| Halaman dalam topik: < [1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24] > | Illegal use of data from ProZ.com profile Penyiaran jaluran : RoxanaTrad (X)
|
|---|
Giuliana Buscaglione 
Amerika Syarikat
Local time: 09:00
Ahli (2001)
Bahasa Jerman hingga Bahasa Itali
+ ...
| The ranking of that site must have hit the stars... | Jul 21, 2009 |
.. in the past three days
Now with a direct link to this thread. If it serves the purpose of having our data removed, OK
Giuliana
| | | | Neil Coffey
United Kingdom
Local time: 17:00
Bahasa Perancis hingga Bahasa Inggeris
+ ...
| Get control; looks like outsourcingroom.com set these up | Jul 21, 2009 |
For those that have one of the fraudulent accounts on outsourcingroom.com, I'd at least recommend you try and take control of the account before somebody else does.
I noticed I was there (with very minimal information) so went to the "recover password" section, entered my apparent user ID and one of my e-mail addresses, and sure enough, I was sent the "reset password" e-mail to the e-mail address I entered. It's conceivable that they already had this e-mail address on file. But I'm ... See more For those that have one of the fraudulent accounts on outsourcingroom.com, I'd at least recommend you try and take control of the account before somebody else does.
I noticed I was there (with very minimal information) so went to the "recover password" section, entered my apparent user ID and one of my e-mail addresses, and sure enough, I was sent the "reset password" e-mail to the e-mail address I entered. It's conceivable that they already had this e-mail address on file. But I'm also guessing that maybe they're just waiting for people to try and recover the passwords of these fraudulent accounts in order to get the corresponding e-mail addresses.
Once I was "logged in", the first screen I was taken to was one asking me whether I wanted to "sign up" as a provider or buyer. This is distinctly fishy. If these accounts were set up manually by somebody else as the CEO appears to be claiming, then does outsourcingroom.com really normally have a mode whereby you can sign up without giving an e-mail address and without selecting whether you want to be a provider or buyer?? When I go to the "register" secreen, that is the first question I'm asked. So how were these accounts set up?
An interesting experiment that I'd be interested to hear the results of (sorry I should have thought of this): try and "recover" your password entering a brand new e-mail address that you've never used before (maybe use a mailinator one) and see if it sends you the mail. If it does then that really seems to sugest that outsourcingroom.com themselves have set up these fraudulent accounts-- why would they let somebody else set up an account without an e-mail? ▲ Collapse
| | | | Oana Popovici
Itali
Local time: 18:00
Ahli (2008)
Bahasa Inggeris hingga Bahasa Romania
+ ...
| I'm there too | Jul 21, 2009 |
I found my profile on OutSourcingRoom.com, as well, but never registered with them.
I even tried to sign in, by typing some kind of password, but nothing happened, neither was I able to view the profile from "inside", nor an error message appeared.
I am indexed with the nickname I use on other websites, similar to Proz.com. They only state my country, region and city, no contact information is visible.
Anyhow, I really don't like the fact that they gathere... See more I found my profile on OutSourcingRoom.com, as well, but never registered with them.
I even tried to sign in, by typing some kind of password, but nothing happened, neither was I able to view the profile from "inside", nor an error message appeared.
I am indexed with the nickname I use on other websites, similar to Proz.com. They only state my country, region and city, no contact information is visible.
Anyhow, I really don't like the fact that they gathered this info without my permission and inserted it there... ▲ Collapse
| | | | | Email addresses are also stolen - and more | Jul 21, 2009 |
Neil Coffey wrote:
An interesting experiment that I'd be interested to hear the results of (sorry I should have thought of this): try and "recover" your password entering a brand new e-mail address that you've never used before (maybe use a mailinator one) and see if it sends you the mail. If it does then that really seems to sugest that outsourcingroom.com themselves have set up these fraudulent accounts-- why would they let somebody else set up an account without an e-mail?
I just tried this. Set up a brand new email account, and try to use it to recover the password. It did not work. I got en error message that the login or the email was incorrect. Since I knew the login was correct, it means they have an email address on file. I decided to risk it, and tried my various email addresses. None of them worked, until the last one. This is the email I use for work, and I normally do not give it out on websites like yahoo or anywhere else.
