Sponsored by..

Showing posts with label BizSummits. Show all posts
Showing posts with label BizSummits. Show all posts

Wednesday, 19 July 2017

BizSummits / ExecSummits make legal threats over a blog posting they admit is true

I've been writing about BizSummits LLC and their former habits of being rather spammy for a few years now. In fact, the first spam I ever received from them was nearly a decade ago.

To: "James Studer" [JStuder@[redacted]]
Date: Tue, 6 Nov 2007 09:30:40 -0500
Subject: James, question.

Hi James. On behalf of our board, I wanted to personally invite you into
The CIO Summit because of your key role and experience.

The CIO Summit is an invitation-only group comprised of the very best
executives and visionaries in technology management. We meet monthly by
teleconference to exchange what is working, what is not, strategies and
ideas. It is a confidential forum with dedicated groups of other
successful IT executives whose only agenda is to help each other
outperform.

I am certain you will find the experience both enjoyable and useful in
your efforts. Here is our site as background, www.TheCIOSummit.net, if
you could take a look and please let me know of your decision. Thanks,
James.

Sincerely,

Chris Jameson
The CIO Summit
1200 Abernathy Road., 17th Fl.
Atlanta, GA 30328
404-592-9904 Ext. 81
Mail back to decline further.
Chris@TheCIOSummit.net
www.TheCIOSummit.net
I am not James Studer - that name appears on this web page and it had been harvested by BizSummits who then guessed a valid email address to send to. Over the past decade it seems that this marketing technique has not really changed that much.

Apparently after all these years, BizSummit is still in business and they seem rather cross with me about this blog posting I made some time ago.

(click to enlarge)
Let's go through this threat step-by-step.
We have written you several time sby email about one of your blog postings blow. Again could you archive it or at the very least redact the words, "It's a fake!"?
So.. they're upset about something I've written and would like me to remove it. Or change it. It seems like a reasonable proposition, but as I will come to later the suggestion of editing the post to remove words is fraught with danger.
The main issue is that web searchers see a truncated version of your blog title which makes it appear that our entire organization is, "a fake" and most do not click/read further to see that your complaint is actually just referring to unlicensed photos that were incorrectly used as placeholder images by our past marketing director (corrected within days of your blog posting). Here is what most web searchers see:

Now it must be said that I can't get the snippet to display exactly like that, but Google does display a similar snippet. But if BizSummits / ExecSummits think that this it not accurate, then the complaint must be made to Google. Crucially, it also confirms the accuracy of the blog posting.

As far as I can tell the website was designed in 2012 and I wrote my post about the "placeholders" in 2014, but you know I've probably had pages somewhere that have been under construction for 20 years or so, so I'm not going to criticise the length of time that "placeholder" photos may have been there.
In addition, you then approved multiple postings by a past employee of our TechSummits.org division who had been terminated for theft shortly before the postings. Michael H[redacted], both in his own name and in the name of multiple newly created aliases and friends, posted false allegations and experiences to that he could use your blog to steer our clients to competing events. We terminated him when we discovered that he was a convicted felon ( https://goo.gl/[redacted]), that he had stolen money from our TechSummits.org division by telling our clients that our company name had changed and to send checks to his home address ( https://goo.gl/wj6uxq ), and once you approved his false posts he then sent your blog link to every prospect of ours asking that they switch to his own company now out of business ([redacted]) while you did not post some of our posts. Note that in the second link we took legal action against  him in US Federal Courts and he consented in writing to have all the false blog postings in his and alias names (including you approved) stricken.
I redacted the other parties name here (although it is obvious from the court documents linked to below) for a few reasons. Firstly they allege that Mr H was previously convicted of a felony, and they sent a link about an indictment of somebody of the same name as Mr H, but residing in a different state. So the allegations do not prove anything, and even if they were true they do not mean that Mr H conducted a felony in this case.

Crucially, this case (1:15-cv-03199-MHC) which can be found here: [Docket] [01-Main] [01-1] [02-main] [02-1] [02-2] [02-3] [02-4] [02-5] [02-6] [02-7] [02-8] [03] [04] [05] [06] [08] [10-Main] [10-1] was settled out-of-court with no admission of wrongdoing from either party, but an undertaking was made by Mr H to remove anything he may have posted that was in scope of the agreement. The case itself makes quite interesting reading, but of course you must always remember that allegations made in a court of law are not necessarily true.

This paragraph also makes an incorrect assertion against me: "and once you approved his false posts he then sent your blog link to every prospect of ours .. while you did not post some of our posts.". In fact TechSummits / BizSummits / Michael Price and his employees have never had comments blocked unless they were duplicates (which can happen). They've always had a full right of reply, and furthermore the comments belong to those who wrote them, not to me. It goes on..
Given the misleading blog title truncation that appears in all search engines, all the corruption/abuse above, and the fact that your blog posting is rife with inaccurate postings that you approved we respectfully ask you to archive it so that it is no longer searchable or at the very least make the title edit above and strike his false direct and alias posting where the falsities you approved are causing us great reputational damage. I am sure it was never your intention to aid and abet a known felon, nor be an accessory to any libel by approving false postings especially now that you are aware they are false, not were you aware of the approved US Federal Court Motion to have such false blog postings removed.
So this is the point of the threat where the established facts, possible facts and assertions made so far are synthesised into something vaguely threatening.

Again, search engines are blamed for truncating the blog and making it appear to be misleading. This is a problem with the search engine. Of course they would like the blog removing as it highlights past wrongdoing, or they would like it to be edited (and I will come to that part shortly).

BizSummits alleges that the comments made by Mr H are false, but in the case in question does not actually have a US Federal Court Motion to have postings removed, there is merely an agreement to do so between the plaintiff and the defendant. If the defendant did not take those actions, then it is a matter for the plaintiff and defendant to resolve directly. It is worth noting as well that this case was administratively closed by the court.

BizSummits also stretches the definition of a "felon" to include Mr H's supposed past transgressions and implying that this civil case also found Mr H guilty of a felony. It did not.

No libel has been proven, no felony has been proven and furthermore BizSummits / ExecSummits have not even specified the comments in question. As such, BizSummits fall way short under UK law of establishing any cause or valid complaint.

