I hope we will be around for a while to come, but if Capital One had their way Saverocity would have been removed from the internet within 48hrs of today, simply for discussing them in posts ‘without official approval’.
It is a sad state of affairs when a site like this is threatened with closure for talking about a big bank and share information about the company to its readers, and it is actually rather ironic that the information we have shared to date has been generally quite positive, and we have sent them business based on our recommendations.
Capital One has engaged internet security firm RSA-AFCC to attack sites like this one and uses bully tactics to scare us into submission, interestingly the threats from RSA are so aggressive that Phishing emails have been built around them; they intimidate you so much you hand over the keys to the site, and all your personal information. My email was legitimate it seems, though I ignored it until they went around my back to my hosting company who informed me I had only 48hrs to ‘comply’ before they pulled my site down.
Here’s the email from RSA to me:
RSA, an anti-fraud and security company, is under contract to assist Capital One in preventing or terminating online activity that targets, or may potentially target Capital One’s clients as potential fraud victims.
RSA has been made aware that you appear to be providing Internet Services to a site, which is abusing Capital One’s brand. This site http://saverocity.com/ not only violates Capital One’s copyright, trade marks and other intellectual property rights, but may also become a host to a phishing attack, or other fraudulent scams against Capital One and its clients.
The fraudulent website not only represents a misuse of Capital One’s intellectual property; its purpose is to mislead the Capital One clients. Our experience has shown that such sites become a host of phishing** and other fraudulent scams against the bank clients.
Please take all necessary steps to immediately shut down the fraudulent website, terminate its availability to the Internet and discontinue the transmission of any e-mails associated with this website. We understand that you may not be aware of this improper use of your services and we appreciate your cooperation.
We specifically would ask that you also take the following actions (if relevant or possible):
- Please provide us with a tar/zip file of the source code for this site, so that we may analyze it to help prevent further attacks.
- If any customer data has been captured that is stored on your systems or equipment, please send us that data so that the customers to whom that data relates can be notified and take steps to protect their credit.
- Please provide a copy of any records you maintain that indicate the name, contact information, method of payment or similar information that may be useful in helping learn the identity and location of the customer for whom the website has been operated.
Thank you for your cooperation to prevent and terminate this fraudulent activity.
**”Phishing” is an e-mail scam that attempts to trick consumers into revealing personal information—such as their credit or debit account numbers, checking account information, Social Security numbers, or banking account passwords—through fake Web sites or in a reply e-mail. As described in the letter above, the fake web-site through which the fraudster is attempting to collect Capital One’s customer data is under your responsibility.
This is, of course, complete and utter bollocks. It is a generic email designed to cause fear. I ignored it as such, but when forwarded onto my hosting provider the legal team emailed me; they said that once a case has been opened there is nothing they can do to stop it, and the only way I could keep Saverocity up and running was:
- Remove all images related to Capital One
- Remove all reference to the words Capital One
In other words, RSA sent me out a threatening email, accusing me falsely of acting fraudulently, and unless I delete every post that references Capital One my website will be pulled down by my host in order to protect them from any copyright infringement. I argued with the host that this was just not right, that it cannot be the case that a news site cannot talk about a company, but they wouldn’t budge through fear of liability. In their words, if I didn’t have an agreement to work with Capital One I couldn’t discuss them on my site.
I did think that this must be a phishing attack from someone claiming to be RSA, but that was irrelevant once the hosting provider decided to believe it, and then I was told I had to get RSA to clear my name in order for the host to keep the site up and running. After calling both the US and the UK offices of RSA I finally managed to get through to a human, we looked through the site together and he mumbled an apology, and all we could find was a photo of the Capital One Venture Card, which we agreed to take down during the call so as to give him something to say ‘case closed’.
Here is the reply from RSA-AFCC within minutes of our call:
Dear Matt and [redacted] team,
The AFCC confirms the removal of the offending contents and has closed the case against saverocity.com.
Matt – thank you for your quick action and cooperation.
The AFCC would like to apologize for the misleading email which announced a fraudulent involvement of the website www.saverocity.com.
The website in discussion did not host, nor hosting fraudulent content against Capital One.
Should you require additional information or have any questions, please contact us at any time.
Case closed, apparently… though the guys at my hosting provider haven’t confirmed receipt of that email (they were CC’d) despite my calling in, and the site could well be pulled down until someone gets off their arse to read it and close the ticket.
I think it is pretty disgusting that a company would come at me so aggressively, with a process that threatens the site, and that they demanded my source code, and any personal and private information regarding my readers. They got none of these, and never will. And it makes me think quite seriously about who is the villain here.
- Is Capital One trying to shut down blogs talking about them?
- Is RSA acting under direction of Capital One or is this their normal way of doing business?
- Is my hosting provider acting properly by threatening to pull the site based on the false accusation of RSA?
I like to keep all content here honest, and feel it is unfair that three large companies can conspire to threaten Saverocity based upon an ill thought out system and a spam like email to me. Bully tactics to censor will not prevail, and we will never spam you, phish you, or sell out to censoring ourselves to appease these companies.