It is the email that I use here on ProZ, so all ProZ communication comes to that address. The domain name and the email account with it is hosted by ProZ.
So, this points to ProZ as the data source, as I do not use this combination (this login and email) anywhere else.
The next step was to actually log in and see what data they had in my profile.
I had to choose whether I was a Provider or a Buyer. I clicked Provider and picked Basic membership. Then, I was allowed to see my profile.
To my surprise, they had my full name in the exact format that I have on ProZ and ONLY on ProZ: that is, the first name field contains my middle name, too.
They also had my full address and my phone number, which are hidden in my profile.
Basically, they seem to have all information I have in the Profile Contact information section here on ProZ, regardless whether those are private or public. The email address they had was of course the primary email I have listed in my profile (and it is hidden).
This, again provides an additional evidence that the data came from ProZ.
Data backup tapes on the loose? Discarded servers, hard disks? Former employee?
These are just some of the ideas that came up in my mind...
What I did after I found all that info:
I tried to delete the data in the fields. It would not let me, it wanted something in the fields. So I entered a space into every single field, then saved them. After that, I clicked on the remove account button.
My account does not appear anymore on that site, the link that used to work returns an error.
Unfortunately I forgot to take screenshots of the pages while doing this, which is a lost opportunity for showing evidence - perhaps somebody else following the same steps would do it. Please?
Katalin
[Edited at 2009-07-21 20:07 GMT]
| | |
|
|
|
Try a couple of crap gmail addresses and no luck and then my proper address - still no luck. And then I figured that I most have used a different email when I set up my proz account as I was living in Sweden then and this was pre-gmail.
So now I've been stupid enough to give them my "proper" email address as well as a few crap ones...
But it looks likely that the address they have for me is the one I used when I first joined proz. Henry, can you please get some real inv... See more Try a couple of crap gmail addresses and no luck and then my proper address - still no luck. And then I figured that I most have used a different email when I set up my proz account as I was living in Sweden then and this was pre-gmail.
So now I've been stupid enough to give them my "proper" email address as well as a few crap ones...
But it looks likely that the address they have for me is the one I used when I first joined proz. Henry, can you please get some real investigation going. From Katalin's info it seems quite clear that there's been a serious breach of security on proz side. ▲ Collapse
| | | | Giuliana Buscaglione
Amerika Syarikat
Local time: 09:00
Ahli (2001)
Bahasa Jerman hingga Bahasa Itali
+ ...
| well, not really that surprising | Jul 21, 2009 |
Hi Katalin,
Katalin Horvath McClure wrote:
Data backup tapes on the loose? Discarded servers, hard disks? Former employee?
These are just some of the ideas that came up in my mind...
I have my best guess, which is based on what I have read here and seen there. I found it pretty odd that my e-mail address and address were skipped to jump to the display of my also hidden region and city.
Admin profiles are there, too.
Giuliana
| | | | | Thanks, Neil and Katalin | Jul 21, 2009 |
Katalin Horvath McClure wrote:
Neil Coffey wrote:
An interesting experiment that I'd be interested to hear the results of...
I just tried this...
... Basically, they seem to have all information I have in the Profile Contact information section here on ProZ, regardless whether those are private or public. The email address they had was of course the primary email I have listed in my profile (and it is hidden).
Thanks Neil and Katalin, for undertaking the experiment. This is new info for me. If they have email addresses (and this seems likely now, though not absolutely certain (believe it or not)), that would suggest that they have done more than just crawl ProZ.com over time.
I'll post again in a few minutes on what we know so far.
| | | | | Thinking out loud - and asking for more help... | Jul 21, 2009 |
First off, thanks again, everyone, for your help on this. We don't have all the answers we need yet. I'll let you know what we think we know up to now.