In my personal opinion, this argument is hypocritical anyway. BizSummits / ExecSummits are arguing that Mr H should be forever judged against his [unproven] wrongdoings in the past, and  yet they should not be judged for theirs. Hmmm.
Please let us know your decision (email is fine) so that we can decide if your changes resolve the matter or if additional steps must be taken in the UK to make this right. We are required per UK law to provide you with 30 days written notice. Thank you for your consideration.
BizSummits admit here that UK law is the proper venue, and that means the Defamation Act of 2013.  In fact this is not the first time they have mentioned the Act. In November 2016 they threatened the use of it as well:
Hi Conrad, could we kindly ask you to archive the "It's a Fake!..." blog post or at the very least edit out the defamatory "It's a Fake" words in the title which is highly misleading and libelous? We have offered you definitive proof in our 4/10/2014, 1/21/2015, and 6/5/2015 replies. You can also pick out any past speaker or meeting date on any of our sites and we can provide you with both the recording of the meeting and the pdf summary of the meeting and even the speaker's contact info if you wish to independently verify which would be impossible to do if "It's a Fake" as you wrote.  A majority of the negative postings on your blog were from a terminated employee/contractor who launched a competing company while we were paying him then used fictitious profiles created the day of each posting in other's names to appear as if multiple people were complaining. We addressed the unlicensed photos issue within days of your original posting and confirmed back to you at that time (taking corrective action based on your feedback). When executives research us before joining they come across your blog title "It's a Fake" and then opt not to join that group which causes our group serious economic harm (some of our group members are in the UK) and deprives those who elect not to join of some really good speakers and ideas. We have provided you with absolute proof that your blog title "It's a Fake" is untrue, libelous, and violates the UK Defamation Act of 2013. You definitely made your point about the unlicensed photos oversight and we corrected it in days. Thank you very much for your kind consideration. 
This email from Kristin Johnston specifically mentions that Act, and although it somewhat contradicts the letter from Shelly Fitzgerald, it does assert the point that they have been given free reign to comment on the posts I made. This rather makes the two communications contradictory, and again Ms Johnston admits that the content of the blog posting in question was true.

Regardless of any assertions by BizSummits, the whole point is moot because under UK law there is a 12 month limit on pursuing a libel claim from the date of publication, and that limit expired on 30th March 2015 (more than two year ago). BizSummits were certainly aware of the post in April 2014. Furthermore, the last comment that could be ascribed to Mr H was made in August 2015 which is clearly more than 12 months ago. And in any case, BizSummits / ExecSummits themselves admit that the post is true. That's a pretty weak position to threaten a libel action from.

So let's go back to the options that are being offered, change the posting or remove it. Well, for the former Admiral Akbar probably says it best..


Altering a blog post may seem like a reasonable compromise, but altering it effectively means republishing it. And if you are dealing with a vexatious litigant, then republishing can effectively reset the 12 months statute of limitations. I'm not saying necessarily that this is BizSummits intent, but its definitely a pitfall worth avoiding.

It isn't the first time that BizSummits have threatened legal action either. A case here documents not only the threat but also catalogues several other similar threats. Indeed, a simple search for "BizSummits" comes up with a large amount of uncomplimentary material from independent sources.

In my opinion, BizSummits's assertions are without merit, unfair and stretch legal arguments to their breaking points. Of course, if Mr H or anyone else verifiable would like their own comments removing then I will see what I can do. At the moment, that is the offer on the table.

Postscript

While poking around PACER I found a case from 2005-06 where Mr Price and BizSummits LLC were the defendant in a case 2:05-cv-02257-KHV-JPO - Graceland College Center for Professional Development and Lifelong Learning Inc v. Price. That case was settled out of court when the two parties compromised (i.e. again there was no admission or assignment of wrongdoing). There are a lot of documents but the crux of the complaint makes interesting reading, found here [21] [21-1] [21-2] [21-3] [21-4] [21-5] but bear in mid that the case was dismissed without prejudice [40].

For legal masochists and what with PACER fees being what they are, all the other documents are here (and for some reason the docket numbers don't quite seem to match the downloaded documents): [Docket] [01-Main] [01-1] [01-2] [01-3] [02] [03] [05] [06] [07-Main] [07-1] [08] [09] [10] [12] [13] [15] [17-Main] [17-1] [18] [22] [25] [26] [27] [28] [29] [31] [32] [33] [34] [36] [38].


Tuesday, 27 October 2015

BizSummits aka ExecSummits LLC whacks former employee with lawsuit

I've written about BizSummits aka ExecSummits LLC many times before, exposing their habit of sending spam (which I haven't seen any of lately to be fair) and other questionable business practices. By accident I discovered that in September, ExecSummits file a lawsuit [Techdirt] against former employee Michael Healy.

Techdirt does a reasonable job at bringing together various bits and pieces to explain what is occurring and the background to the story. Worth a read IMO.

PACER fees being what they are, I've uploaded the documents for 1:15-cv-03199-MHC here [zip] if you want to have look.

Tuesday, 22 September 2015

(More) Domains and businesses associated with Michael Price of BizSummits

Following on from this post, here are some business and domains closely associated with Michael Price of BizSummits, presented without comment for research purposes only.


COO Summit
cooleaders.org

Hiring Spring
hiringspring.com

Exit Partners LLC
exitpartners.net

Exact Leads
exactleads.com

VisitorLeads
visitorleads.com

ListK
listk.com

LoudJob
loudjob.com

Franchisee Funnel
franchiseefunnel.com

Supply Chain Summit
supplychainsummit.org

Hospital Growth Summit
hospitalgrowthsummit.org

CFO Summit
cfosummit.org

Safety Management Summit
safetysummit.org

Project Management Summit
projectmanagementsummit.org

CMO Summit
cmosummit.org

PR Summit
prsummit.org

Corp Summits
corpsummits.com

Quality Management Summit
qualitysummit.org

Corporate Counsel Summit
corporatecounselsummit.org

Executive Summits
execsummits.com

BizSummits
bizsummits.org

Marketing LeadFunnel
marketingleadfunnel.net

Meeting Setters
meetingsetters.com

CEO Ventures
ceoventures.com

HR LeadFunnel
hr-leadfunnel.com

Survey Executives
surveyexecutives.com

iListK
ilistk.com

IT LeadFunnel
itleadfunnel.com

Finance LeadFunnel
financeleadfunnel.com

GoPresent
gopresent.com

AffluentNames.com
affluentnames.com

Documents.me / Nouvou, Inc.
documents.me

AngelPool
angelpool.org

Critical Fit
criticalfit.com

HR Summit
hrsummit.org

Corp Venturing
corpventuring.com

PlugMeIn
plugmein.com

Retargetable
retargetable.com

LeadFunnel
leadfunnel.com

Pathfinder Careers
pathfindercareer.com

The Sales Management Association
salesmgtassoc.org

Executive Angels
executiveangels.net

CareerLeaper
careerleaper.com

Packed Events
packedevents.com

TeamEx
teamex.com

iCirc
icirc.net

HR Management Association
hrmanagementassociation.org

Product Conception Group
productconception.com

Friday, 5 June 2015

Some domains belonging to Michael Price of BizSummits

Here are some domains belonging to Michael Price of BizSummits. Just saying.

