‘Dating service’ myZamana will infiltrate your Gmail and spam your friends

myZamana

Update: myZamana President and CEO Ashish Kundra has responded to this article. It has been updated with his comments and clarifications.

Here at Digital Trends, we aim to make sure none of you are getting ripped off, scammed, spammed, or taken advantage of by the vast number of cyber-punks who are out there to screw with your life. So when we heard from one reader about a social networking email scam that’s making its way through the Gmail ecosystem, we had to take a look.

A reader writes:

Hello,

I’m a marketing professional who recently naively accepted an email from myZamana that I thought was a legitimate invitation from a work colleague but turned out to be a scam similar to the one you reported on with SchoolFeed. I’ve been doing some homework on myZamana and have found out who the primary investor is etc. Interestingly, even though I never got a peep of a response from myZamana’s ‘customer service’ contact when they started spamming everyone in my gmail contacts, once I contacted this founder, I immediately heard back from them. I wanted to see if any of your other readers have complained about myZamana because what they are doing is fraudulent and I’m hoping to put a stop to them!

Thanks,

Heidi

You’re not alone, Heidi. A number of Gmail users have reported the same problem with myZamana over the past few months. Let’s take a closer look.

The culprit

MyZamana bills itself is described as “an online Indian dating service with modern ideas and methodologies” by Crunchbase. Founded in 2008, the company is based in Boston, MA, and is run by its president and CEO Ashish Kundra, according to its business profile on Bloomberg Businessweek. A search on WhoIs turns up little — the site has a private registration through 1&1, a Web hosting company. As of this writing, the site claims to have 6,556,957 users.

A quick perusal through the site, however, suggests that very few (read: any) people have ever used the social network on purpose, let alone for “dating.” Once you create a profile, you are greeted by a lame “Hot or Not” rip-off functionality, which immediately screams “SPAM!”

If you go to click on a “user’s” photos, the site automatically prompts you to upload photos of yourself, or — even better! — connect with the site via Facebook, and your pictures will simply be imported into myZamana. Please, don’t ever do this.

if you get an email from myzamana trash it pay

Now, if you try to actually connect with any of the people in those pictures, a pop-up window then informs you that, actually, you have to cough up between $10 and $35 for access to the website. All it needs is your credit card information and BAM, sweet lovin’ will be comin’ in your way. (Not.)

If you’re still not convinced about the risks involved with myZamana, I suggest you check out its privacy policy, which is full of little gems like this:

“Under certain circumstances, third parties may unlawfully intercept or access transmissions or private communications, or members may abuse or misuse your information that they collect from our Websites. Accordingly, although we use industry standard practices to protect your privacy, we do not promise, and you should not expect, that your personally identifiable information or private communications will always remain private.”

Yikes… Update: In an email, myZamana President and CEO Ashish Kundra expressed to me that highlighting this single section of the privacy policy is “a bit unfair.” And I agree — the very top of the myZamana privacy policy states that, “With regard to your information, you own all of it and we will not share or sell it to any third-party.”

“Let me be clear — we do not sell or rent any information,” wrote Kundra. “We keep our users’ private information private, bottom line.” This is good policy, and I was wrong to leave it out. See more of Kundra’s response below.

The problem

The problem with myZamana is not the site itself as much as it is the company’s email-hijacking practices, mentioned by Heidi. Here’s what happens: You receive an email that appears to be from someone you know — that’s the name listed as the sender. Inside, a message reads, “[Your friend] has sent you a message.” Below that is a green, hyperlinked button that says “Read Message.” You are told to fill out a user profile first, then you’ll be able to see the message.

This is a classic phishing scam tactic, and one of which many users these days are aware. However, because the myZamana email appears to have been from someone you know, it at least seems legit. It’s not.

What happens next is the worst part of the whole thing, and is the reason Heidi emailed us. By clicking the link and signing up for the site, you have effectively given myZamana access to your Gmail contacts list. From there, the company apparently spams your entire contact list with emails that appear to have come from you. And if anyone you’ve emailed with does the same, the problem starts all over again, for eternity.

gmail-authorization

The solution

If this happens to you, this is what you need to do: Change your Gmail password. (See instructions for doing so here.) We haven’t seen any evidence that myZamana accesses your Gmail login credentials. But given then sketchy nature of the site, prudence is highly recommended.

The most likely problem here is that by signing up for myZamana, you added the site to your list of approved sites in Gmail, which would give it access to your contact list. To revoke its access, sign in to Gmail, then click your profile picture in the top-right corner of the window. Click Account, then Security (left column), then Edit button “Authorized Applications and Sites.” Find myZamana, click “revoke access,” and you should be rid of this pesky site for good.

