Welcome to Earthlink, where security is something we…wait, what does that word mean again?

Welcome to Earthlink LiveChat. Your chat session will begin in approximately 1 minutes. Feel free to begin typing your question.
‘Michael’ says: Thank you for contacting EarthLink LiveChat, how may I help you today?

Me: You have been hosting a “phish” page that is intended to steal sensitive financial information from people for more than two months.

Me: Repeated emails to your support and abuse addresses have been ignored.

Me: Months later, the phish site is still active on your network.

Me: Who do I need to call to get you to take responsibility and clean up your network?

Michael: What phishing site are you referring to?

Me: http://aolqr.com/_cqr/login/?Login=&Lis=10&LigertID=1993745&us=1

Me: Went live on June 18, first notified abuse about it on June 20, have since sent a number of emails to support and abuse addresses.

Michael: Have you tried to contact 1-800-955-0186?

Me: I have not. Is this standard accepted practice for notifying Earthlink of phish sites?

Me: Can you explain why your abuse and support email addresses don’t appear to be read?

Michael: What abuse address are you sending the reports to?

Me: abuse@earthlink.net, support@earthlink.net

Me: These are the abuse addresses defined in the ARIN Whois information and at abuse.net

Michael: I am not sure why our Abuse department has not responded, but it is best you contact the number I gave you

Me: OK, I will give them a call. Let me say, though, that I am extremely disappointed by Earthlink’s lack of responsiveness and willingness to permit this kind of flagrant network abuse.

Chat session has been ended by the agent.

Welcome to Earthlink LiveChat. Your chat session will begin in approximately 2 minutes. Feel free to begin typing your question.
Please hold for an agent. While you are waiting, please feel free to begin typing your issue in the box below. Try to be as descriptive as possible. Once an agent is assigned to the chat, click SEND to transmit what you have typed.
‘Michael’ says: Thank you for contacting EarthLink LiveChat, how may I help you today?

Me: I just spoke to you about the phish site you were hosting. The 800 number you gave me to call directed me to a recording telling me to use the support chat, and disconnected.

Me: So, your abuse email doesn’t work and neither does the phone number. Any other ideas?

Michael: Can you please try again

Me: Try the phone number again?

Michael: i am not sure why you cannot connect to the number I gave you, as we have persons right now ready to take your call

Michael: yes

Me: I’m calling right now, ending up in a voicemail system. I am not an existing customer, I have not recently placed an order.

Michael: What is the system asking you for?

Me: The phone number associated with my account.

Michael: Just provide your phone number

Me: I say “none,” and I hear a recording about “We are experiencing high call volumes. Please call back later or use our online support at support.earthlink.net”

Michael: Try 1-888-3278454

Me: Ah, now someone is on the phone.

Michael: great

Michael: Thank you for using EarthLink LiveChat. Should you need further assistance, please contact us again.

Chat session has been ended by the agent.

(A long and frustrating conversation ensues, in which I try to explain to a person whose native language is not English what a “phish” site is and what the Web domain in question is)

Guy on phone: I do not see anything on that Web site.

Me: The top level of aolqr.com doesn’t give you anything but a 403 Forbidden. You have to go to http://aolqr.com/_cqr/login/?Login=&Lis=10&LigertID=1993745&us=1 to see the phish.

Guy on phone: Please hold.

Bad hold music plays…

Guy on phone: What company are you working for?

Me: Huh?

Guy on phone: I have been instructed to ask, what company are you working for? What is the name of your company?

Me: I’m not working for any company. I’m trying to tell you about a phish site on your servers.

Guy on phone: Please hold.

More bad hold music plays…

Guy on phone: I have spoken to our engineering team. They have inactivated the Web site.

Me: *does a little dance*


Seriously? This is abysmal. A (quasi-)reputable Web hosting firm that allows phish sites to remain active for months on its network, doesn’t pay attention to abuse reports, and makes people call on the phone to report phish pages? Now that estdomains.com is no longer the bad guys’ go-to for one-stop Internet fraud, it’s nice to see a domestic company like Earthlink stepping in to fill the gap.

