2 Birds with one stone, all in a days work. 
Back in October, my parents told me they were taking a trip to Boston. They asked me to see if I could find a better rate on hotels in the downtown area. I did a query on Google for Boston Hotels and started perusing the local business listing results. I immediately noticed that the majority of the urls were: http://www.bostonareanightlife.com.
I found it strange that so many hotels in Boston didn’t have their own websites. Clicking through to the site revealed a rehash of the information that was on the Google Business Listing, and it was littered with Adsense ads. It also contained a link to the hotels actual website with an… (you guessed it!) affiliate tracking code!
Upon doing this, I began to find more instances of this being done for other cities in the New England states. I also found more sock puppet accounts being used by the spammer. After viewing the edit histories of these other accounts , I discovered the spammer was doing this in just about every metropolitan city I could find. However, this new scheme was much more deceptive, and is the main reason I am sharing it publicly.
Searching for Atlanta Hotels showed one listing for a Renaissance Hotel with the url: renaissanceluxuryhotels.com. This was another one that had been changed by the blackhat affiliate. I almost didn’t catch it because the url seemed to be appropriate for the listing. The only reason I knew, was due to the changes I had found for Renaissance properties to the New England nightlife sites. The actual url that the spammer entered was: http://www.renaissanceluxuryhotels.com/atlanta.html
HTTP/1.x 301 Moved Permanently
Date: Wed, 10 Dec 2008 00:10:51 GMT
Server: Apache
Location: http://www.kqzyfj.com/click-3120577-10406976?url=http%3A%2F%2Fwww.marriott.com%2Freservations%2FsetAMCookie.mi%3Faff%3DSept07%26AFFNAME%3D%25zp%26mid%3D%252Fhotels%252Ftravel%252Fatlbr-renaissance-atlanta-hotel-downtown%252F&cjsku=848
Wow! A Commission Junction affiliate URL. Each one I found, including the ones on the nightlife websites, had the 3120577 affiliate id in them. I also found 2 other trademark infringing domains being used by the spammer. They were marriotus.com, springhillsuitehotels.com, and they all had the same redirect scheme going on. These sites were listed in just about every city I could find. Seattle, Denver, Atlanta, San Diego, and even here in Charlotte. I was 99% convinced that this was all done by the same person. Luckily they made it easy for me to be absolutely sure.
Doing a whois lookup of the domains in question all revealed the same owner:
http://whois.domaintools.com/marriotus.com
http://whois.domaintools.com/bostonareanightlife.com
http://whois.domaintools.com/renaissanceluxuryhotels.com
http://whois.domaintools.com/springhillsuitehotels.com
http://whois.domaintools.com/vermontnightlife.com
http://whois.domaintools.com/manchnightlife.com
which is one Bill Page!
After spending hours on all those reverts, I decided to check back a few days later. Guess what? Yep, Bill Page decided to change them all back. So for the next week or so, he and I fought an edit war. Late one evening I received the following email from ol’ Bill:
From: New England Nightlife
Email: Contact@NENightlife.com
Subject: Message
Do you make a habit of pretending to be someone you are not?
From what I can tell you are purely interested in keeping Google a clean and organized engine, and I can appreciate that.
We are both SEO Professionals so lets make a deal. Ill stop doing what I am doing and you stop pursuing my affiliate accountsI am not interested in wasting any more time with this, so don’t worry about it
I wasn’t sure what he meant by the first sentence. Maybe it was a threat? Whatever it was, I did not reply. What really blew my mind was the statement, “We are both SEO Professionals“. What? Excuse me? How in the world is stealing revenue from Marriott considered “professional”? Someone’s moral compass obviously got knocked WAY OUT of whack! That made me really angry!
So instead of replying to his email, I thought I would do the opposite of what he asked and drop a line to Marriott’s affiliate manager. I summarized in detail how the scheme worked, and also informed them I had reverted everything back to the proper url.
Over 3 weeks later I get a reply back from the Marriott affiliate manager, who happens to be Lena Huang. Lena stated she had been on vacation and had forwarded the details of my email to the proper departments. She then asked me how I was able to revert the urls in the listings, and why she couldn’t find my name in her list of affiliates.
I decided to be nice and explain in detail how Google Business Listings worked and the hurdles Marriott faced in getting all their listings officially claimed to prevent this type of fraud. I explained that I was not an affiliate, but rather a professional SEM who had a genuine interest in keeping Google’s integrity at a high level. I also informed her that I was a frequent Marriott customer in hopes she might throw a coupon my way for the effort, but no such luck. She replied back with a quick thank you and that it would be handled internally. That’s okay though, I’m still a loyal Marriott customer.
Upon a recent examination, it appears Marriott has gotten things under control. I could not find any instance of an unclaimed Marriott listing. I also want to point out that it appears Mr. Bill was true to his word about stopping what he was doing. I still don’t think he is ”professional”, but at least it’s a step in the right direction.
In conclusion, I’d like all professional SEM’s out there to be vigilant for this kind of thing. I know there are more “good guys” out there than “bad”, and if we all pitch in to stop it… we will be rewarded in the long run.
