Pages in topic:   < [1 2 3 4 5 6 7 8 9 10 11 12 13 14] >
Another unauthorised directory listing - lingvopoint.com
Thread poster: Chosana Thanabhumi
Maija Cirule
Maija Cirule  Identity Verified
Latvia
Local time: 06:57
German to English
+ ...
The same principle Nov 16, 2014

A British playboy is behind a dating website that uses fake profiles to lure singletons into paying to subscribe.

Billy Thomas runs JDI Dating, a Hampshire-based network of online dating sites including CupidsWand.com and FindMeLove.com.

The 27-year-old boasts online of living in a waterfront apartment, driving a Mercedes and of enjoying holidays in exotic locations like
... See more
A British playboy is behind a dating website that uses fake profiles to lure singletons into paying to subscribe.

Billy Thomas runs JDI Dating, a Hampshire-based network of online dating sites including CupidsWand.com and FindMeLove.com.

The 27-year-old boasts online of living in a waterfront apartment, driving a Mercedes and of enjoying holidays in exotic locations like Mexico and Egypt.

Read more: http://www.dailymail.co.uk/news/article-2836353/Playboy-online-dating-site-using-fake-profiles-lure-singletons-signing-website.html#ixzz3JFLdRBuD
Collapse


 
Julian Holmes
Julian Holmes  Identity Verified
Japan
Local time: 13:57
Member (2011)
Japanese to English
Cached info? Nov 16, 2014

I cannot really envisage a team of people accessing the profiles of all the members and copying and pasting this information. This had to be a systematic hack and data mining operation - smash and grab. This was lax security and a security breach, pure and simple.

OK. Our profiles are 'public' and disclosed since we choose to make this information 'open' to viewers. What bothers me is the ease with which someone can mosey in and trawl all this info and abuse it. Why? Answers please!
... See more
I cannot really envisage a team of people accessing the profiles of all the members and copying and pasting this information. This had to be a systematic hack and data mining operation - smash and grab. This was lax security and a security breach, pure and simple.

OK. Our profiles are 'public' and disclosed since we choose to make this information 'open' to viewers. What bothers me is the ease with which someone can mosey in and trawl all this info and abuse it. Why? Answers please!

And, what about those who make their CVs and resumes available online here? Are they safe?
Collapse


 
Miguel Carmona
Miguel Carmona  Identity Verified
United States
Local time: 21:57
English to Spanish
ProZ does not provide any kind of protection Nov 16, 2014

Lisa Simpson, MCIL MITI wrote:

It's certainly getting to the point where having a profile on this site is proving to be nothing but bad advertising if staff cannot control use of our data.


Exactly my thoughts.

We show so much of our profesional selves on ProZ without any protection provided by the site, that we are left exposed to all kinds of data and identity theft dangers.

The total lack of safeguards in general from ProZ is truly worrisome.

[Edited at 2014-11-16 17:10 GMT]


 
lammersdorf (X)
lammersdorf (X)  Identity Verified
Spain
Local time: 05:57
English to German
+ ...
Data protection Nov 16, 2014

Miguel Carmona wrote:

Lisa Simpson, MCIL MITI wrote:

It's certainly getting to the point where having a profile on this site is proving to be nothing but bad advertising if staff cannot control use of our data.


Exactly my thoughts.

We show so much of our profesional selves on ProZ without any protection provided by the site, that we are left exposed to all kinds of data and identity theft.

The total lack of safeguards in general and response in this situation in particular from ProZ is truly worrisome.


Especially as ProZ promotes and encourages complete profiles. With certain entries missing or not changing anything in a certain time-frame they will prompt you to update/complete your profile each time you log on. Additionally, they offer their guide for a successful profile (or whatever it is called) and emphasize the need of such a profile during trainings, virtual conferences and such.

Given all that, I would definitely expect some effective data protection measures!


 
Susana E. Cano Méndez
Susana E. Cano Méndez  Identity Verified
Spain
Local time: 05:57
French to Spanish
+ ...
To translators living in Spain (2) Nov 16, 2014

Susana E. Cano Méndez wrote:

I'm not sure this copy of our data is a crime, but we can easily report this at any police station following these steps:

1. Go to https://www.gdt.guardiacivil.es/webgdt/pinformar.php (DGT- Delitos telemáticos).

2. Say that you want to report (not only inform).

3. Follow the directions DGT provides to have a copy of the screenshot e-signed as it was made by a witness via e-garante.

