Ashley Madison Reputation Disaster Poised To Expand With 500+ Domains Registered

In: Online Reputation Management - ORM

28 Sep 2015
by Chris Silver Smith

In my recent article, I predicted that the worst was far from over for Ashley Madison users whose personal information was exposed by the massive hacking. Indeed, our research has now uncovered that over 500 domain names have been registered, indicating that the next stage of this reputation apocalypse is about to happen.

Ashley Madison Domain Names

As I wrote in my earlier article, many (or most) of the victims have had a tissue-thin degree of protection since the data has thus far mostly been contained behind search forms. In order to find out if an individual was an Ashley Madison user, you would have had to find one of the sites that enabled the data to be searchable, and you’d need to search with the user’s email address (assuming they used their actual email on the site when they created an account). Unless a user was a celebrity or used the email of an organization that is investigating members, it’s possible no one has noticed they were associated with the site. However, I predicted that there’s an extremely high likelihood that this data will be further publicised such that individuals might become even more publicly exposed when their names are searched-for in Google and other search engines. (Read “For Ashley Madison Users, What’s Next? Reputation Apocalypse, Phase 2”.)

Celebrities and public figures have already been outed in many cases. News organizations across the world downloaded the data from file-sharing servers on the Darknet, and diligently searched for celebrities, politicians and prominent figures, and often reported upon those for the sake of attracting more viewers/readers, derived from prurient interest.

Organizations, like the military, federal and local governments, and even many large companies also downloaded the data to investigate individuals linked by their organization emails to the data. There are likely many resignations, firings, or warnings that came to Ashley Madison users due to this.

I would also hazard a guess that all Ashley Madison user emails were likely spammed by extortion demands. Criminals also downloaded the data and are using it to send out customized emails threatening to further disclose information about the individuals. (By the way, if you are a victim of the hacking, I urge you *not* to give in to the blackmail demands. In most cases, these are likely bluffs — it’s very cheap to send out email notes, and much more expensive to mail out printed copies of the evidence to individual’s home addresses. Further, you’ll likely be dealing with not one but many multiple blackmailers, so this cannot be contained. Due to this, as a strategist I must tell you that the best tactic will be for you to voluntarily disclose to people around you that you are listed in the site’s data, and by doing this you will take the power out of the secret, and remove all leverage that extortion demands might have over you.)

Many marketers have downloaded the data as well, and I heard enough different ones state that they were planning to send out marketing emails to the individuals. I have seen some of these notes, so I suspect those involved have received quite a number of notes, such as from counselors, divorce attorneys, and reputation-repair companies similar to my agency. (This is one reason I recommended to victims that they ditch the email addresses they used with the hacked site.)

Despite these various rounds of public and private outings of the adultery site users, I know that there are many who have not become exposed as of yet. They may be hoping that they have somehow slipped below the radar screen of those who know them, but I seriously believe this is premature, because there are huge incentives to many unethical people to deliver up the data on individual profile pages that would be exposed on the internet and would become crawlable by the major search engines.

To research whether my deductions are accurate, I have looked into domain names registered since the hacked data was leaked in order to see how many of them might be connected to the Ashley Madison scandal. What I’ve discovered was shocking even to me, although it supports my prediction that the data will almost inevitably become far more public-facing and will be published on websites overtly, rather than merely remaining obscured behind search forms.

Here is what we found: over 500 domains have been registered that contain the letter sequence, “ashleymadison” or “ashley-madison”! A number of these were registered prior to the hacking scandal, so we filtered further to find that 337 of them were registered after news of the hacking began to break. Note: this is very likely an undercount on our part, since there could be additional domain names that misspell “Ashley Madison” or which don’t overtly use the name at all, such as “FindTheCheatersHere.com” (I just made that up — I don’t know of specific examples of these potential domains. (Download the full list here.)

One can conjecture that at least some of these are intended to become the addresses for informational websites that will provide information about the outed members of Ashley Madison. Will all of them keep this data obscure behind search forms? Most probably not, and the reason is simple: web referral traffic. The first sites that publish the data well, in a format optimized for search engines, will get larger amounts of traffic. As they receive more clickthroughs from Google, more traffic, and as people mention them in social media and link to them, they will receive higher rankings. And, if you have millions of pages, rather than a single search form page, your pages will match up with a great many more keyword searches.

Very simply put, the websites that generate individual profile pages featuring each of the outed members of Ashley Madison will get more exposure, more marketshare because of the exposure, and hence, more business that translates into money — whether that money is through offering assistance to victims, extorting victims by demanding money to take pages offline, or through advertising.

