Starting April this year we have been dealing with an increasingly antagonistic individual who calls himself Neep. He initially contacted us about the fake popups displayed by our affiliates. Despite us promptly cutting all affiliates off Neep released a number of disparaging and misleading posts and youtube videos, demanded that we pay him 500 euros as his “bug bounty”, provided phone numbers in the forums that were encouraging harassment of employees of a call centre that provided support to our customers, and lately went out of his way to spread negative reviews about our software and even harass a reviewer of our software. While we appreciate the work of scambaiters in general, we feel that Neep’s actions towards our company were misguided to put it mildly. Since we have exhausted all avenues of resolving this peacefully, we have given the instructions to file a police report in Germany as well as chronicle our experience here. We believe that transparency in this matter is important.
How It All Started
In March 2020 our website traffic blew up. This seemed like exciting news at first. Naively, we thought that this was due to people switching to telecommuting and needing our software to maintain their home computers.
As it turned out, the spike was due to at least a couple of sub-affiliates creating misleading landing pages designed to make people think that their computers were infected. Neep was one of the people who informed us of these fake ads.
Or rather he first produced a YouTube video posted on March, 29 where he accused Outbyte of using these popups. The email came through to us on April, 7.
NeeP Scambaiting neepx0@gmail.com
Apr, 7 at 0:05 am
Hi Auslogics/Outbyte team,
nice to meet you and I really hope you fix your software & your affiliates ASAP. From the conversation, I can tell though that the misconception is that affiliates are the only problem however I also identified problems with the Outbyte landing pages itself.
…
As these were sub-affiliates (i.e. they are affiliates of our affiliates) there was no way for us to find out who that was. So we had to shut down all affiliates who were not 100% transparent with their traffic sources, banners and landing pages. Here’s our reply to Neep:
Apr, 9 at 2:53 pm
Hi NeeP,
It’s nice to e-meet you, too.
Thank you for highlighting these issues. A couple of our large competitors were banned from affiliate networks last month. When it happened, their affiliates switched their traffic to Outbyte. At first we thought this increase in traffic was a result of people staying at home due to COVID. However, it turned out to be due to these scam affiliates.
The way the whole web advertising operates is we work with affiliate networks. They, in turn, contract individual affiliates that actually drive the traffic. Networks do not want us to see who their affiliates are for the fear that we’ll work with them directly. The flip side is that we don’t really know the affiliates that drive traffic or what landing pages or banners they use.
Long story short, as soon as we were made aware of this, we started switching those affiliates off. As of yesterday, we have stopped working with all “black box” affiliates networks. We have also started reviewing our own landing pages and, embarrassingly, have found a few non-compliant ones (pretty much the ones you have highlighted). We have already taken them down.
In regards to your questions. Yes, Auslogics and Outbyte are simply separate brands of the same company. The call centre we contract works exclusively with our company and we (and occasionally AppEsteem) monitor their work religiously. You are more than welcome to call them up pretending to be a customer to see them in action.
We thank everyone who brought these issues to our attention so we could take appropriate actions right away.
Notice that rogue affiliates are quick to switch software as they were suddenly promoting such brands as Norton or McAfee. In fact Neep himself wrote about this:
https://twitter.com/NeePscambaiting/status/1255139782427938819
https://twitter.com/NeePscambaiting/status/1254750368740839425
This is what the popups leading to Norton looked like:
While our own popups were not in use (they were used a few years prior in split tests) and we did not agree with Neep that they were misleading, we decided to remove them as well.
NeeP Wanting 500 EUR
Neep emailed us on the same day. This time he was asking for 500 EUR as a bug bounty:
neepx0@gmail.com
Apr, 9 at 1:39 pm…
these affiliates highlighted in the landing page URLs, are these individual affiliates or networks?
Also yeah, it’s pretty embarrassing when you claim to be clean and yet your own landing pages look like the scam popups themselves. I’m not sure who inside the company, web dev or marketing did that but I’m sure there will be also some consequences for that person.
I have found more issues with your software and I’m offering you to work with me in order to clean up your software and unethical practices even more. I’ll be sharing more details of my research which helps you to get compliant with AppEsteem and generally with good practices. My bug bounty fee would be 500€ one-time fee.
Please let me know if you’d be interested.
We politely declined that offer. Now, we would have absolutely no problem paying had Neep approached us and simply negotiated rather than producing negative reviews and then confronting us asking for the payment.