hiringspring.net
logistics-summit.com
supplychainsummit.net
acr-clnt1.com
opendetail.com
itsecurityshow.com
lawpathfinder.net
esquirecareers.net
checkdetailz.com
bayareatechsummit.com
hospital-growthsummit.org
theproductdevsummit.net
powerbizdev.com
prexecutives.org
goldcoastsummit.com
hartfordsummit.org
tampatechsummit.com
jacksonvillesummit.com
miamisummit.org
atlantatechsummit.com
knoxvillesummit.org
nashvillesummit.org
sandiegotechsummit.com
orangecountysummit.com
lasummit.org
portlandtechsummit.com
seattletechsummit.com
denversummit.org
phoenixsummit.org
nytechsummit.org
providencesummit.org
bostonsummit.org
worcestersummit.org
portland-summit.com
cfobestpracticesroundtable.com
orlandosummit.com
cfo-summit.com
the-trainingsummit.net
thefinance-list.com
procurementsummits.org
procurementleadership.org
biz-summits.com
customerservicesociety.org
risk-summit.net
backupsite.biz
alturls.net
serveurls.net
servesites.net
arja.org

Saturday, 14 February 2015

Spammer: Brad Smith / Unicore Health / unicorehealth.net / unicorehealth.com

This slimed its way into my mailbox:

From:    Brad Smith [sales@unicorehealth.net]
To:    Morgan Stanley [mstanley@redacted]
Date:    11 February 2015 at 15:24
Subject:    Morgan, HR related question

Hi Morgan, could you let me know a time we could talk in the next few days? For HR managers we measure and video the essential functions and physical requirements of each key job so that clients like Coca-Cola and Publix can reduce their hiring risk and job injury risk. I thought you would like to quickly view the process, some interesting examples, and how to use them in your role. Just let me know a time that works in your schedule and I will confirm back, talk then!


Regards,
Brad Smith
VP, Product Management
Unicore Health
sales@unicorehealth.net
www.unicorehealth.net

This message is confidential and intended only for the original recipient. If you have received this message in error, please delete it or mail us back with re move in the sub ject. If any follow-up is needed I show your contact information as Morgan Stanley, mstanley@redacted   and our address if needed is 3200 Downwood Circle, Ste 410, Atlanta, GA, 30327. Thank you.
Morgan Stanley? They must mean this Morgan Stanley. How did they confuse me with Morgan Stanley? Because I mention them on my website here. Now, I only know of one company that sends spam like this.. but more about them later.

Let's check the veracity of the message.. first, the mail headers.

Received: from [63.134.229.186] (port=1355 helo=mail.unicorehealth.net)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <sales@unicorehealth.net>)
    id 1YLZ9H-0001CT-C2
    for mstanley@redacted; Wed, 11 Feb 2015 15:24:20 +0000
Received: from 31617334.unicorehealth.net
        by mail.unicorehealth.net (Right Sender 3.3) with ASMTP id YRJ55117
        for <mstanley@redacted>; Wed, 11 Feb 2015 10:24:17 -0500
Message-ID: <20150211102412.2e7c8b6c6f@6e5d>
From: "Brad Smith" <sales@unicorehealth.net>
To: "Morgan Stanley" <mstanley@redacted>
Subject: Morgan, HR related question
Date: Wed, 11 Feb 2015 10:24:12 -0500
X-Priority: 3
X-Mailer: SMTP-Mailer 3.4
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of sales@unicorehealth.net designates 63.134.229.186 as permitted sender) client-ip=63.134.229.186 envelope-from=sales@unicorehealth.net helo=mail.unicorehealth.net
X-BlackCat-Spam-Score: -10
X-Mythic-Debug: Threshold =  On =
X-Spam-Status: No, score=-1.1
We can see that the SPF record for unicorehealth.net matches it to 63.134.229.186. The domain unicorehealth.net is also hosted on the same IP, so we can be reasonably assured that this is not a forgery. Let's look at the WHOIS details for that domain..

Registrant Name: Brad Smith
Registrant Organization: Unicore Health
Registrant Street: 3200 Downwood Circle
Registrant Street: Suite 410
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30327
Registrant Country: United States
Registrant Phone: +1.6785226363
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: bsmith@unicorehealth.com


This links unicorehealth.net with unicorehealth.com. Indeed, we can find "Bradley Smith" on the unicorehealth.com web site.


I emailed Mr Smith back twice and asked him how he came across the email address. He didn't bother to reply.

Previously I mentioned that I have seen this type of spam before from one particular company, BizSummits, run by Michael Price. In particular, they look for potential names on a website and then spam them, a technique that is highly inaccurate but does seem to be relatively successful nonetheless.

Now, Unicore Health is not BizSummits. But they both use a virtual office address in Altanta, about ten miles apart. So perhaps there is some personal connection between the two businesses or the people behind them.

One of Mr Price's other businesses is called PlugMeIn  (plugmein.com), which claims to reveal the email addresses of key people on certain websites. If this uses the same approach as the BizSummits spam, then it might well be just as inaccurate. And perhaps Unicore Health is using PlugMeIn technology to find email addresses.

But since Brad Smith didn't bother to reply to me, I can't tell if this spam was the result of faulty software, a bad email address list or just plain stupidity. Personally, I won't be buying anything from them soon.

UPDATE - January 2017

For various reasons, I ended revisiting this post and discovered that unicorehealth.net now displays a site "Hartford HR Summit" which is definitely a BizSummits / Michael Price site.


Wednesday, 21 January 2015

"Hartford Tech Summit" aka BizSummits: What's wrong with this picture? (hartfordsummit.com / hartfordsummit.org)

Last year I called out serial spammers BizSummits for their use of stolen photographs that they were attempting to pass off as activities at one of those summits.

A comment on one of the posts indicates that BizSummits are suffering from a degree of butthurt because of this.

Hi Conrad, we just received an autonotice about the comment from Claire Le and were again hoping you would consider archiving/mothballing it because readers see the misleading title which is why the commenter incorrectly surmised BizSummits is a fake after reading it. I think you know it is not, we are glad to immediately make you a member of one of the groups if wished so you can login and watch/listen to hundreds of past meetings (impossible if it were really a fake), and we are also glad to cover your airfare from the UK if you wish to attend any of the in-person events (next on the schedule is the HartfordSummit.com in a few weeks and then a series in Chicago in April including a CIO roundtable you might have interest in attending). Thank you for your consideration. 
 HartfordSummit.com? That's a new one on me. Let's head over to that website.


If you read my previous post on these folks, you might guess where this is going.

Now, bearing in mind the cringing embarrassment they must have felt when I pointed out that all the photos on their sites were of something else entirely, you would expect that they'd use a genuine photograph of one of their summits. I mean, everyone has a digital camera, right? It would be hard to avoid taking a photograph of one of these summits. And they have so many of them.

Let's have a closer look at that photo (http://loadurl.org/hartfordsummit/images/whatsnew.jpg)

It certainly looks like a seminar or summit. But let's see what a Google Reverse Image Search says..