Here are some highlights of our analysis and findings from the hundreds of domains:

  • Many domains appear to be oriented towards individuals that want to find out if their spouses were members included in the data. These would be the sites of highest concern for risk of further publicizing the sensitive data, although any one of the types of sites we found could intend to pursue expanded data publication as we predicted. Examples: ismyspouseonashleymadison.com, aretheyonashleymadison.com, ashleymadisonsearch.com, isheonashleymadison.com, weretheyonashleymadison.com, listashleymadison.com, ashleymadisonslist.com, ashleymadisoncheaterslist.com, ashleymadisoncheck.com, ashleymadisonchecker.com, ashleymadisonlookup.com, ashleymadisonnamesearch.com, searchashleymadison.com
  • Some domains appear related to divorce attorney services. Example: ashleymadisondivorce.com
  • Some domains appear related to efforts for Christian proselytizing of the victims. Example: ashleymadisongrace.com, graceforashleymadison.com
  • Some domains appear related to counselors offering services to Ashley Madison victims. Examples: ashleymadisonmarriagecounseling.com, ashleymadisoncounselors.com, ashleymadisonsyndrome.com, ashleymadisonhelpme.org
  • Some domains appear geared towards collecting angry Ashley Madison members, perhaps to organize class action lawsuits. Examples: fuckyouashleymadison.com, fuckashleymadison.com, ashleymadisonclassactionlawsuit.com, ashleymadisonlitigation.com, sueashleymadison.com, ashleymadisonrevenge.com, ashleymadisonprivacybreachclassaction.com, ashleymadisoncheaterslawyer.com, lawsuitashleymadison.com, ashleymadisonlegal.com, ashleymadisonclassaction.info
  • Some domains appear related to other online reputation management specialists. (If you’re an outed Ashley Madison member, and you go to a webpage that publicly divulges your membership info and that also contains advertisements that offer reputation repair services, avoid that provider! I consider it to be a very unethical conflict of interest to be actively damaging individuals’ reputations with one hand, while taking fees to repair their reputations with the other hand. I’ve unfortunately run across online reputation management agencies that do this type of thing.) Examples: ashleymadisonreputationrepair.com, ashleymadisonreputationmonitoring.com, ashleymadisonexcuses.com, ashleymadisonremoval.info, ashleymadisondamagecontrol.com, ashleymadison-repair.com, ashleymadisonadvisers.com
  • Some of the domains are almost certainly registered by mere domain name speculators who are hoping to sell the names to someone who might wish to use them. When major newsworthy events emerge, it’s very common for domain name speculators to register addresses in anticipation of increased interest in associated keyword topics. But, we can see from the registration information that all these hundreds of domains were set up by many individuals — not just a handful of domain speculators.

When I wrote my earlier article, I received some emails and comments suggesting that my predictions were overblown, on the basis that any website that publishes the data would be doing so based upon very indefensible legal footing. I agree that it’s legally quite dicey to use the data — either for email marketing purposes or for publication on webpages. But, those who are either naive or optimistic about people’s ethics do not have the same background experience of those of us who work daily in online reputation management. People intentionally publish illegally-gained and defamatory material all the time. In fact, I’ve seen extremely devious individuals set up hosting of illegal websites via offshore internet service provider companies where they cannot be reached by our Canadian and United States’ legal systems. Sure, if it’s hosted in the US or Canada, we likely could compel the website operator and hosting company to remove it. But, even if it’s hosted domestically, if a site posts pages about you, you’ll still be damaged in the short term when the site goes live, and it can be costly and require months to bring a legal process to make a website go offline.

It all boils down to this: the sheer numbers of domains that have been registered involving the topic of Ashley Madison is so huge that it indicates a very high level of risk that what I earlier predicted will likely come to pass. It’s only a matter of time before an enterprising website developer finally launches all the hacked data straight out into the open. This reputation cataclysm is not over by a longshot.

19 Responses to Ashley Madison Reputation Disaster Poised To Expand With 500+ Domains Registered

Avatar

James Marks

September 28th, 2015 at 10:36 am

Majority of those sites were shut down… because… it’s illegal. Also, many of the sites were sued and are settling out of court for monetary settlements. See here: http://www.forbes.com/sites/lisabrownlee/2015/09/25/ashley-madison-settlement-reached-public-apology-to-victims/.

You can see one such site here: adulterysearch.com.

I know you saw the dollar signs Mr. Smith, but when it comes down to it, you’re an ambulance chaser trying to scare people into buying your service.

