them) ....

    I mean ... the person who thinks they are signing up for a legitimate Jobs Site is ALREADY At their web page - so the "App" sends a few mouse clicks to certain parts of the browsers interface ... (If WOT Extension: Then Click Toolbar rating Icon Element and subsequently click at right end of each of 4 sliders found - close and save rating .... ) so EVERY Victim signing up "Rates" Skillpages as "Green"!

    They might even try MySQL injection or XSS attacks with malformed invitation emails, or even in an attempt to change their rating 'from inside' your data collecting system ... wouldn't put it past 'em .... (Do you sanitize data sent to your servers by the browsers extension? If a script uses the current WOT session as its entry point can it 'pretend' to be that extension and send requests with SQL queries added to the end?)

    And I'm a "White Hat": but it didn't take me very long to think this stupid crap up. Maybe I don't know what I'm talking about ... can you take that chance? And Can you "Proof" your browser extension so web pages we visit can't add a green WOT rating (with a javascript triggered by a mousedown on a valid intrasite link, maybe?) to itself BY itself?

    I'm not desperate enough to remove the "not enough ratings" question mark WOT Icon from my Software Santa web site to force every visiting browser to rate it automatically ... but some OTHER site owner might be less scrupulous. It WOULD be nice if more of my site's visitors rated my site on WOT though ... I even use WOT to try to vet safe sites for MY sites visitors to go to.