4. Fill the form.

5. Print the form, add the e-sign document and other you may add, and report at a police station.

I will do it tomorrow and I will keep you informed. I'm really angry.


I have done every single step described above in my previous post, but I will wait a couple of days to report to the police, since Proz.com has taken some action and the webpage seems to be down now.

I don't have a full resume in my profile, but I will cut it back again.

Have a good day everybody!


 
Paulinho Fonseca
Paulinho Fonseca  Identity Verified
Brazil
Local time: 01:57
Member (2011)
English to Portuguese
+ ...
Displaying CVs/Cover letters/Portfolio Nov 16, 2014

Julian Holmes wrote:

I cannot really envisage a team of people accessing the profiles of all the members and copying and pasting this information. This had to be a systematic hack and data mining operation - smash and grab. This was lax security and a security breach, pure and simple.

OK. Our profiles are 'public' and disclosed since we choose to make this information 'open' to viewers. What bothers me is the ease with which someone can mosey in and trawl all this info and abuse it. Why? Answers please!

And, what about those who make their CVs and resumes available online here? Are they safe?




It is very unsafe. I do not let my CV, etc, online. if client requests it, I will first confirm if that client is real or not. I never thought that would happen on Proz. I expected some safety to protect profiles from being copied and used everywhere...


What concerns me most is, and I have already said that, is the fact that I have invested on a lot on training and finding new clients, and then I find my profile in a %$#@& website with two job reviews.






[Edited at 2014-11-16 16:34 GMT]


 
Thayenga
Thayenga  Identity Verified
Germany
Local time: 05:57
Member (2009)
English to German
+ ...
Theft Prevention Nov 16, 2014

Isn't there a way for ProZ's specialists to prevent copying and/or downloading of profiles, CV's, and any other information? This would allow people only to view the data, but prevent any copying - just like one can protect a PDF from being copied or printed. At least this would make the scammers' job extremely time consuming having to literally write down every single word.

I don't publicly display my business brochures (CV's) so that they are only available upon request.


 
Daniela de Oliveira
Daniela de Oliveira  Identity Verified
Portugal
Local time: 04:57
English to Portuguese
+ ...
I agree Nov 16, 2014

Julian Holmes wrote:

I cannot really envisage a team of people accessing the profiles of all the members and copying and pasting this information. This had to be a systematic hack and data mining operation - smash and grab. This was lax security and a security breach, pure and simple.

OK. Our profiles are 'public' and disclosed since we choose to make this information 'open' to viewers. What bothers me is the ease with which someone can mosey in and trawl all this info and abuse it. Why? Answers please!

And, what about those who make their CVs and resumes available online here? Are they safe?


Exactly. I don't think they went to 43-odd thousand profiles here and copied and pasted them. It looks like hacking and this is what worries me. Of course, if we publish something here, it is available to the public and anyone can copy it. But I don't think it was the case, and I would like to hear from Proz regarding how this was done.



[Edited at 2014-11-16 18:09 GMT]


 
DLyons
DLyons  Identity Verified
Ireland
Local time: 04:57
Spanish to English
+ ...
No human involvement Nov 16, 2014

Daniela de Oliveira wrote:

Julian Holmes wrote:

I cannot really envisage a team of people accessing the profiles of all the members and copying and pasting this information. This had to be a systematic hack and data mining operation - smash and grab. This was lax security and a security breach, pure and simple.



Exactly. I don't think they went to 43-odd thousand profiles here and copied and pasted them. It looks like hacking and this is what worries me. Of course, if we publish something here is available to the public anyone can copy it. But I don't think it was the case, and I would like to hear from Proz regarding how this was done.



It's all done programatically. It's not hard to write a Web crawler that downloads, makes random changes to the "raitings" etc and posts the result to the scammers website.


