Nigel's notes

Random thoughts on the world of kink

More notes on a scam

scams / September 29, 2016 /

It’s no great surprise that, once again, I received a message on Recon from someone saying they were looking for a sub, and telling me to email them. This time, Recon were pretty quick – by the time I saw the message, the profile had already been deleted. Nevertheless, I decided to follow up on my previous adventures in working out a scam, and see if this one was the same.

Surprise, surprise, things went in much the same way – though “Benjamin Porter” wasn’t forthcoming with any info, even though I mentioned in my very first message that I couldn’t see his profile on Recon. First off, a reminder to any novices, this should be pretty much a massive warning sign. Even though he knew that I couldn’t have seen his photos, or where he was, he volunteered no information about himself, and he didn’t ask for anything much from me, beyond this:

So what bdsm stuff have you done before?Have you been serving a master before?

Whereabouts are you?

I gave a very brief reply, listing a few activities and we got straight to you are here now to submit yourself to obey me and to be my? ?slave servant..? and train under my dominance skill?

Then, without really asking anything more about me – not even age, body type, fantasies, any health issues – all the sorts of things someone really serious about this might be interested in finding out, especially when they’ve just got an email out of the blue, I got a list of five guidelines:

1. A submissive’s place is to honor his Master
2. A submissive’s place is to obey his Master
3. A submissive’s purpose is to serve his Master
4. A submissive’s pleasure is in accepting Guidance and Discipline
5. A submissive’s joy is to please his Master

Now, there’s nothing wrong with those per-se, but BDSM works both ways, and if you’re going to trust someone with your body, it’s nice to know a bit about them – and what they see their role as. There’s not much information coming from this guy that couldn’t be simply copied and pasted.

Of course, as before, the real thing is a couple more messages in, when I’m asked to create my ‘slave profile’ and sent a link to the site on which to do it.

First of the  that I require for your training would you be to create a bdsm slave profile as a tribute and as a sign of your loyalty and surrender to me make it here

<<<+ Master Community Page +>>>

then make it as detailed as possible as it will be used by Master for your training and sessions with Me slave

Use SlaveNgletz5Sle as your profile name so i will tag it on your passes.
After making a profile, upgrade your account. Choose 1 month only then uncheck the small box below it then proceed. After upgrading your profile, you will receive an official confirmation number in order for you to redeem the passes and benefits.

After that, i will give you a reward, the reward that i know you would be happy on it.

The message is pretty similar to the one from the last guy to try this on. Though not word for word identical, the same “Master Community Page” text, and as before, the link contains an affiliate ID, and the PPS reference, to indicate that it’s a Pay Per Signup referral – in other words, if I do follow his instructions, he’s going to get $50 once I pay.

The only difference is that this time, the page I’m sent to is GayDateLink, rather than MyBSDMDatelink, though both sites are part of the same network, with the same affiliate scheme, run by Datelink Networks.

There was one small thing that piqued my interest – that request that I “uncheck the small box below it” on the upgrade page. So, this time I decided that, since I’ve already worked out what the scam is, I’d take a closer look at the site itself, to find out what that checkbox is, why I’m being asked to untick it, and just what sort of site it is.

Signing up to GayDateLink

First things first. You can’t do much at all until you’ve verified your email on the site, where my profile name is “sentByAScammer.” The verification email is the first sign that this is, perhaps, not the best run site in the world. Take a look:

The verification email contains my password, in plain text

The verification email contains my password, in plain text

Just in case you can’t read that, the email contains my password for the site, in plain text. Now, it’s possible that this is stored during signup, to include in the email, and then securely encrypted in the database, but it’s still not good – email can be intercepted, and anyone with access to your mailbox can find the password.

Still, I carried on and created my profile. There are lots of options, so you can say you’re only looking for people with blue eyes, or who speak certain languages, and so on. And, of course, there’s the usual profile text you can fill in, where I’ve explained that if you joined the site after exchanging a few emails with someone, you’ve been had, and they’ve made $50.

My datelink profile

My datelink profile – a warning to other users

Actually though, I’m not sure how many people will see that – because one thing you quickly discover when you try to explore the site is that you can’t view any profiles at all without paying. This is one of the views when you search for people – I made sure not to include any photos, and actually the majority of profiles don’t have any.

Most profiles don't have photos, and you can't see any details unless you pay, either

Most profiles don’t have photos, and you can’t see any details unless you pay, either

That was one of the results pages for men looking for men, aged 20-55. There were fewer than 200 shown, and only 14 active in the last 24 hours. It doesn’t strike me as a very busy site. Also worth noting is that there are quite a few profiles of people saying they’re subs, some with names in the same format I was asked to make a profile.

That suggests two things – one is that, sadly, a lot of people do fall for the scam. The second is that the database of members is shared between the various sites – I would expect to see lots of “sub” profiles on a BDSM site, but this is just plain old Gay Date Link, so it’s more ususual, hence my feeling it’s a shared database.

Why do I have to untick that box?