It guesses that this is a picture of "business seminars" and reveals that the same photo is in use on many different sites. And in fact, you just need to do a Google image search for "Seminars" and it turns up in a prominent position.


So now we need some detective work, the original image doesn't appear to be online but I can find a slightly higher resolution one.


There's an interesting sign on the wall..


"The Ivy Review" it says. That matches pretty closely with a photo from ivycenters.com which has a very similar photograph.



This photograph was taken in the Santa Clara Convention centre. That's about 3000 miles from Hartford, but that's not really the point. The point is that this appears to be the photograph of a completely different convention from a completely different organisation. It is certainly a commonly used picture for "seminars" that people paste in when they haven't actually got a picture.

In fact, I have never seen a verifiable photo of any BizSummits event. Perhaps I am looking in the wrong place. Perhaps someone needs to buy BizSummits a digital camera. Draw your own conclusions.

As for a free trip to Connecticut to see BizSummits in action. Yeah, I think I'll pass on that offer.

Tuesday, 8 April 2014

Michael Price and BizSummits get ROKSO listed, scurry under the spotlight

Recently I wrote about a spam run being sent by Michael Price and/or BizSummits and examined the high level of fake material on their "Summits" websites.

In the past few days, BizSummits and Michael Price have the very dubious distinction of being listed in the Spamhaus ROKSO list of what they consider to be the worst spammers worldwide.

A ROKSO listing is bad news because it means that reputable web hosts will not do business with them.

So what happened next?

Well, basically most of the domains listed here have suddenly changed registrar and IP address, and the WHOIS details have been changed to something that looks rather fake (in my opinion). For example, the domain BizSummits.org has the WHOIS details changed from:

Registrant ID:CR38175629
Registrant Name:DNS Administrator
Registrant Organization:BizSummits
Registrant Street: 1200 Abernathy Rd, 17th Floor
Registrant City:Atlanta
Registrant State/Province:Georgia
Registrant Postal Code:30328
Registrant Country:US
Registrant Phone:+1.8006003389
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:dnsadmin@bizsummits.org


to

Registrant ID:NS-b48b7b229f5dc
Registrant Name:Michael Loeloff
Registrant Organization:
Registrant Street: 8380 Lagos De Campo Blvd
Registrant City:Tamarac
Registrant State/Province:FL
Registrant Postal Code:33321
Registrant Country:US
Registrant Phone:+1.2025688305
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:dnsadmin@bizsummits.org


..which is an anonymous-looking apartment in Florida. Most of the other domains have been geographically scattered to different addresses and names. Strangely none of the registrants seem to have a web footprint. In my personal opinion, these addresses are deliberately fake, and they have been changed by someone working for BizSummits.

It isn't just the WHOIS details that changed, the registrar in the case of BizSummits.org has changed from GoDaddy to NameSilo for unknown reasons. And also the IP address has changed from 184.168.221.27 (GoDaddy) to 198.199.112.47 (Digital Ocean). To me that looks like GoDaddy booted them off their network, although there could be other explanations I suppose.

Conversely, most of the domains used in the spam run listed here appear to have been deleted, either by the registrar or by the owner. It doesn't really matter as far as evidence is concerned because services such as DomainTools maintain historical WHOIS records.

Overall, there seems to be a great deal of scurrying around as the spotlight has been shone on their activities.

I'm curious as to whether or not Michael Price or BizSummits think that the spam run sent from their servers was legitimate and legal, and as to whether or not they believe that the use of the images from other companies is justified.

It does appear that someone using Michael Price's photograph and name tried to post a comment, and then thought better of it. Hmmm.


Sunday, 30 March 2014

It's a fake! BizSummits, CFO Summit, CIO Summit, CMO Summit rip off photos from other sites.

I've been tracking the spammy activity of BizSummits on and off for a while, most recently with a very annoying spam run that has been plaguing website operators with fake notifications.

I'd never really looked that deeply into the BizSummits operation though, but even though it promotes itself through spam I had assumed that there was a real business at the end of it.

But when I started to look into their websites, it quickly became apparent that a great deal of the material was faked.

Most of the sites use the same material, so let's start with forwd.net/cfosummit/about.html which is an "About Us" page.

It features a photo of a group of people.. you'd assume that it was one of the "Summits" that BizSummits promotes. After all, if you have all these people meeting up all the time then surely it would be easy to snap a photo.

Let's look more closely.

It turns out that the picture is stolen from the blog of the US Ambassador to Iceland and it shows a group of Icelandic executives meeting with an organisation called the Young Presidents' Organization which is completely unrelated to BizSummits.

So let's look at the "Why Join" page at forwd.net/cfosummit/whyjoin.html which features a bunch of happy-looking individuals.

Let's look more closely..

This image is stolen from a company called Deceuninck nv. And it isn't just a generic stock photo, their website lists everyone in the photograph and identifies them as being employees.


Let's look at the "Members" page next at forwd.net/cfosummit/members.html

It shows a photograph of someone who is presumably speaking at one of these Summit events.

Errr... no. This is Professor Michael Porter speaking at the World Economic Forum. Professor Porter would be a highly influential and important person to have on board. But his name doesn't appear on the list of "Members & Speakers".

Let's look at the "Topics" page at forwd.net/cfosummit/topics.html


Who's in the photo?


That's a publicity photo of Niels Stolberg. Stolberg's company collapsed and is the focus of fraud investigations. Given the controversy surrounding Mr Stolberg, would it be appropriate to have a picture of him on your site? Odder still, Mr Stolberg seems to have no connection at all to BizSummits.

Now we turn our attention to the "What's New" page. Who are the people having a discussion? People at a BizSummits seminar?


Let's look more closely.

This image can be found on the page of the NG Utilities Summit in Australia (open the lightbox). If you look carefully, you can see the NG Utilities logo on the woman's badge on the right. Despite having "Summit" in the name, this is nothing at all to do with BizSummits. If BizSummits really held any meetings then a photo like this would be trivial to take.

The next page is "Questions" at forwd.net/cfosummit/questions.html. Well.. we have a few already.


Who's in the picture?

These are a couple of executives from WebTrends. As far as I can tell they have nothing to do with BizSummits, and the photo has just been stolen.

Incidentally this page contains what I consider to be a flat lie:

Why was I Invited to Join?

Either a member nominated you, or we specifically wanted your company involved and researched the best executive.
The evidence I have provided about this firm shows that they simply scraped your name from your company website and guessed your email address. Is that research? I don't think so.

The next picture to deconstruct is on the "My Login" page at forwd.net/cfosummit/login.html


You probably already guessed that the guy in the photo has nothing to do with BizSummits.

That's because this is Dr. Thomas R. Insel who again has nothing to do with BizSummits.