 
Jessica Noyes
Jessica Noyes  Identity Verified
United States
Local time: 00:57
Member
Spanish to English
+ ...
Their editing Nov 16, 2014

I did not take the time to check out my info on this more recent site, but in the previous one (translation directory) my details had been altered somewhat, and my presentation had been edited substantially so that it was quite different from my ProZ.com profile. Others also mentioned that their information had been changed.
I find this interesting for two reasons: One is that someone is taking time not only to copy and paste the hundreds of profiles, but also to somewhat change each
... See more
I did not take the time to check out my info on this more recent site, but in the previous one (translation directory) my details had been altered somewhat, and my presentation had been edited substantially so that it was quite different from my ProZ.com profile. Others also mentioned that their information had been changed.
I find this interesting for two reasons: One is that someone is taking time not only to copy and paste the hundreds of profiles, but also to somewhat change each and every one of them individually. All this editing involves quite a bit of time on task, and I wonder if this is perhaps to avoid being challenged for directly copying a copyrighted web site.
My second point is that the English being used for this editing, as I recall, was perfectly correct, so the perpetrator was either a native speaker of the language, or a skilled translator into English; not just some techno-geek from a remote country, who might have been able to pull off the data heist, but certainly not the English.
Someone, possibly a translator, has put a lot of effort into this venture. The sad thing is that he or she could probably have done quite well financially by simply using these same skills for legal business and professional purposes.
Collapse


 
Andrea Halbritter
Andrea Halbritter  Identity Verified
France
Local time: 05:57
French to German
+ ...
Complain about identity theft in your country to avoid further problems Nov 16, 2014

I just had a talk to someone who works in the domain of internet security for the police in France. He thinks everyone of us should see the police and complain about identity theft. (I hope I am clear enough, English is not one of my working languages.) It's the only way to avoid further problems if clients command and pay a translation to one of our false profiles.

 
Catherine Howard
Catherine Howard
United States
Local time: 00:57
Portuguese to English
+ ...
Do NOT post your detailed CV or resume on line Nov 16, 2014

Last year, when there was a significant increase in the rate of stolen CVs from translators, I heeded the advice on Translator Scammers Directory at this page:
http://www.translator-scammers.com/translator-scammers-info.htm#protect

It advises us to NOT post our detailed CVs or resumes on line, instead posting only basic information (name, e-mail
... See more
Last year, when there was a significant increase in the rate of stolen CVs from translators, I heeded the advice on Translator Scammers Directory at this page:
http://www.translator-scammers.com/translator-scammers-info.htm#protect

It advises us to NOT post our detailed CVs or resumes on line, instead posting only basic information (name, e-mail, languages, specializations) and offering CVs "upon request." This gives us a chance to vet anyone contacting us.

But others have further warned that e-mail addresses are also increasingly hacked by scammers, so I go a step further and don't post my e-mail but, rather, my website, where there is a Contact form that serious people can use. This is what more and more agencies are doing, since they too are increasingly wary of any e-mails, after seeing a big spike in the number of scammers impersonating real translators, to the point where the agency doesn't have time to try to sort out the scammers from the legit translators. Many of them too accept only messages through a contact form on their website.

This makes it harder for us to market ourselves, but probably as scamming becomes yet more pervasive and more professionals use contact forms on their own websites, we will eventually adapt. In the meantime, it's incredibly frustrating.

P.S.: Intriguing detail -- I tried to copy the section from the Translator Scammers Directory about how to "Protect yourself from this scam" and paste it here as advice. Guess what? The webpage was protected against any kind of copying! That's right: it's a public website that anyone can read *but no one can copy it*!! This is exactly what Proz.com should consider doing for all of our profiles.

I'll be following the follow-up on this sad saga with great interest...


[Edited at 2014-11-17 03:04 GMT]
Collapse


 
DLyons
DLyons  Identity Verified
Ireland
Local time: 04:57
Spanish to English
+ ...
You mean this? Nov 16, 2014

Catherine V. Howard wrote:

P.S.: Intriguing detail -- I tried to copy the section from the Translator Scammers Directory about how to "Protect yourself from this scam" and paste it here as advice. Guess what? The webpage was protected against any kind of copying! That's right: it's a public website that anyone can read *but no one can copy it*!!


