WordPress.com Using Publishers' Content to Promote Scams

Tuesday, 17 December 2019
Bob Leggitt
"Free Plan" WordPress.com publishers are unwittingly helping to drive their visitors into the hands of "cyber-crooks".

It was once a blogging platform of quality and integrity. Who would have believed, back in 2010, that a brand like WordPress.com would turn into a get-rich-quick scam site? I never foresaw it. But if you have content hosted on WordPress today, and you're not paying for a "No Ads upgrade", the once illustrious platform is now using the pages you created to serve some of the most shameful, disgusting get-rich-quick ads the Internet has ever seen…

EMILY MAKES £7,472 AN HOUR...

Scammy ads on WordPress.com
"Emily makes £7,472/hour"

Claims one ad's headline. And the claim continues…

"We need 10 minutes of your time. You'll make £7,472 an hour from now! We'll guide you how safe&simple that is [sic]. Do NOT miss out!"

This article could end here, since the notion that a no-experience-required task categorically promising £7,472 per hour would not be a scam, is in itself preposterous. I mean, seriously… Who earns £7,472 per hour???… Emily does, apparently. But let's not end the article here. Let's look at what's actually happening…

These WordPress ads can appear many to a page. I've counted up to sixteen on a single blog article, with the units in the sidebar, on a pop-over, in multiple below posts, and in multiple between paragraphs. Sometimes the ads vary, but it's not unusual to see the same ad repeated as many times as the length of the content will allow. It's maximum brute force, and if this is WP's idea of a "beautiful blog", I'd hate to see what an ugly one would look like…

The worst of WordPress.com

If you're a WordPress.com user, you'll need to log out in order to see which ads are being served, because the site never shows them to anyone who's logged in. It's a good idea to use a different browser too, with cookies disabled. And finally, of course, make sure your browser is not blocking ads.

THE TECH

Each ad unit runs in an iframe, and the iframes don't show in the main page source code. However, if you investigate the contents of each iframe, you find a script which will, when the ad is clicked, initially direct you to pubmine.com. Pubmine.com is WordPress's own referral domain, which serves two purposes…

  • Obfuscates the final destination of the ad click at the clicking stage, so that those clicking the ad can't see where they're going to end up.
  • Allows WordPress/Automattic to track the click and collect information about it.

After a transient pubmine.com glance, anyone clicking the ad is next redirected through reahash.com - evidently another tracker, which is also involved in the serving of the ad. Finally, with the "£7,472" ad I investigated, I was again redirected, and ended up on horizonsettler.com (omnious trust rating here). The whole multi-redirect process is automatic and only takes the blink of an eye. But on the final destination page, I found a sign-up form for The Tesler App, to which I'll return in a moment.

I should first note, however, that the text appearing in these ads is actually hard-written into the scripts on the WordPress.com page…

WordPress.com ad code baked into page

Although the ads look like banners, their composition is really a photo served from reahash.com, and then the separate text, which is integrated into the JavaScript code on WordPress. And the labelling in the code refers to the ads as "native". So this particular ad's fantastically far-fetched claim, which WP obviously knows is false, is not something the platform can plausibly deny being aware of. Natively, WordPress are saying it's possible to earn £7,472 per hour. And they're not saying you might - they're saying you will.

But the Tesler App sign-up page doesn't think £7,472 per hour sounds realistic. It instead opts to promise a comparatively meagre $237 per hour…

Tesler app

SCAM REPORTS

So now you've been conned onto a site, by WordPress, with a false advertisement, which even the advertiser has instantly confirmed was false, it's all legit, right?…

Not if the search results on DuckDuckGo are correct, no…

Tesler search DDG

If you dig into that lot, you quickly discover that the only articles claiming The Tesler is not a scam, are the ones trying to sign you up to it. The rest of the commentary is a Grade A deluge of scam accusations.

As soon as you begin to cross-ref the revelations, you instantly see that the advertiser is bent. For a start, they've stolen the photos for their "testimonials" (nice), and they're claiming to be on both Google and Apple's app stores, when they're blatantly not. This is stuff you can instantly check out for yourself, without signing up. And signing up is absolutely NOT recommended. The only amount of information you should ever give to people whose claims do not pass a reality check, is none at all. I wouldn't even hit their page without the protection of Tor and NoScript. That's why their site thinks I'm in Germany.

The scam investigation reports reveal that the scheme is a straightforward advance fee racket, citing that you have to hand over £hundreds before you get your "free money". And let's be honest - how many times has that scenario EVER ended well? As I said before, there was never any need to investigate something as stupid as an "Earn seven and a half grand per hour sitting on your arse at home" ad. But if you do want full details, these articles explain exactly what the deal is… Or rather, isn't. The top one is particularly well presented.

https://www.binaryscamalerts.com/tesler-app-review-scam-software/

https://fxaxe.com/binary-options-scam/tesler-app-review/

The ad I've referenced in this post is not an isolated one-off. WordPress.com is crawling with this get-rich-quick shit. And worst of all, every one of these "fast cash" japes appears to be targeting women…

The worst of WordPress.com

Trying to bait and exploit women with offers of "free/fast money" on the internet is nothing new, but when you find a formerly reputable business doing it like it's just the latest trend, it takes on worrying societal implications. Is this the new normal?

If a company of Automattic/WordPress's stature thinks it's acceptable to target anyone with stuff that's well documented as fraud, we have to wonder who we possibly can trust on the internet of the twenty-twenties. But when that company specifically pitches known scams at women, there's an additional undercurrent of male chauvinism and misogyny that only magnifies the concern.

If WordPress.com is happy to promote known scams, how safe is the personal information users have given to the huge platform? At the very least I'd say it would no longer be particularly wise to hand any bank information to WordPress. Clearly, they are no longer a trustworthy business. And since Automattic has now acquired Tumblr, I'd suggest the same caution with Tumblr too.