Finally, we come back to the home page.


Who is in the photo?


These are apparently the senior management of BHP taken in an AAP photo. What do they have to do with BizSummits? It seems nothing at all.

In fact, the only original piece of imagery I can find is this promotional video:


The video is meant to be an endorsement. But who is this woman? Who does she represent? What exactly is she endorsing? The video is professional looking but deliberately vague.

Incidentally, if you want to see what Michael Price, the CEO of BizSummits looks like, here he is:


This copied material doesn't just exist on a few websites, it exists on a LOT of cookie-cutter sites, all presumably marketed through the same spammy approach.

  • CFO Summit (www.cfosummit.org)
  • CIO Summit (www.ciosummit.org)
  • CMO Summit (www.cmosummit.net)
  • COO)Operations Summit (www.theoperationssummit.net)
  • Corporate Counsel Summit (www.thecorporatecounselsummit.org)
  • Corporate Development Summit (www.corpdevsummit.org)
  • Customer Service Summit (www.customerservicesummit.org)
  • Engineering Summit (www.theengineeringsummit.net)
  • Executive Summits (www.executivesummits.org)
  • Hospital Growth & Excellence Summit (www.hospitalgrowthsummit.org)
  • HR Summit (www.hrsummit.org)
  • Product Development Summit (www.productdevsummit.org)
  • Project Management Summit (www.projectmanagementsummit.org)
  • Public Relations Summit (www.thepublicrelationssummit.org)
  • Procurement Summit (www.procurementsummit.org)
  • Quality Management Summit (www.qualitymanagementsummit.org)
  • Risk Management Summit (www.riskmanagementsummit.org)
  • Safety Management Summit (www.safetymanagementsummit.org)
  • Sales Summit (www.salessummit.org)
  • Supply Chain Summit (www.supplychainsummit.org)
  • Training Summit (www.trainingsummit.org)
Ask yourself this question.. why is it that a company such as BizSummits, that is supposed to organise all of these meetings, cannot get around to taking any photographs of those meetings themselves? Surely it wouldn't be difficult to do? And yet almost every image is copied from somewhere else. What kind of company does that? Is it one that you feel comfortable doing business with?

Friday, 28 March 2014

BizSummits "Early closing due to poor weather" / "Early closing due to bad conditions" spam

Here are a pair of odd spam email messages:

Message 1
From:     Tim Williams Tim@myteamex.com
To:     Tony Blair [tony@victimdomain]
Date:     28 March 2014 14:09
Subject:     Early closing due to bad conditions.

Early closing due to bad conditions.


This will be the only notification to tony@victimdomain and just disregard if sent to the incorrect individual. Thank you.
Message 2
From:     Michael Miller Michael@leadbyinnovation.com
To:     Victor Echo [vecho@victimdomain]
Date:     28 March 2014 11:12
Subject:     Early closing due to poor weather.

Early closing due to poor weather.


This will be the only notification to vecho@victimdomain and just disregard if sent to the incorrect person. Thank you.
The email contains no link and no attachment. So what it is it?

A close look at to "To" field is interesting. Tony Blair? Well, he's an ex-Prime Minister of Britain, and he just happens to be mentioned on my website here. And Victor Echo? Well, that's not a person at all but is mentioned on this page about the NATO Phonetic Alphabet.

So, in each case a name has been harvested from my web site and an email address guessed (tony@ and vecho@) in order to send the spam.

I've seen this process of scraping my web site and guessing email addresses before by a business called CIO Summits which is part of a spammy business called BizSummits run by a gentleman called Michael Price. But perhaps this is a coincidence?

So let's look at the mail headers of the two messages:

Message 1

Received: from [64.21.19.104] (port=59519 helo=mail.myteamex.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Tim@myteamex.com>)
    id 1WTXTM-00062J-14
    for tony@[redacted]; Fri, 28 Mar 2014 14:09:32 +0000
Received: from 76809236.myteamex.com
        by mail.myteamex.com (Merak 8.9.1) with ASMTP id ORL87326
        for <tony@[redacted]>; Fri, 28 Mar 2014 07:09:26 -0700
Message-ID: <20140328070921.6e9e4d6b5e@5d7e>
From: "Tim Williams" <Tim@myteamex.com>
To: "Tony Blair" <tony@[redacted]>
Subject: Early closing due to bad conditions.
Date: Fri, 28 Mar 2014 07:09:21 -0700
X-Priority: 3
X-Mailer: Host
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Tim@myteamex.com designates 64.21.19.104 as permitted sender) client-ip=64.21.19.104 envelope-from=Tim@myteamex.com helo=mail.myteamex.com

Message 2

Received: from [64.21.70.64] (port=1970 helo=mail.leadbyinnovation.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Michael@leadbyinnovation.com>)
    id 1WTUi8-0007x8-KZ
    for vecho@[redacted]; Fri, 28 Mar 2014 11:12:38 +0000
Received: from 37649152.leadbyinnovation.com
        by mail.leadbyinnovation.com (Merak 8.9.1) with ASMTP id OOO71531
        for <vecho@[redacted]>; Fri, 28 Mar 2014 04:12:31 -0700
Message-ID: <20140328041226.3f8f7d6c7b@9e8c>
From: "Michael Miller" <Michael@leadbyinnovation.com>
To: "Victor Echo" <vecho@[redacted]>
Subject: Early closing due to poor weather.
Date: Fri, 28 Mar 2014 04:12:26 -0700
X-Priority: 3
X-Mailer: SMTP Forwarder v.9
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Michael@leadbyinnovation.com designates 64.21.70.64 as permitted sender) client-ip=64.21.70.64 envelope-from=Michael@leadbyinnovation.com helo=mail.leadbyinnovation.com
What these headers tell us is that the emails originated from 64.21.70.64 and 64.21.19.104 (Net Access Corporation, US), and that those servers are genuine mail relays for the domains leadbyinnovation.com and myteamex.com.. in other words the message is not spoofed and whoever owns these domains is responsible for the mail.


The WHOIS contain the following details:

leadbyinnovation.com
Registrant Name: DNS Administrator
Registrant Organization: LeadByInnovation
Registrant Street: 1200-Abernathy  Rd
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30328
Registrant Country: United States
Registrant Phone: +1.7705552343
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@leadbyinnovation.com
Registry Admin ID: 
myteamex.com
Registrant Name: DNS Admin
Registrant Organization: MyTeamEx
Registrant Street: 17th Floor
Registrant Street: 1200  Abernathy
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30328
Registrant Country: United States
Registrant Phone: +1.4044983847
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@myteamex.com

Perhaps is is just a coincidence that the WHOIS details for bizsummits.org are very similar:

Registrant ID:CR38175629
Registrant Name:DNS Administrator
Registrant Organization:BizSummits
Registrant Street: 1200 Abernathy Rd, 17th Floor
Registrant City:Atlanta
Registrant State/Province:Georgia
Registrant Postal Code:30328
Registrant Country:US
Registrant Phone:+1.8006003389
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:dnsadmin@bizsummits.org

1200 Abernathy Rd is a big office building in Atlanta, and the office address could well be a virtual office in any case. But isn't it a coincidence that all three companies are based in the same building?