I suppose I shouldn’t attribute to malice what can adequately be explained by stunning, jaw-dropping, jesus-christ-you-have-got-to-be-kidding-me incompetence, but still. Past a certain point, any sufficiently advanced incompetence is indistinguishable from malice.

22 thoughts on “Welcome to Earthlink, where security is something we…wait, what does that word mean again?

  1. Incompetence

    [A]ny sufficiently advanced incompetence is indistinguishable from malice

    It seems to me that ought to be printed on T-shirts and sold (at least to sysadmins/netadmins!). (Perhaps with suitable reference to the original, which is also appropriate for most sysadmin/netadmin work….)

    Sadly I’ve pretty much given up trying to report such things due to the general disinterest around in fixing them. So I very much admire your persistence in reporting it (including a complex URL via phone!) and getting it taken down (at last).

    Ewen

  2. Incompetence

    [A]ny sufficiently advanced incompetence is indistinguishable from malice

    It seems to me that ought to be printed on T-shirts and sold (at least to sysadmins/netadmins!). (Perhaps with suitable reference to the original, which is also appropriate for most sysadmin/netadmin work….)

    Sadly I’ve pretty much given up trying to report such things due to the general disinterest around in fixing them. So I very much admire your persistence in reporting it (including a complex URL via phone!) and getting it taken down (at last).

    Ewen

  3. But I don’t think it really is incompetence; I think it’s negligence and laziness. I have seen this type of behavior over and over again in several different forms in different types of institutions. It’s not that the people are incapable of doing what you want, it’s that they hope that the more hoops you have to jump through the more likely you’ll just drop it and then they won’t have to do any work.

  4. But I don’t think it really is incompetence; I think it’s negligence and laziness. I have seen this type of behavior over and over again in several different forms in different types of institutions. It’s not that the people are incapable of doing what you want, it’s that they hope that the more hoops you have to jump through the more likely you’ll just drop it and then they won’t have to do any work.

  5. I join in the last sentence love. I wear an extra-large.

    Just finishing Michael Shermer’s The Mind of the Market. In the chapter “Do No Evil”, he points out that the structure of the organization can lead to that organization’s evil, be it by pitting departments against each other with sufficient stakes (“encouraging competition”), or by dividing the task responsibilities enough to prevent any manner of transparency. Sounds like Earthlink might be victim of the latter.

  6. I join in the last sentence love. I wear an extra-large.

    Just finishing Michael Shermer’s The Mind of the Market. In the chapter “Do No Evil”, he points out that the structure of the organization can lead to that organization’s evil, be it by pitting departments against each other with sufficient stakes (“encouraging competition”), or by dividing the task responsibilities enough to prevent any manner of transparency. Sounds like Earthlink might be victim of the latter.

  7. Ooh, I’ll have to check that one out. I love Michael Shermer (I trust you’ve read “Why People Believe Weird Things” and “The Science of Good and Evil”?).

  8. Past a certain point, any sufficiently advanced incompetence is indistinguishable from malice.

    Yeah, you’ve just explained several arguments I’ve had over various Presidential administrations in a single sentence. Thanks.

  9. Past a certain point, any sufficiently advanced incompetence is indistinguishable from malice.

    Yeah, you’ve just explained several arguments I’ve had over various Presidential administrations in a single sentence. Thanks.

  10. Earthlink have long been known in the anti-spam community as a deliberately clueless spam-friendly company. They’ve been at the very least grey-hat (as in, not quite black-hat) for years.

  11. Earthlink have long been known in the anti-spam community as a deliberately clueless spam-friendly company. They’ve been at the very least grey-hat (as in, not quite black-hat) for years.

  12. “any sufficiently advanced incompetence is indistinguishable from malice.”

    Beautiful words! My gods, how many times I’ve tried to tell people this but not been able to find the words for the concept and ended up with awkward ranting around the bush. I’m quoting this from now on. ^_^

  13. “any sufficiently advanced incompetence is indistinguishable from malice.”

    Beautiful words! My gods, how many times I’ve tried to tell people this but not been able to find the words for the concept and ended up with awkward ranting around the bush. I’m quoting this from now on. ^_^

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.