First, they have definitely crawled ProZ.com (or obtained data from someone who has -- doesn't really matter for the purposes of this discussion). That in itself is not troubling, it is the sort of thing that Google, for example, and dozens of other outfits, do at ProZ.com every day. The web is public, as far as reading goes. (Doesn'... See more First off, thanks again, everyone, for your help on this. We don't have all the answers we need yet. I'll let you know what we think we know up to now.
First, they have definitely crawled ProZ.com (or obtained data from someone who has -- doesn't really matter for the purposes of this discussion). That in itself is not troubling, it is the sort of thing that Google, for example, and dozens of other outfits, do at ProZ.com every day. The web is public, as far as reading goes. (Doesn't give anyone the right to publish what they come across though.)
Next, reports may suggest that they have been crawling for some time. As I posted, they are publishing data that, apparently, was once shown in ProZ.com profiles, but that is not on file anymore. Like old usernames (which are distinct from usernames on old profiles.)
So it is clear that they have gone to a lot of trouble to obtain whatever public data could be obtained.
What about private data, though?
Katalin's post suggests they may have obtained some private data (though again we can't be entirely sure). If they did get it, how could they get it? Some have suggested backup tapes, former employee, etc. I don't think so. Not because this is impossible, but because the evidence so far does not seem to support that. For one thing, if they had direct access to databases, they would not have had to crawl. For another, the data fields do not line up, which suggests crawling without access to a database. (Katalin found her middle name in the place for a first name, for example.) Third, if they had access to the database, why are some of the fields left blank? As Giuliana said, it would be strange for them to be using some but not all of the data, especially when they have fields for it.
As for the other theories, nothing is ringing any bells for me yet. When someone cracks a server, there would normally be indications of it. We have monitoring systems in place (they did not get triggered), and we do not yet have any other evidence of cracking.
So you can see that there are some open questions. One of our systems guys is investigating from the server side.
Here, to build upon Neil and Katalin's experiment, I wonder: has anyone received an unsolicited email from outsourcingroom?
I am trying to rule out the possibility that the only way for them to get email addresses is for us to supply them... and it would be a little unusual / interesting if, after having obtained email addresses, they were not using them. Also, if unsolicited emails have gone out, getting the ammunition for our complaints in the form of people affected would be good.
(I read your post carefully, Katalin, and I see that you carried out a careful and thorough experiment. But there are still some techniques -- albeit unlikely ones -- that they could be using to confirm that an address supplied to them is one on file at ProZ.com.) ▲ Collapse
| | |
|
|
|
| Thanks, Giuliana - what ideas do you have? | Jul 21, 2009 |
Giuliana Buscaglione wrote:
I have my best guess, which is based on what I have read here and seen there. I found it pretty odd that my e-mail address and address were skipped to jump to the display of my also hidden region and city.
As I understand your report, Giuliana, they have your location but not your email address, is that right? Are you sure that your location was never public in your ProZ.com profile? Not even in the form of display of the Google map?
Anyway you say you have a theory. What is it? Let's put our heads together here...
| | | | | Drew has enough examples now - thanks! | Jul 21, 2009 |
To circle back on a prior post, we now have enough reports of profiles being republished without permission, and are proceeding with our complaints. Thank you!
Henry D wrote:
Hi folks,
As part of what we are sending, we would like maybe 5 - 10 examples of violations from those affected. To those of you who have found your data displayed on outsourcingroom.com without your permission, if you don't mind, please take a minute to send an email to drew - at - proz.com and including a link to your proz.com profile, a link to the profile that has been generated for you at outsourcingroom.com, and a line stating that this happened without your permission.
I'll post again when we have enough. Thanks in advance.
| | | | | One correction to your understanding, Henry | Jul 21, 2009 |
Henry D wrote:
What about private data, though?
Katalin's post suggests they may have obtained some private data (though again we can't be entirely sure). If they did get it, how could they get it? Some have suggested backup tapes, former employee, etc. I don't think so. Not because this is impossible, but because the evidence so far does not seem to support that. For one thing, if they had direct access to databases, they would not have had to crawl. For another, the data fields do not line up, which suggests crawling without access to a database. (Katalin found her middle name in the place for a first name, for example.)
(Bold emphasis is mine.)
Henry, I think you got it wrong.