[Edited at 2014-11-16 20:31 GMT]



NEVER allow anyone to "market" your CV! Scammers don't want to "market" you! They just want to use your professional credentials (because they have NONE) to market THEMSELVES!

DO NOT publish your full CV online. And NEVER publish your professional credentials (like diplomas) online. Publish ONY a very basic PDF version of your CV: Name, email, working languages and main specializations, and a note that your full CV is "available on request"!

ALL document scans (diplomas, ID documents, etc.) should be sent with protection features to avoid being abusively used by scammers: a stamp or watermak placed over your name and photo (SEE THIS EXAMPLE). Remember: if you send scans of your documents to scammers, they will be forced to use your name in their impersonation (to match your documents), but the scam will also become more credible to unwary victims.

Insert an updated photo on your CV and ask your prospective clients to confirm each other's identity on Skype via video chat (or, at least, via mobile phone): scammers get real scared when asked to talk on Skype (phone or camera), and they'll give you all sorts of excuses, like "bad line", "camera broken", "I'm driving", "no camera", "I have a sore throat", "I don't use phone for business, just email"...

Register your own domain. It's not as expensive as you may think! Even if you don't plan to have your own website, your own domain will give you your own email server!

For all your business operations, use only emails addresses from your own email server (or, at least, from your ISP), as it's impossible for anybody else to use them.

Whether you own your email server or use an ISP or even a free email account, publish a notice (online and on your CV) with your legitimate address(es).

Lookup the email sender's IP and run a geographical search here: utrace.de. Or, trace the source IP address of an email based on the email headers (where did the email come from) here: http://www.cyberforensics.in/OnlineEmailTracer/index.aspx. Note: Emails sent from Gmail will ONLY trace back to Google IP addresses (in the USA).

If it's online it's copyable in some way!I


 
Thomas T. Frost
Thomas T. Frost  Identity Verified
Portugal
Local time: 04:57
Danish to English
+ ...
Not copy protected Nov 16, 2014

Catherine V. Howard wrote:

P.S.: Intriguing detail -- I tried to copy the section from the Translator Scammers Directory about how to "Protect yourself from this scam" and paste it here as advice. Guess what? The webpage was protected against any kind of copying! That's right: it's a public website that anyone can read *but no one can copy it*!! This is exactly what Proz.com should consider doing for all of our profiles.



I could copy and paste that section without problem with Ctrl+C and Ctrl+V (Windows).
I could also view the page source html, and from there, you can extract anything you want.

When your browser shows the page, it is because the server has sent a copy of the page to your browser, so the page is already copied to your browser's cache when you see it.

There are perhaps methods to make it more difficult to mass copy contents, but it is an illusion to think that it is possible to display information to the public and make it impossible to copy it. It would be possible to design a browser that refuses copying, but people who pirate sites would simply use another program to access the data. All they have to do is to find the URLs via the directory, then send off one GET request after another to the server. If they do that in short bursts, it is more difficult for the server to detect intensive use from a particular IP address. Proz support staff would be able to analyze the server log and detect the pattern of copying.

Some have said it is hacking, but hacking is when someone gets access to non-public parts of the system. There is no reason to believe that has happened, as nobody has mentioned private data having been copied.


 
Ward Whittaker
Ward Whittaker  Identity Verified
Brazil
Local time: 01:57
Portuguese to English
What is Proz going to do ? Nov 16, 2014

Is Proz actually going to weigh in on this and help us protect our livelihoods or are they going to do nothing as usual ?

 
Pages in topic:   < [1 2 3 4 5 6 7 8 9 10 11 12 13 14] >


To report site rules violations or get help, contact a site moderator:

Moderator(s) of this forum
Lucia Leszinsky[Call to this topic]

You can also contact site staff by submitting a support request »

Another unauthorised directory listing - lingvopoint.com







CafeTran Espresso
You've never met a CAT tool this clever!

Translate faster & easier, using a sophisticated CAT tool built by a translator / developer. Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools. Download and start using CafeTran Espresso -- for free

Buy now! »
TM-Town
Manage your TMs and Terms ... and boost your translation business

Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.

More info »