Well.. no, it's not a coincidence because if you look at the historical WHOIS details for myteamex.com for just last month we see they are:

Registrant Name: Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City: Marietta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: +1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: MPrice@mobilesoft.com

Michael Price? Yes, that's the same Michael Price who runs BizSummits. So, it's not a coincidence at all, is it?

This particular spam run has also been discussed on the SpamCop forum which  indentifies the four following domains in connection with this spam run:
trainingleadership.org
zipscheduler.net
gotofacts.net
openames.com

Each one of these tells a different story.  trainingleadership.org has the same semi-anonymous registration details as the others, but just a few days ago (20th March 2014) the registrant was "Biz Summits".  gotofacts.net has also had the registrant details changed.. on 18th March that was registered to "Michael Price".

Finally,  openames.com is a bit odder. It too has had the registrant details change (it was "Michael Price" on 18th January 2014), but it is hosted on an IP address belonging to a children's hospital in Illinois (199.125.18.11: Illinois - Chicago - Children's Memorial Medical Center)

So what are these messages? I believe that BizSummits (or whatever Mr Price's current operation is called, perhaps mobilesoft.com / mobilebriefs.com) is probing mail servers to see what sort of format email addresses are so that further spam can be sent. Most mail systems will reject invalid messages, so basically this is a sort of enumeration exercise. Is this illegal? It's hard to say. But in my opinion it is certainly unethical.

Incidentally BizSummits has a rotten reputation at the BBB, and in my personal opinion offer business summits of very little worth, and that they prey upon the vanity of the people who receive the email (which is just a basically just spam). A quick a Google for bizsummits spam comes up with a large number of complaints, and I must recommend this particular blog entry if you want an overview of how BizSummits allegedly pitch their business.

The BBB lists the following domains as being part of BizSummits. I would recommend avoiding them:
cfosummit.org
ciosummit.org
thecmosummit.net
trainingsummit.org
csosummit.org
corpdevsummit.org
hrsummit.org
theoperationssummit.net
productdevsummit.org
thepublicrelationssummit.org
qualitymanagementsummit.org
risingexecutivesummit.org
riskmanagementsummit.org
thecorpdevsummit.org
associationgrowthsummit.net

UPDATE: more information about BizSummits and some of it's websites can be found here.

Update (2300 GMT 2014-03-28): another "Tony Blair" one..

From:     Stan Moore Stan@texasbusinesschamber.org
To:     Tony Blair tblair@[redacted]
Date:     28 March 2014 22:52
Subject:     Closed early due to poor weather.

Closed early due to poor weather.


This will be the only notification to tblair@[redacted] and just disregard if sent in error. Thank you.
The mail headers confirm that texasbusinesschamber.org was the sender, this time from 64.21.70.72 (Net Access Corporation again):

Received: from [64.21.70.72] (port=3018 helo=mail.texasbusinesschamber.org)
    by [redacted]with esmtp (Exim 4.80)
    (envelope-from <Stan@texasbusinesschamber.org>)
    id 1WTfdq-0002i5-AG
    for tblair@[redacted]; Fri, 28 Mar 2014 22:52:50 +0000
Received: from 37402341.texasbusinesschamber.org
        by mail.texasbusinesschamber.org (Merak 8.9.1) with ASMTP id OZC63549
        for <tblair@[redacted]>; Fri, 28 Mar 2014 15:52:49 -0700
Message-ID: <20140328155244.5b6c3d3e2c@2e5c>
From: "Stan Moore" <Stan@texasbusinesschamber.org>
To: "Tony Blair" <tblair@[redacted]>
Subject: Closed early due to poor weather.
Date: Fri, 28 Mar 2014 15:52:44 -0700
X-Priority: 3
X-Mailer: System-Forwarder
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Stan@texasbusinesschamber.org designates 64.21.70.72 as permitted sender) client-ip=64.21.70.72 envelope-from=Stan@texasbusinesschamber.org helo=mail.texasbusinesschamber.org
texasbusinesschamber.org WHOIS today:

Registrant ID:CR156687418
Registrant Name:DNS Admin
Registrant Organization:Texas Business Chamber
Registrant Street: Floor 17
Registrant City:Atlanta
Registrant State/Province:Georgia
Registrant Postal Code:30327
Registrant Country:US
Registrant Phone:+1.7705863645
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:dnsadmin@texasbusinesschamber.org
texasbusinesschamber.org WHOIS on 22nd February (just over one month ago)

Registrant ID:CR156687418
Registrant Name:Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City:Marietta
Registrant State/Province:Georgia
Registrant Postal Code:30068
Registrant Country:US
Registrant Phone:+1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:MPrice@mobilesoft.com

Update (0700 GMT 2014-03-29):  A slightly different one..

From:     Jim Moore Jim@ituckins.com
To:     Victor Echo
Date:     29 March 2014 03:17
Subject:     Closed early due to expected snow.

Closed early due to expected snow.

This will be the only notification to victor@[redacted] and just ignore if sent to the wrong person. Thank you.
This time the spammers are probing "Victor Echo" using the victor@ address. Mail headers are:

Received: from [209.200.118.35] (port=2643 helo=mail.ituckins.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Jim@ituckins.com>)
    id 1WTjm8-0001jI-Ia
    for victor@[redacted]; Sat, 29 Mar 2014 03:17:45 +0000
Received: from 34460524.ituckins.com
        by mail.ituckins.com (Merak 8.9.1) with ASMTP id PGU70938
        for <victor@[redacted]>; Fri, 28 Mar 2014 20:17:38 -0700
Message-ID: <20140328201734.5b7d6b2f9d@2e2e>
From: "Jim Moore" <Jim@ituckins.com>
To: "Victor Echo" <victor@[redacted]>
Subject: Closed early due to expected snow.
Date: Fri, 28 Mar 2014 20:17:34 -0700
X-Priority: 3
X-Mailer: Package Forwarder 6.3
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Jim@ituckins.com designates 209.200.118.35 as permitted sender) client-ip=209.200.118.35 envelope-from=Jim@ituckins.com helo=mail.ituckins.com
This domain has been excised of useful details in the WHOIS records, but it follows the same pattern and is undoubtedly Michael Price and BizSummits.

Registry Registrant ID:
Registrant Name: Dns Admin
Registrant Organization: eTuckins
Registrant Street: 1200 Abernathy Rd
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: +1.7705763847
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@etuckins.com
Note that ituckins.com refers to etuckins.com in the WHOIS record, revealing yet another spam site in the chain.