On ProZ, there is no field for the middle name, only First name and Last Name.
I normally do not use my middle name on websites, etc. I decided to use it here, because my middle name is very obviously Hungarian, and that helps when outsourcers look for natives. So, I wanted to put my middle name somewhere. I had the choice of putting it into the Last Name field along with my last name. As I remember (sorry, it was long ago) doing that would have resulted in a strange display on either the profile page or elsewhere on the site (I don't remember what the exact problem was), so I decided to put it into the First name field, after my actual first name. This is something I only did here, at ProZ, nowhere else. The profile they had for me at the other site (I do not want to propagate the name even further on the net) had exactly that field structure: First name containing my first name followed by my middle name, and the last name containing only my last name. So, my point is that the data fields DO LINE UP.
That's why I got suspicious about the database, as it seems to me that sort of data structure would definitely be in the database, but I am not sure how easy it would be to capture it by just crawling.
Katalin
[Edited at 2009-07-21 23:43 GMT]
| | | | Claudio Porcellana (X)
Itali
| to clinch the question once and for all | Jul 22, 2009 |
per tagliare la testa al toro (in italian
at the end of your investigations, I suggest to give us a way to change our ProZ login username
so, we can rid the house of these mice without take the wraps off our e-mail addresses in this dangerous and unuseful account removal query ...
If after this procedure, the issue will reappear, it will be clear that there is some serious problem in ProZ systems
... See more per tagliare la testa al toro (in italian
at the end of your investigations, I suggest to give us a way to change our ProZ login username
so, we can rid the house of these mice without take the wraps off our e-mail addresses in this dangerous and unuseful account removal query ...
If after this procedure, the issue will reappear, it will be clear that there is some serious problem in ProZ systems
furthermore, this is not for sure the sole fraudulent data mining website in the cyberspace, so a policy with regular mandatory changes (1 per year or so) of ProZ login usernames and PWs would be very useful
what do you think about?
Claudio ▲ Collapse
| | |
|
|
|
Henry D wrote:
First, they have definitely crawled ProZ.com (or obtained data from someone who has -- doesn't really matter for the purposes of this discussion). (..)
Next, reports may suggest that they have been crawling for some time. As I posted, they are publishing data that, apparently, was once shown in ProZ.com profiles, but that is not on file anymore. Like old usernames (which are distinct from usernames on old profiles.) (...)
Some have suggested backup tapes, former employee, etc. I don't think so. Not because this is impossible, but because the evidence so far does not seem to support that. For one thing, if they had direct access to databases, they would not have had to crawl.
Why limit yourself to a single source. As I said earlier, when someone pointed out her data was very recent, the tape idea doesn't have to be the sole source. One could have acquired a old database copy and supplement the data by crawling.
Third, if they had access to the database, why are some of the fields left blank? As Giuliana said, it would be strange for them to be using some but not all of the data, especially when they have fields for it.
Not if you wanted to make it less obvious what the source was. Which worked, because initially it was thought that elance was the source.
Alternatively, it seems possible that more than one source could be involved, and they are only displaying the fields common to all sources.
Alternatively alternatively, they could just be building up to it. The fact they are not displaying stuff does not, unfortunately, prove they don't have it.
and it would be a little unusual / interesting if, after having obtained email addresses, they were not using them.
Put yourself in their shoes - you have harvested a bunch of profiles and you are actively using them to impersonate the people involved (that was the original post). You are, I would contend, hardly likely to draw attention to the fact by emailing the real person from the website where you are carrying on this shenanigans.
You might sell the list, though, for a few extra bucks.
Edit to removed some muddled logic that made no sense
[Edited at 2009-07-22 00:40 GMT]
| | | | | Further investigation (to a limited extent) | Jul 22, 2009 |
In light of the events, regardless of how it happened, I would like to ask for a secure way for us to change our ProZ login names, as soon as possible. As it is now, we cannot do that, that field is locked.
On the other hand, I did some further investigation on the issue.