Avatar

Chris Silver Smith

September 28th, 2015 at 12:56 pm

Yes, if you’d actually read my post above you’d see that I answered your contention. Indeed, it’s illegal, but:

“those who are either naive or optimistic about people’s ethics do not have the same background experience of those of us who work daily in online reputation management. People intentionally publish illegally-gained and defamatory material all the time. In fact, I’ve seen extremely devious individuals set up hosting of illegal websites via offshore internet service provider companies where they cannot be reached by our Canadian and United States’ legal systems. Sure, if it’s hosted in the US or Canada, we likely could compel the website operator and hosting company to remove it.”

Simply put: it’s laughable to say that these users are not vulnerable to further exposure because you believe that nobody will do anything illegal. Even if they have legal protection, that can’t actually stop damage from occurring beforehand. I’ve dealt in cases every day where illegal material is posted online — and, illegal disclosure of private data has already happened with all of the Ashley Madison users.

As for “ambulance chaser”… LOL! Truly, not so. I’ve written a number of articles on how individuals should proactively manage their online reputations to be better insulated against damaging materials, and I’ve provided how-to tips for doing that. Do you also criticize doctors when they warn that people should watch for the danger signs for heart attacks?

Avatar

Andrew P

September 28th, 2015 at 12:56 pm

Too bad the only people who care about AM lists at this point are the people on them and the people trying to cash in on the misery of others ie you. Story is dead.

Avatar

Thomas Katz

September 28th, 2015 at 1:18 pm

The author of this blog reveals through his writing that he knows nothing of European personal privacy protection laws. If you’re interested in Online Reputation Management, you can do better elsewhere.

Avatar

Chris Silver Smith

September 28th, 2015 at 1:33 pm

Looks like this article struck a nerve and I’m being trolled a bit now.

Where exactly did I say anything about Europe in this article?

I did mention “offshore”, but that doesn’t mean Europe.

In fact, I was expert witness in a ground-breaking court case in Europe where an individual sued Google to compel them to assist them with their online reputation. I’m versed in European laws as well as U.S.

Avatar

James Marks

September 28th, 2015 at 3:09 pm

Would a respected heart doctor explain the risks of heart attacks with words like “cataclysm” or “apocalypse?”

Avatar

Chris Silver Smith

September 28th, 2015 at 3:25 pm

LMGTFY:

http://www.drjohnm.org/2011/05/cw-whats-better-for-predicting-heart-disease-a-ct-scanner-or-a-timex/

http://getbetterhealth.com/stop-watches-may-be-better-than-ct-scans-at-predicting-heart-disease/2011.06.02

So, the answer is, yes, they would. In fact, downplaying real risks that have devastating effects would be irresponsible.

Are you trying to say that having a webpage ranking for your name that describes you as a betrayer/liar/adulterer would *not* be cataclysmic for a great many people?

I mean, there have already been individuals that apparently committed suicide, sparked by the prospect of imminent disclosure…

Avatar

fha lung

September 28th, 2015 at 3:50 pm

Dear Mr. Smith,

I do agree with the sentiments that the others have shared about you fear mongering with this article.

You also failed to mention that a good majority of the domains that you list are registered and redirected to an existing ALM website and are not new. My team of security experts and I have spent time reviewing your list and have determined many are most likely non-threatening to the attack on the ALM users.

You do mention that you point to “useful” information about how to proactively manage reputations, but you forgot to include that in your article.

If you’re trying to reach many people, it would be good if you offered a solution in the article, even if it is the selling of your services. How can you as a professional help take down the risk for the many people affected by this.

thanks,
Fha Lung

Avatar

Chris Silver Smith

September 28th, 2015 at 7:20 pm

I stated that 337 of the domains were registered following the hacking news — it’s not at all unusual for sites to have alias domains and misspellings redirected to the original account. So, I didn’t “fail to mention” in the sense you’re alluding-to — that simply isn’t at all important compared to the bulk of these URLs that are not Avid Life Media company-owned aliases.

I linked-to my earlier article regarding Ashley Madison above, and do-it-yourselfers could easily branch out from there to see my other articles, as well as clicking through to the other Online Reputation Management articles in my sidebar here.

Clearly I have a different level of risk assessment going on with this case than some of you. But, it seems extraordinarily irresponsible from my point of view for anyone to be advising that “the risk is low” at this point, when you compare with the relative ease of creating materials to insulate yourself some from having defamatory materials ranking highly for your name search.

