I know I said I was going to let my shoulder rest, but this is too important to wait on.
I was informed of a website where an unauthorized copy of my latest book, Atlantis: The Visionary Continent, Volume #2: Awakening, is being offered! I couldn’t believe it, so I had to go see for myself. When I confirmed it, I was furious. Livid. Enraged! Other synonyms for insanely pissed! The more I investigated, the angrier I became. It was being offered for free!
I fumed. The book has barely been out for three months! After a half-hour of spitting anger, I started getting over my shock and began to formulate a plan to deal with this. I ran a Google search, but there really isn’t anything regarding stolen e-books, except advice to not offer books as a direct download from your site. [Which I was not doing–they’re exclusive to Amazon at the time of this posting.] I found some advice regarding DMCA [Digital Millennium Copyright Act, yo.] and decided to do a Whois search on the domain, so I could figure out who to send a takedown notice to.
This turned tricky fast, due to the culprit having a ton of domains that point to other domains, which then pointed to subdomains. I was going in circles. I took a closer look at the site to see if I could find any more info. 293 downloads? Anonymous people with no avatar posting very recent and generic comments? Something didn’t smell right. The work of other authors was on the site also, so I checked some of their listings–the number of downloads varied, but the pages were identical–right down to the comments.
I clicked through to the download page. I reached the instructions, and suddenly, the situation became clear. I quickly viewed the source code of the page, and discovered that my story wasn’t being offered illegally. They didn’t have the actual book–it was being used as bait for a phishing scheme!
Now, I know the classic argument is: “If people are looking for free copies, then they weren’t going to buy your book anyway, so you’re not losing sales“. This is a valid argument, except that what is actually happening is harming public opinion of my brand itself. That is much more difficult to recover from than a sales loss!
The setup is a common one, where the site offers a file: a program, MP3, video–or in this case e-book–and leads you to a page where you can download it. EXCEPT there is a catch–before the download link becomes available, you are usually directed offsite to apply for “special offers”. These look like credit card and loan applications, or free trials to subscription services. They ask for vital info, like social security and credit card numbers, home addresses, etc. More often than not, these are elaborate phishing scams where they use a person’s willingness to get something for free to convince them to give up sensitive info. You don’t get anything except a lot of spam email, and the hassle of having to freeze your credit and apply for a new bank account. Then if you can actually download the file, it’s usually not what was advertised–often it’s a Trojan designed to infect your system so these people can get more information from you. Then they either sell the data they collect, or use it for themselves.
Since the file wasn’t actually on the original website, I had no valid DMCA claim. I went to the root of the site to see if I could glean any info, when suddenly I was on… a legitimate cloud storage site? After poking around a bit, I discovered that the root site was set to redirect to a legitimate site–even though the file is clearly not on their servers. Why would that happen…?
The site is mocked up to look like a filesharing site, but it’s owned by the same person who owns the original site I found the listing on! This is an elaborate deception–this person thought this through, and wants to remain hidden. [Probably because the information they scrape and the malware and viruses they distribute are their main source of income.]
They didn’t even host the cover image themselves! It’s hotlinked from Amazon! The download link sends you to the fake filesharing front, which then redirects you to affiliates where you fill out the offers that will supposedly allow you access to my work. Well, as I said before, I viewed the source file and there is no download. Everything forces you to a file “locking” site that has a pretty bad safety rating itself.
File locking sites are commonly used for something called an integrated affiliate advertising redirect*, also known as a forced click. [Read more on them here.] When you click the download link, it forces you to view ads in an non-closable window, makes you apply for a “free” offer, or sometimes you’ll be told to take a “survey” before it lets you have access to the files you want. [Completing these actions supposedly unlocks the real download button or link.]
Every time you click the download link, the scammer running the fake site gets paid–sometimes even if you back out and don’t follow through! Not only that, but a savvy coder could use it to gain a click and steal your info. Several thousand clicks a day, plus sell-able or exploitable data? That adds up, especially the way this person has it set.
You see, at the end of this person’s setup, the user is presented with a blank white window. That’s it. No file. You are no longer useful. Your clicks and data have been taken. Get out.
It’s bullshit because it’s using my hard work to trick my unsuspecting readers into giving away sensitive information, and earning money fraudulently while doing it. Not only my readers–but anyone who might think it’s a legitimate source for free e-books! They scrape Amazon, using the allure of prose authors have slaved over as bait. They poison brands authors have worked hard to build in the mind of the people they trick. Not. Cool.
At first, it seems hopeless. How can I DMCA content these people don’t have? How can I go after them, not knowing who they are, or even knowing what country they are in? The person who set this up knows this. This is the cloak they wrap themselves in.
But me? What can I do?
I know the affiliates won’t care–after all, they make money through the ad clicks. Web searches care, because the site is linking to content that could harm someone’s computer. They’ll pull the data, but it will be restored by the next web crawl. I could report the shady behavior to the domain registrar and get the domain revoked. That could work–for the amount of time it would take the person to figure out the domain is cancelled and buy a new one. So what can you do? What can I do?
For now, this is all I have been advised to say. I have several options, but in the meantime, I am going to focus on educating people. The more people that are informed, the less often these kind of sites will trick people. My hope is that over time, the profitability of these sites will drop, and they will no longer be worth opening. So share this post, [and the post linked above] and help get the word out!
Please remember you can ONLY purchase my books from Amazon.com! Volume #1 is $0.99 cents right now!
Thank you all for your support–stay safe out there!
*= What, you couldn’t cram “synergy“, or “omnichannel marketing” in there too?
P.S: If you are an author and want to check the site to see if your work is being used, please contact me through one of the methods on my contact page, and I will PM you the url.