Anyway, back to the payment option – which you’ll see if you try to view any profile, or if you simply follow the orders of the person scamming you. This is what it looks like:

Pretty expensive - and even more so if you don't untick that box

Pretty expensive – and even more so if you don’t untick that box

The monthly fee is $29.86, which is pretty high. You can get three months for $49.72 or a year for $99.44 (for the first year, then it’s $118.32). But it was that request to untick the box which had got my interest. And this is the wording next to it:

Yes, please give me a 2 day FREE trial to After two days this trial recurs at thirty-nine dollars ninety-five cents per month thereafter unless cancelled. Any charges will be discretely billed as “RRPSPT” or “”

The box is ticked by default, which means if you don’t untick it, you’re going to get stung for another $39.95 in two days, recurring every month. So, it was kind of “Benjamin Porter” to mention this, I guess. Effectively, if you just tick the basic options and don’t pay attention – as many people are wont to do – then you’ll be forking out $69.81. The site, by the way, appears to be all about girls on cam, so it’s pretty useless for gay guys.

I’ve had a quick look at the registration info for and I can’t see any obvious link between them and Datelink Networks, but that doesn’t mean it won’t exist. It could, alternatively, be a simply business arrangement – much like the affiliate scam that drives people to the dating site – where they’ll get a payment for each person who signs up for the porn, which will go some way to covering the costs that Datelink Networks incurrs through their affiliate scheme. See more about that further down the page.

Whatever, this is just sleazy behaviour, and not the sort of thing you should expect from a reputable dating site.

Look out! Titties!

Here’s another thing you probably don’t expect from “The web’s premier site for men seeking men” :

Yep, that's right. Cam girls. On a gay dating site

Yep, that’s right. Cam girls. On a gay dating site

The top section of the home page – before the members (which themselves includes a percentage of women) is “Online Girls.” That, frankly, suggests that the people behind this site really aren’t serious about it being a “premier” site for gay guys, as far as I’m concerned. They’re interested in making money.

Feeling insecure

Another thing they’re not serious about is security. I already mentioned my unease at getting my password sent to me in clear text. I wanted to find out a bit more about that. So, I changed it on the site, then signed out and used the forgotten password form. You have to enter your username and email address, and the page says they’ll send you your password.

That’s bad practice. Better is to provide a box to reset it, or to email a link (which is what we do on BLUF). What Datelink network does is about the worst possible – they send your password to you via email. So anyone who has access to your email can retrieve your password for this site.

Yes, I really did use "differentPassword" as my password

Yes, I really did use “differentPassword” as my password

This is catastrophically awful. If you’re one of the people who uses the same password on many different sites, that email will reveal the password to anyone who has a couple of minutes with your mailbox. Leave your computer unattended, someone finds out you use a Datelink site, and they can quickly visit, fill in your email address (and username – which might even be helpfully filled in for them by your browser) and hey presto, they get an email with your password in it. Off they go to plunder your bank account.

That’s not the only problem. For them to be able to send your password by email, it means they are storing it in an unencrypted form. When passwords are stored in a database, the usual technique is to encode them, so that someone looking in the database can’t see what they are. Then when a user tries to log in to the site, you encode the password they typed, and see if it matches the encoded information in the database.

There are different ways of doing that, some better than others – if it’s done too simply, it’s not much better than doing nothing. But, doing nothing is absolutely the worst option. If someone were to gain access to the Datelink database, all the passwords for the users are sitting there, in plain view. There’s no effort at all needed to decode them. Given that passwords aren’t protected, it’s very unlikely that email addresses are protected in any way (and it would be most unusual, since you need them for sending notifications, and so on).

So, the Datelink site is not storing your password securely. If you use the same password on any other sites, that is a massive danger, if their server were ever to be compromised (and that could include a rogue employee just looking up someone’s password, for instance).

It’s also worth noting that the site doesn’t use SSL (https), which again is just bad practise, especially for something of a sensitive nature like this. For more about security, read my notes on the recent Yahoo data leak.

Stay well clear!

In summary then, far from being a “premier” site, it’s full of profiles with no photos, it charges a ridiculous amount for membership (without which you can’t even see profiles),  if you don’t opt out, it will set up a recurring subscription for another (straight) porn site, and has cam girls on a supposedly gay site, it operates an affiliate scheme that couldn’t be designed better to encourage abuse, and it’s about as far away from good security practices as it’s possible to get.

Footnote: PornstarPlatinum

The site that you’ll be subscribed to if you don’t untick that box boasts

Pornstar Platinum Network is always growing, so as you fall in love with our girls we will always be adding more.

So, I think we can safely assume there’s not much there that’s going to be of interest to gay men. That in itself makes having this option on the sign up page for a gay site, even if it weren’t pre-ticked, a pretty tacky move. As with many of these, a quick look at the link at the bottom of the page for ‘webmasters’ reveals an affiliate scheme. There are various options, which include one with 60% of the joining fee, plus 50% of the recurring billing.

If Datelink does indeed get 60% of the first $39.95 that you’d be billed if you didn’t untick the box or cancel in two days, they’ll receive $23.97. Add that to the first month’s fee that you’ve paid, and their income as a result of you signing up is $53.83 – which means they can afford to pay out that $50 affiliate fee and still be up $3.83. And if you don’t manage to cancel everything before it rebills, the next month they’ll get your $29.86, plus 50% of the fee from PornstarPlatinum, making $49.83.

Tags : |