I’ve written before about how people have the mistaken notion that they’re better protected online, by avoiding engaging with internet media. (See The Sharp Disconnect Between Privacy & Protecting Your Internet Reputation)

Ashley Madison victims that wish to DIY proactively can do so by following tips I wrote in this article: 9 Key Points for Cleaning Up Your Online Reputation Nightmare Via SEO.

Those of you who are casting aspersions by suggesting that I’m “fear-mongering” for the sake of personal gain are off-base, because you’re unfamiliar with my background and history. I’ve campaigned search engines and internet companies to try to make things better for defamation victims — if they followed my suggestions it would reduce the potential billable hours for reputation specialists like myself. (See Why Google, Bing, Facebook, Twitter & Others Should Collaborate: A Proposition For An Online Reputation Issues Clearinghouse) I’ve also campaigned aggressively to help persuade search engines to take a more aggressive stance against Revenge Porn. And, I’ve faced-down Google in a UK court case regarding reputation rights for defamation victims — something some SEO experts in my industry would avoid doing, since it could have directly negative repercussions against one’s business. (See: Google Settles UK “Defamation” Suit, Agreeing To Remove Malicious Links)

I don’t do Online Reputation work merely to make a buck, but because I believe in helping folks that have dire problems. It is this that motivates me to warn those outed in the Ashley Madison scandal that they should prepare for the possibility of more open exposure to come, rather than sit idly by. It is fairly straightforward to do proactive online reputation management, and harder to offset bad stuff after it becomes established in ranking for a name.

Avatar

Stone Cutter

September 28th, 2015 at 7:24 pm

I think it is the masonic icon you’re using that struck a nerve. Secret Society and all that nonsense. The Simpsons satirized you with great success long ago.

Avatar

Chris Silver Smith

September 28th, 2015 at 7:30 pm

Thanks for mentioning that — I’m not masonic — I used the Gravatar for a joke some years ago and had great difficulty getting it to update. I’ve now gotten that fixed.

Avatar

Michael Paulson

September 28th, 2015 at 7:34 pm

I’m an information security expert. If criminal websites appear “overseas”, everyone is at risk. We all should hope that the criminal sites are secure. Otherwise, someone with the right skill set could use SQL injection to add your name and address to the AM database.

Avatar

Chris Silver Smith

September 28th, 2015 at 8:01 pm

I’m really not sure what you mean — websites hosted overseas are not always subject to the same laws we have here, and even when they are, it can be prohibitively more costly and time consuming to deal with. So, if you’re trying to enforce a legal takedown of content, it’s frankly not always feasible.

Search engines crawl websites whether they are hosted overseas or not, and display the content widely. While Google will nicely remove content when you have a legal takedown order, obtaining that court order can, again, be costly. They’re not required to take it down at all — they will with a court order because Google is a bit nicer about this. Microsoft’s Bing currently will not remove it — stating that you should get the originating site to remove it.

Avatar

Doc Holliday

September 29th, 2015 at 11:37 am

A website tha forgoes a simple search form and sets up multiple pages would be a grand expense. I doubt a group would do that. Sites are being taken down very easily. I dont see the incentives. Blackmailers would not out individuals as that would close off their loop. Social media has very clear TOS about harassment, abuse, etc. so i dont think it would last long. HR people are instructed to not use this data for employment reasons. But let’s say, I believe your other assumptions about the apocalypse, what’s the exact timeline? Interest is starting to wane. If people are in it for the money, that loop is starting to close very quickly.

Avatar

Chris Silver Smith

September 29th, 2015 at 3:17 pm

Doc Holliday, the messy data released by the hackers would indeed require some work to try to fix and set up in a good database — I think that is really the big impediment at the moment, and it’s not necessarily easy. But, once that data is untangled, it’s extremely easy to set up a website — very low-barrier-to-entry. People launch database-driven website all the time. It would probably be even more effective if it was banged up against other databases to further identify real names behind email addresses, or display multiple individual’s names associated with street addresses.

As to what sorts of business models such folks might use for this — I can think of a variety. But, the simplest might be a straightforward extortion format that is similar to sites we see and deal with every day that display arrest records, mugshots, and complaints. “We’re just displaying this data that’s out there. If you want it taken down, you’ll need to pay us to go to the trouble of removing it, or deindexing it from search engines.”

A good comparison might be RipOffReport.com – one of the most-reviled defamation-facilitating sites on the net.