Update (1800 GMT 2014-03-29): two more spams from the same domain..

From:     Stan Davis Stan@opendetails.com
To:     Oscar Yankee <oscar@[redacted]>
Date:     29 March 2014 12:39
Subject:     Early closing due to poor weather.

Early closing due to poor weather.

This will be the only notification to oscar@[redacted] and disregard if sent to the incorrect individual. Thank you.

-----

From:     Steve Williams Steve@opendetails.com
To:     Oscar Yankee <oyankee@[redacted]>
Date:     29 March 2014 11:54
Subject:     Closed early due to inclement weather.

Closed early due to inclement weather.

This will be the only notification to oyankee@[redacted] and please ignore if sent to the incorrect person. Thank you.
This time they are sent to "Oscar Yankee" (using a name scraped from this page) using both observed variants of oyankee@ and oscar@. The mail headers again verify that the message isn't spoofed, and opendetails.com is the actual sender.

Received: from [208.52.161.186] (port=59373 helo=mail.opendetails.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Steve@opendetails.com>)
    id 1WTrqb-0001rc-3u
    for oyankee@[redacted]; Sat, 29 Mar 2014 11:54:53 +0000
Received: from 97584292.opendetails.com
        by mail.opendetails.com (Merak 8.9.1) with ASMTP id POG42002
        for <oyankee@[redacted]>; Sat, 29 Mar 2014 04:55:02 -0700
Message-ID: <20140329045456.3f2b7e1b4b@5c5f>
From: "Steve Williams" <Steve@opendetails.com>
To: "Oscar Yankee" <oyankee@[redacted]>
Subject: Closed early due to inclement weather.
Date: Sat, 29 Mar 2014 04:54:56 -0700
X-Priority: 3
X-Mailer: Perpetual Host v.1
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Steve@opendetails.com designates 208.52.161.186 as permitted sender) client-ip=208.52.161.186 envelope-from=Steve@opendetails.com helo=mail.opendetails.com
The WHOIS details have been altered in an attempt to hide the sender, but it still shows Michael Price's email address. Oops.

Registrant Name: DNS Admin
Registrant Organization: OpenDetails.com
Registrant Street: Floor  17
Registrant Street: 12O0 Abernathy
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30329
Registrant Country: United States
Registrant Phone: +1.7705643366
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: mprice@mobilesoft.com
If we go back to the registration details in January 2014 then Michael Price's name and address are on them.

Registry Registrant ID:
Registrant Name: Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City: Marietta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: +1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: MPrice@mobilesoft.com
So again, there is very little doubt as to who is sending this rather large spam run.

Update (0200 GMT 2014-03-30): the spam shows no signs of letting up. Subjects include the following:

Closing early due to bad weather.
Closed tomorrow due to inclement weather.
Closed tomorrow due to poor weather.
Closing early due to bad conditions.


Names scraped from my website include "Juliet Tango", "Michael Moore" and "Mark Tape". This spam run has two new domains, texasbusinesschamber.com and opendetailz.com , the first of which has valid SPF records, the second does not.

Received: from [207.36.209.108] (port=4719 helo=mail.texasbusinesschamber.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Tony@texasbusinesschamber.com>)
    id 1WU2JB-0005bA-EE
    for michael@[redacted]; Sat, 29 Mar 2014 23:05:02 +0000
Received: from 47912934.texasbusinesschamber.com
        by mail.texasbusinesschamber.com (Merak 8.9.1) with ASMTP id PAI19600
        for <michael@[redacted]>; Sat, 29 Mar 2014 16:05:00 -0700
Message-ID: <20140329160458.6b8c5e8f4d@7e5d>
From: "Tony Moore" <Tony@texasbusinesschamber.com>
To: "Michael Moore" <michael@[redacted]>
Subject: Closing early due to bad weather.
Date: Sat, 29 Mar 2014 16:04:58 -0700
X-Priority: 3
X-Mailer: EmailRemitter v.8
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Tony@texasbusinesschamber.com designates 207.36.209.108 as permitted sender) client-ip=207.36.209.108 envelope-from=Tony@texasbusinesschamber.com helo=mail.texasbusinesschamber.com

Received: from [208.52.168.58] (port=58797 helo=mail.opendetailz.com)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Brad@opendetailz.com>)
    id 1WU0hT-0004Z3-MB
    for juliet@[redacted]; Sat, 29 Mar 2014 21:22:03 +0000
Received: from 20646396.opendetailz.com
        by mail.opendetailz.com (Merak 8.9.1) with ASMTP id PYZ68711
        for <juliet@[redacted]>; Sat, 29 Mar 2014 14:22:11 -0700
Message-ID: <20140329142206.1f6f5b7b2e@2d3f>
From: "Brad Johnson" <Brad@opendetailz.com>
To: "Juliet Tango" <juliet@[redacted]>
Subject: Closing early due to bad conditions.
Date: Sat, 29 Mar 2014 14:22:06 -0700
X-Priority: 3
X-Mailer: MailServer 5.2
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: none ([redacted]: domain of Brad@opendetailz.com does not designate permitted sender hosts) client-ip=208.52.168.58 envelope-from=Brad@opendetailz.com helo=mail.opendetailz.com
The WHOIS records for texasbusinesschamber.com have been stripped of any identifying details:

Registry Registrant ID:
Registrant Name: DNS Admin
Registrant Organization: Texas Business Chamber
Registrant Street: Suite 1700
Registrant Street: 1200 -Abernathy
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30328
Registrant Country: United States
Registrant Phone: +1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@texasbusinesschamber.com

But back in February, it was registered to Michael Price:

Registry Registrant ID:
Registrant Name: Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City: Marietta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: (770) 998-9999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: MPrice@mobilesoft.com
Registry Admin ID: 
opendetailz.com doesn't pass the SPF check, but it is sufficiently close to the verified domain of opendetails.com seen previously that it is almost certainly genuine. The WHOIS details are:

Registry Registrant ID:
Registrant Name: DNS Admin
Registrant Organization: OpenDetailsz.com
Registrant Street: Floor-17
Registrant Street: 12OO Abernathy
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30327
Registrant Country: United States
Registrant Phone: +1.6783843388
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@opendetailz.com
On the 18th March 2014 they were:

Registry Registrant ID:
Registrant Name: Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City: Marietta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: +1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: MPrice@mobilesoft.com
Registry Admin ID: 
Update (2300 GMT 2014-03-30): yet more evidence linking this spam run to BizSummit's Michael Price..
From:     Stan Miller Stan@gotofacts.net
To:     George Bush <george@[redacted]>
Date:     30 March 2014 18:29
Subject:     Will be closed due to bad conditions.

Will be closed due to bad conditions.