Apr, 10 at 9:06 pm
Hi NeeP,
The links you’ve provided are the affiliate networks that we used to work with, but already stopped collaboration with all of them due to the absolute lack of transparency on their part.
Regarding your kind offer, we really appreciate it, but we’re actively engaged with AppEsteem specifically for that purpose.
We want to thank you once again for bringing these issues to our attention so we could address them right away.
This time we continued with the cleanup of our affiliates. However, on April, 18 he sent us yet another email part of which read:
Apr, 18 at 10:04 pm
…
Again, I want to give you the opportunity to give your side to the whole story before I will release a video and more publications about the whole ongoings. I think as a reputation manager that will be interesting for you. Engage with me in a live-streamed call where you would have the opportunity to display your side of the story. I think that’s a fair offer.
If I don’t hear from you on Monday I’ll assume you decline my offer and I’ll continue with my proceedings.
Following this threat he didn’t waste much time and on April, 21 he posted another negative video review:
https://www.youtube.com/watch?v=oV3UScMigGo
By this time he also searched for and posted phone numbers of the call centre we employed to serve our customers. The numbers were posted on the website encouraging its community to call and harass our call centre employees.
In his emails Neep mentioned that he had more information to share so we decided to take him up on his offer if he had more information, however it turned out that he simply published everything in his negative reviews:
Apr, 22 at 8:39 pm
…
Regarding ” If your research found more issues that may need to be addressed, we’re willing to take up your offer and pay 500 euros for your finding”
Yes, I found a bunch of CRITICAL issues that I’ve published in my latest YouTube video which I see you’ve already seen. Please watch it in its entirety so you & your technical team can analyze the issues found by me and get back to me with a detailed report of how that can be possible. I think you also owe that answer to your business partners as well as AppEsteem whose reputation your company is also damaging. I think all the information inside the video is well worth the bug bounty since I also gave some hints where to start with your analysis.
Another concern we had was that once you pay someone who’s posted negative reviews and then demanded payment, we would be on the hook to keep paying to stave off further bad publicity.
Neep Calling PC Repair Out
In the video and his subsequent posts he claimed that PC Repair (note the name of the product) is “the worst antivirus ever”.
What would even make him think that?
Apparently he found that PC Repair detected a number of files (such as fonts, and his copy of NordVPN) and did not detect a number of viruses he had on his VM.
We explained to Neep shortly after that:
- PC Repair doesn’t claim to be an antivirus
- NordVPN detection was a false positive and we fixed that
- Fonts detected were also a false positive and we fixed that
- PC Repair performs a quick scan so it may have missed the actual viruses
For example, here’s what we replied to NeeP on May, 15:
May, 15 at 12:08 pm
Dear NeeP,
Thank you for your letter.
Please note that PCRepair is not a complete antivirus solution or was ever intended to be a fully functional antivirus. It does a quick scan only since our customers want to speed up/fix their PCs rather than install yet another app that’s heavy on resources.
As to font issue, it is not related to Avira. Our team uses automated tools to analyze everything that malware/PUP programs install on a virtual computer (e.g. executables, libraries) and adds them to the list of malware items that may need to be removed. We then remove harmless items such as common libraries from this list. Fonts should have been removed from our database, but they were not.
We’re already aware of these issues and the next release, which is in works right now, will have them addressed and resolved.
Thank you,
Neep did not think that our explanation was enough and continued pushing his view. He replies on the same day and switches to threats:
May, 15 at 5:52 pm
…
If your software offers antivirus functionality it needs to be there. Legally speaking (Germany), I could sue if a product is offered with some specific feature but it actually doesn’t have it. It’s both a criminal offense (fraud) and a civil case (deceptive/misleading advertising) which could result in big legal problems for Auslogics as well as customers being eligible for a full refund.
…
In your email of 22nd April with everyone on cc, you said you’d take me up on that offer to pay me 500 Euros for my findings. How will we go forward with that? Should I send you an invoice so that your accounting department has all the necessary paperwork? Which payment methods do you support?
When his email was ignored, he followed it up with another threat on May, 25:
NeeP Scambaiting neepx0@gmail.com
May, 25 at 9:23 pm
…
this is a friendly reminder about my previous email. What about the promised bug bounty of 500 Euros? I don’t think it will be good for your company if you break your promise.