We have contacted myZamana about this story, but have not yet heard back. We will update this space with their response if we do.

Update: myZamana responds

Soon after publication of this article, myZamana President and CEO Ashish Kundra emailed me with a few points that he believes were initially misrepresented here. “First,” he wrote, “myZamana is not a dating service, it’s a social network (the Crunchbase description was not written by us).” He adds that myZamana “initially launched as a traditional dating site,” but the company has “since evolved the site a great deal.” Given myZamana’s look, features, and functionality, I fail to see how it is anything other than a dating site. But if Kundra wants to describe it as a “social network,” so be it.

Further, Kundra says that myZamana has “a lot of active users that really enjoy using the site,” but that this “may not be immediately evident to users outside of Asia,” where, he says, the majority of active myZamana users reside.

Finally, he says that myZamana uses a “freemium” model, and that it is possible to use the site without paying to do so. He says that I “could have messaged those users for free without paying! ([I] didn’t hit the daily limit for free accounts).” In fact, I wasn’t able to message a single person, though I admit that it’s possible I overlooked some functionality.

As for the issue of myZamana accessing users’ Gmail contact lists, and sending out emails using those users’ names — which, as I explained above, is the only real problem with myZamana — Kundra had no response. I have asked him for clarification on this, and will update with any response I receive.

Social Media

Periscope tool adds guests to feeds so streamers can become talk show hosts

Periscope users can now invite viewers to chime into the conversation with more than just the comment tool. By enabling the option to add guests, livestreamers can add guests to the conversation, in audio format only.
Gaming

Having issues with your PS4? Check out our solutions to its most common problems

Just because the PlayStation 4 is a remarkable system doesn't mean that it's immune to the occasional hiccup. Thankfully, we've vetted some of the bigger PS4 problems and found solutions for whatever might ail you.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Gaming

Having problems with your Xbox One console? We have the solutions

The Xbox One has evolved over the years, but so have its problems. Thankfully, we have solutions for some of the console's most enduring problems, whether you're experiencing issues with connectivity or your discs.
Computing

Windows updates shouldn't cause problems, but if they do, here's how to fix them

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.
Photography

Crouching, climbing, and creeping, the perfect Instagram shot knows no bounds

Just how far will you go for the perfect Instagram? A recent survey shows just how willing Instagram users -- and Instagram husbands -- are to climb, lie down, embarrass themselves or let their food go cold for the perfect shot.
Social Media

Facebook’s long-promised ‘unsend’ feature arrives. Here’s how to use it

Send a message to the wrong person? Messenger now gives you 10 minutes to take it back. After an update beginning to roll out today, users can now retract messages if they act within the first 10 minutes after sending the message.
Social Media

YouTube boss admits even her own kids gave the ‘Rewind’ video a thumbs down

YouTube's 2018 Rewind video went down like a lead balloon at the end of last year, becoming the most disliked video in its history. And now YouTube's CEO has admitted that even her own kids thought it was pretty darn awful.
Social Media

Snapchat finally recovers from its redesign — so here comes an Android update

Snapchat's drop in users after launching a controversial redesign has finally stagnated. During the fourth quarter and 2018 earnings report, Snapchat shared that the company is rolling out an Android update designed to increase performance.
Social Media

Skype’s new ‘blur background’ feature could help keep you from blushing

Skype's latest feature for desktop lets you blur your background during video calls. The idea is that it keeps you as the focus instead of distracting others with whatever embarrassing things you might have on show behind you.
Social Media

Twitter users are declining but more people are seeing ads every day

Twitter's end-of-the-year report for 2018 is a mix of good and bad news. The good news is that more users are seeing adds daily, the metric the company will focus on moving forward. But the bad news is that monthly active users are…
Web

Switch up your Reddit routine with these interesting, inspiring, and zany subs

So you've just joined the wonderful world of Reddit and want to explore it. With so many subreddits, however, navigating the "front page of the internet" can be daunting. Here are some of the best subreddits to get you started.
Computing

YouTube beats Apple, Netflix as the most trusted brand by millennials

The popular video sharing website YouTube climbed up in an annual Mblm study, moving up from third place in 2018 and coming ahead of both Apple and Netflix in final 2019 rankings. 
Social Media

LinkedIn finally gets around to launching its own live video tool

Live video is coming to LinkedIn for businesses and individuals on the site. The livestreaming feature is launching in beta in the U.S. before rolling out to the entire community.