In the header of the email I got when I performed the "I forgot my password" experiment (see earlier post) was this:
[213.155.5.136] (helo=outsourcingroom.com)
This IP address sho... See more In light of the events, regardless of how it happened, I would like to ask for a secure way for us to change our ProZ login names, as soon as possible. As it is now, we cannot do that, that field is locked.
On the other hand, I did some further investigation on the issue.
In the header of the email I got when I performed the "I forgot my password" experiment (see earlier post) was this:
[213.155.5.136] (helo=outsourcingroom.com)
This IP address shows up in the Melissa database as:
Country NAMIBIA
ISP XMIRRORS - EUGENY GALKIN.
This is in line with the info Uldis posted earlier in this thread.
So, I thought I would take a look at my Visitors log on my profile, to see if I find this IP address. I only searched for the first two numbers, but even then, I found nothing. However, I found this log:
Jul 3 Not Logged In 79.111.191.87 r2606.com Profile 2 Jul 3
What is interesting about this is that this website is a "Reported Attack Site", my ISP is actively blocking it.
See more info here:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://r2606.com/the/?pid=14010
The Melissa data for this IP address is this:
IP Address 79.111.191.87
City MOSCOW
State or Region MOSCOW CITY
Country RUSSIAN FEDERATION
ISP CUSTOMERS BROADBAND AGGREGATION.
Now, the Visitor's log only goes back to 30 days, so my investigation couldn't go back further. However, it would be interesting to see if others could find either of these IP addresses in their visitor's log. I assume the ProZ IT guys could investigate it even further, to see if there was any suspicious activity from this website on the site, as a whole.
(Regarding my own visitors log, I found a lot of crawling activity in the past few days originating from China. But that is probably not related to this particular problem.)
Katalin
[Edited at 2009-07-22 01:19 GMT] ▲ Collapse
| | | | | Thanks, Charlie | Jul 22, 2009 |
Charlie Bavington wrote:
Henry D wrote:
First, they have definitely crawled ProZ.com (or obtained data from someone who has -- doesn't really matter for the purposes of this discussion). (..)
Next, reports may suggest that they have been crawling for some time. As I posted, they are publishing data that, apparently, was once shown in ProZ.com profiles, but that is not on file anymore. Like old usernames (which are distinct from usernames on old profiles.) (...)
Some have suggested backup tapes, former employee, etc. I don't think so. Not because this is impossible, but because the evidence so far does not seem to support that. For one thing, if they had direct access to databases, they would not have had to crawl.
Why limit yourself to a single source. As I said earlier, when someone pointed out her data was very recent, the tape idea doesn't have to be the sole source. One could have acquired a old database copy and supplement the data by crawling.
Third, if they had access to the database, why are some of the fields left blank? As Giuliana said, it would be strange for them to be using some but not all of the data, especially when they have fields for it.
Not if you wanted to make it less obvious what the source was. Which worked, because initially it was thought that elance was the source.
Alternatively, it seems possible that more than one source could be involved, and they are only displaying the fields common to all sources.
Alternatively alternatively, they could just be building up to it. The fact they are not displaying stuff does not, unfortunately, prove they don't have it.
and it would be a little unusual / interesting if, after having obtained email addresses, they were not using them.
Put yourself in their shoes - you have harvested a bunch of profiles and you are actively using them to impersonate the people involved (that was the original post). You are, I would contend, hardly likely to draw attention to the fact by emailing the real person from the website where you are carrying on this shenanigans.
You might sell the list, though, for a few extra bucks.
Edit to removed some muddled logic that made no sense
Good thoughts, Charlie, and all of them have crossed my mind, too. I just consider them less likely, for various reasons. For example, yes, they could be doing clever things like loading up their stolen data only in stages... or holding off on sending any emails out until the time is right... but honestly, their other actions suggest that they are not that sophisticated. Apart from their techniques, the whole idea that one could build a business in this way (a marketplace made up of people who either don't now they are there, or having found out, want out) is, well, indicative of the ethics and level of experience that those behind the site must have.
| | | | | Halaman dalam topik: < [1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Illegal use of data from ProZ.com profile | Protemos translation business management system | Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!
The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.
More info » |
| | Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