Best Regards,
NeeP
And again on June, 2:
NeeP Scambaiting neepx0@gmail.com
June, 2 at 2:49 pm
…
I hope we can solve this issue peacefully as I’m currently evaluating legal options in this case. The agreement from both sides is there and legally binding and I have fulfilled on my part. I hope you do the same.
In case anyone’s wondering, no, saying that we’ll take someone up on their offer does not constitute a legally binding agreement (this was verified with a lawyer). Just like saying “I’m going to buy this fridge” to a salesperson doesn’t mean you now have to buy it and she has the right to threaten you with “legal options”.
Outbyte Engaging Lawyers
At this point it was obvious that he wasn’t planning to let this go and we decided to contact a few lawyers in Germany (where Neep is located). Surprisingly every single law firm we spoke to recommended that we file a police report.
Now this would be the cheapest and easiest option but we wanted to give Neep the benefit of the doubt. Most scambaiters are doing the right thing by keeping companies (and particularly call centres in India) accountable. So contrary to the advice, we decided that instead we would pay Neep, but have him sign an agreement to ensure that the current situation would not repeat itself.
Such an agreement would cost us about 2000 EUR and it would only be valid when both parties are known. So before investing in drafting this agreement we asked Neep to provide his details (such as name, address and phone number). A couple of emails later he stated that his name was Ben Mayer, provided his address in Germany, but declined to disclose his phone number in Germany and instead offered a US number.
Upon checking that number, we discovered that it was linked to a number of recently reported scam attempts:
https://800notes.com/Phone.aspx/1-616-294-9417
https://www.whycall.me/616.html
We suspected that the details he provided were fake so we discussed the matter with our lawyers who ran a check on the address. As expected, they found that there is no record of Ben Mayer at that address:
The Last Straw
PC Repair has recently been positively reviewed on a YouTube channel. Neep has left a comment under every single positive comment in that video claiming that our product is a fake antivirus suggesting that people watch his videos instead (his comments have since been removed). He also went on to call out the reviewer on twitter.
Yesterday we also discovered that Neep also posted his video on reddit in r/antivirus and r/malware.
He continues to leave negative comments on YouTube like this one:
He made sure that his negative reviews appear on multiple websites:
https://twitter.com/neepscambaiting?lang=en
https://krposts.com/block/qTQnJ_Wk0PAzWCOHMfefDQ
https://invidio.us/channel/Glumanda94
https://invidio.us/channel/UCqTQnJ_Wk0PAzWCOHMfefDQ/community
https://www.reddit.com/r/Malware/
We can only guess at the motivation of this individual. Outbyte has been prompt in mitigating the original issue by blocking all non-transparent affiliates. Security scan issues were fixed as soon as they were reported. Outbyte even agreed to pay the ‘bug bounty’ had Neep provided his details. Frankly we couldn’t understand the reason NeeP is so set on disparaging the company as well harassing anyone involved. As a result, it was decided yesterday that we would instruct the law firm to file a police report in Germany.
Who Is Neep?
The short answer is we don’t know.
Here’s what we know. He is from Germany and he’s probably 26. He’s been known on the Internet under aliases Neep, NeepX, Neep94, Glumanda94, and (fake) names Adrian Fischer and Ben Mayer.
Who We Are
We have seen Neep attempting to mislead people about our company, see his post below.
We wanted to clarify this here. Outbyte is a brand under Auslogics Labs Pty Ltd which has a registered office in Australia. This can be easily verified via ASIC website.
We have a few administrative and management staff here in Sydney. We have a global team of software and web developers, QA, copywriters, and others who telecommute from the Philippines, Ukraine, Russia, Spain, US, China and other locations.
The company is small with just about 60 people but it makes it possible for us to get together for a bit of fun and co-working.
We sincerely hope that this post clears any questions regarding Neep’s role in continuous attacks on Outbyte. If you would like to contact us regarding Neep or contribute to this article please do not hesitate to email us at legal [at] outbyte.com.
P.S. Considering everything that’s happened, we wanted to get this post out as soon as possible. We apologise if there are any mistakes here and will be updating this post in the coming days.
Update 20/07/2020
A report has been filed with the Australian Federal Police today. We are still working with the lawyers in Germany to file a report there.
Update 30/07/2020
To better understand PC Repair please see our latest article.