As for timeline, this is not at all dependent upon current media-feeding-frenzy interest. If it was set up to grab some fast money on displaying ads, then, yes, it’d need to have launched already. But, a defamation/extortion play can set up its pages and get them indexing, and as people notice they’ve got a problem appearing when their names are searched-upon, that’s when such a site could then begin profiting from publication.

Social media sites do indeed have TOS against harassment — but, that stops nothing! Try taking down harassment from Tumblr, for instance, or Twitter. You need court orders, and even then it can sometimes be challenging since they require you to also explicitly list every URL, including the shares/reshares/retweets/etc.

Avatar

James Marks

September 29th, 2015 at 11:18 pm

Out of the millions of articles about heart disease, you did find one that used the word cataclysm – nice work. But it described an actual function of the heart, not wording used by the doctor to scare readers to protect their heart.

Avatar

Chris Silver Smith

September 29th, 2015 at 11:30 pm

James, let’s not play the semantics game further. From my POV, your criticism is tantamount to somebody complaining that the National Weather Service is being overly dramatic when warning of an imminent hurricane.

You’re welcome to stay put and take no action, but the people whose homes are in the path of potential destruction may decide this is a risk they want to prepare-for.

Undertaking a proactive online reputation development effort is not necessarily difficult, and it’s a good idea to do even if you didn’t have this sort of thing hanging over your head — so, I don’t see a huge downside for being prepared in this instance, versus the costs of abrupt exposure.

Avatar

Robert Zimmerman

September 30th, 2015 at 12:56 am

Chris –

This statement is very inaccurate: “the messy data released by the hackers would indeed require some work to try to fix and set up in a good database — I think that is really the big impediment at the moment, and it’s not necessarily easy.”

There were sites up within 24 hours of the released torrent, because it’s not rocket science. I am a SQL developer and I’ve seen the data. It’s not that difficult at all to load into a database, correlate it and put up a rudimentary website.

I don’t disagree with all of your hypotheses, but I do think a lot of your basis for your catastrophe scenario are bad arguments (i.e. number of domains registered). In the comments, you actually point out some more realistic scenarios. There very well may be a few bad actors we have to contend with in the long run, but I think the short term gold rush is basically over.

What Michael Paulson was implying is that any of these fly by night sitets, whether onshore or offshore, will likely be vulnerable to attack by hackers. It’s highly unlikely they will have the proper defenses against a skilled hacker – most (all) corporations don’t, and they have teams of people working on it. I can imagine that out of 37 million folks, there are some skilled hackers, who have a strong incentive to destoy such a site. They could hack in and wipe out all the data and html pages, leave themselves a backdoor, thus forcing a site to start all over again at a new host – assuming they’ve properly backed everything up to begin with.

This whole AM hack is unprecedented. It can’t be compared to The Fappening or other defamation issues, because of the sheer volume of people that will fight to keep the data suppressed.

Avatar

Doc Holliday

September 30th, 2015 at 1:50 am

“As to what sorts of business models such folks might use for this — I can think of a variety. But, the simplest might be a straightforward extortion format that is similar to sites we see and deal with every day that display arrest records, mugshots, and complaints. “We’re just displaying this data that’s out there. If you want it taken down, you’ll need to pay us to go to the trouble of removing it, or deindexing it from search engines.”

I agree with you on this point. It’s already happened on a small scale. And yet every time I hear about at website or see a google ad for the site, it disappears. I don’t see anything on the surface web. I don’t expect to see alot of sites with pages optimized for search. Google usually is very good about not indexing sites especially if they are potentially breaking the law. AM data is not the type of public record you would find in a site like Spokeo or it’s ilk because those vendors use official public records and are heavily regulated. AM data is different. And until the courts decide that it is legal to distribute this data, most people won’t touch it. Besides there are european citizens caught up in the database bringing into play the US-EU safe harbor provisions. Interested in your thoughts.

About [Ag] Search Blog

Research, thoughts, commentary about Internet Marketing, SEO, Social Media, Online Reputation Management, and SEO Expert Witness Service. Provided by Argent Media.

Photostream

  • Chris Silver Smith: Good point about Gawker being a muckraking site in of itself. But there are a number of others who [...]
  • Rob M: Referencing Gawker for character assassination isn't so helpful since they were sued into oblivion b [...]
  • Chris Silver Smith: Don - it might be more motivating, sure, but my argument remains the same: someone shouldn't be vili [...]
  • Don: It would help your argument if you could say the Got News claims are totally false. [...]
  • 10 domain name secrets to repair your online reputation: […] Naturally, you could include all sorts of things — your street address, city, state, [...]

Chris Silver Smith at SMX West