This will be the only notification to george@[redacted] and ignore if sent to the wrong email. Thank you.
----------------
From:     John Moore John@gotofacts.net
To:     George Bush <[redacted]>
Date:     30 March 2014 23:11
Subject:     Will be closed due to bad weather.

Will be closed due to bad weather.

This will be the only notification to gbush@[redacted] and disregard if sent to the wrong person. Thank you.

These messages are sent to George Bush (!). Again, the mail headers reveal that there is a valid SPF record, therefore gotofacts.net really did send the message:

Received: from [64.21.19.120] (port=64747 helo=mail.gotofacts.net)
    by [redacted] with esmtp (Exim 4.80)
    (envelope-from <Stan@gotofacts.net>)
    id 1WUJXi-0001yE-Iq
    for george@[redacted]; Sun, 30 Mar 2014 18:29:14 +0100
Received: from 78693058.gotofacts.net
        by mail.gotofacts.net (Merak 8.9.1) with ASMTP id QUH61409
        for <george@[redacted]>; Sun, 30 Mar 2014 10:29:09 -0700
Message-ID: <20140330102904.4d9e7f4e6f@7d6f>
From: "Stan Miller" <Stan@gotofacts.net>
To: "George Bush" <george@[redacted]>
Subject: Will be closed due to bad conditions.
Date: Sun, 30 Mar 2014 10:29:04 -0700
X-Priority: 3
X-Mailer: FlashTransmitter version 8.1
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass ([redacted]: domain of Stan@gotofacts.net designates 64.21.19.120 as permitted sender) client-ip=64.21.19.120 envelope-from=Stan@gotofacts.net helo=mail.gotofacts.net
The WHOIS records for gotofacts.net have been stripped of useful data:

Registry Registrant ID:
Registrant Name: DNS Admin
Registrant Organization: GoToFacts
Registrant Street: 1200 Abernathy
Registrant City: Atlanta
Registrant State/Province: Georgia
Registrant Postal Code: 30328
Registrant Country: United States
Registrant Phone: +1.7705863984
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: dnsadmin@gotofacts.net
But on March 18th it was registered to:

Registry Registrant ID:
Registrant Name: Michael Price
Registrant Organization:
Registrant Street: 801 Kellerman Kreek
Registrant City: Marietta
Registrant State/Province: Georgia
Registrant Postal Code: 30068
Registrant Country: United States
Registrant Phone: +1.7709989999
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: MPrice@mobilesoft.com
Registry Admin ID: 

Monday, 8 November 2010

theciosummits.org / CIO Summits spam

theciosummits.org / CIO Summits is the same outfit as BizSummits  who have a particular spamming technique that has been seen before.

The technique appears to be that they search a website for strings that look like names, and then they try and guess the email address for that person at that domain. Email addresses tend to follow a limited number of formats, so it probably gets a reasonable success rate, but even so.. the name is still scraped and the recipient emailed without opting in to anything.

From: Jason Williams <jwilliams@theciosummits.org>
To: James Studer [redacted]
Date: 8 November 2010 15:06
subject: James, just following-up.
   
Hi James, is now a better time to reach out to you in regards to the CIO
Summit? You received a request on behalf of our Board due to your key
role in the technology field and I'm curious to know if a decision has
been made.

The CIO Summit is an invitation-only group comprised of the very best
executives and visionaries in technology. We meet monthly by
teleconference to exchange what is working, what is not, strategies and
ideas. It is a confidential forum with dedicated groups of other
successful VPs and key executives whose only agenda is to help each other
outperform. Our site is at www.theciosummits.org

I am certain you will find the experience both enjoyable and useful in
your efforts. Please take a look and let me know of your decision. Thanks,
 James.

Sincerely,
Jason Williams
CIO Summits
Tel. (803) 712-3027
www.theciosummits.org


The information contained in this message is confidential and intended
only for James Studer. If you have received this message in error, please
delete it or mail us back if you no longer wish to receive further
invites. For my records, I show your contact information as: James Studer,
 Dynamoocom, [redacted]  800-688-6115 If needed, you can reach
us at 201 17th St, #1200, Atlanta, GA 30363. Thank you.

Who is James Studer exactly? It turns out that he was a contributor to the Orange Book, which I have a section about on my website.. and as with the BizSummits spam I've seen before, the pattern is exactly the same.

CIO Summit's pitch looks fairly deceptive. They have guessed an email address, apparently to make it look like we have a prior relationship. It's worth noting as well that the BBB give parent BizSummits a very poor "F" rating which definitely makes it look like one to avoid.

Monday, 11 May 2009

Michael Price / BizSummits.org unsolicited bulk email

I've had a few of these in the past, but this time my spidey sense was tingling.

Subject: Roger, Website discussion on April 21st.
From: "Pat Weller" pat@mktgalliance.org
Date: Mon, May 11, 2009 1:49 pm

Hi Roger, let me know if you might be interested in attending our
upcoming program, "Does Your Website Produce the Results You Want? How to
Drive Conversions by Writing Better Content" on Monday, April 27th. You
can view the complete details at www.mktgalliance.org/webconversations

Businesses of all sizes can benefit greatly from these ideas that have
proven to work based on experiences with hundreds of websites. Thomas
Young, Internet Marketing Consultant and CEO with Intuitive Websites,
will be making the presentation. He will review conversion strategies,
effective taglines, using captions on photos, how to avoid blocks of text,
bullet items in web copy, how to avoid brochure copy and marketing-speak,
calls to action and more. I hope you and your team will join us.

Best regards,

Pat Weller
Program Director
Marketing Alliance
600 North Park Centre
Seventeenth Floor
Mail back to decline further
Atlanta, GA 30328
www.mktgalliance.org/webconversations


Well, I'm not called "Roger" and I can't quite figure out where that came from. The email came from 66.232.113.10 which is the same IP as mktgalliance.org, so that really confirms it as genuine.

A look at the WHOIS details are interesting:

BizSummits
Michael Price (MPrice@BizSummits.org)
+1.8006003389
Fax:
1200 Abernathy Rd, 17th Floor
Atlanta, GA 30328
US

Alright, ten points for having (apparently) genuine contact details (it matches their BBB report), minus several million points for blasting out unsolicited emails to random addresses.

Is it spam? Well, it's certainly unsolicited commercial email and in this case it was sent to an email address that didn't actually exist. Annoyingly, it could well be CAN SPAM compliant. But it falls within the scope of the Boulder Pledge so best avoided.

Here are some other domains associated with BizSummits:
  • mybizteleseminars.net
  • customerservicesummit.net
  • theopsbenchmarkalliance.com
  • associationgrowthsummit.net
  • mktgalliance.org
DavesPlanet.net has more information here, the Other Librarian blog indicates that it has been going on for years here, and a Google Search shows just how widespread these unsolicited emails are. Do you really want to do business with a company like this?