Skip to main content

‘Dating service’ myZamana will infiltrate your Gmail and spam your friends

myZamana
Image used with permission by copyright holder

Update: myZamana President and CEO Ashish Kundra has responded to this article. It has been updated with his comments and clarifications.

Here at Digital Trends, we aim to make sure none of you are getting ripped off, scammed, spammed, or taken advantage of by the vast number of cyber-punks who are out there to screw with your life. So when we heard from one reader about a social networking email scam that’s making its way through the Gmail ecosystem, we had to take a look.

A reader writes:

Recommended Videos

Hello,

I’m a marketing professional who recently naively accepted an email from myZamana that I thought was a legitimate invitation from a work colleague but turned out to be a scam similar to the one you reported on with SchoolFeed. I’ve been doing some homework on myZamana and have found out who the primary investor is etc. Interestingly, even though I never got a peep of a response from myZamana’s ‘customer service’ contact when they started spamming everyone in my gmail contacts, once I contacted this founder, I immediately heard back from them. I wanted to see if any of your other readers have complained about myZamana because what they are doing is fraudulent and I’m hoping to put a stop to them!

Thanks,

Heidi

You’re not alone, Heidi. A number of Gmail users have reported the same problem with myZamana over the past few months. Let’s take a closer look.

The culprit

MyZamana bills itself is described as “an online Indian dating service with modern ideas and methodologies” by Crunchbase. Founded in 2008, the company is based in Boston, MA, and is run by its president and CEO Ashish Kundra, according to its business profile on Bloomberg Businessweek. A search on WhoIs turns up little — the site has a private registration through 1&1, a Web hosting company. As of this writing, the site claims to have 6,556,957 users.

A quick perusal through the site, however, suggests that very few (read: any) people have ever used the social network on purpose, let alone for “dating.” Once you create a profile, you are greeted by a lame “Hot or Not” rip-off functionality, which immediately screams “SPAM!”

If you go to click on a “user’s” photos, the site automatically prompts you to upload photos of yourself, or — even better! — connect with the site via Facebook, and your pictures will simply be imported into myZamana. Please, don’t ever do this.

Image used with permission by copyright holder

Now, if you try to actually connect with any of the people in those pictures, a pop-up window then informs you that, actually, you have to cough up between $10 and $35 for access to the website. All it needs is your credit card information and BAM, sweet lovin’ will be comin’ in your way. (Not.)

If you’re still not convinced about the risks involved with myZamana, I suggest you check out its privacy policy, which is full of little gems like this:

“Under certain circumstances, third parties may unlawfully intercept or access transmissions or private communications, or members may abuse or misuse your information that they collect from our Websites. Accordingly, although we use industry standard practices to protect your privacy, we do not promise, and you should not expect, that your personally identifiable information or private communications will always remain private.”

Yikes… Update: In an email, myZamana President and CEO Ashish Kundra expressed to me that highlighting this single section of the privacy policy is “a bit unfair.” And I agree — the very top of the myZamana privacy policy states that, “With regard to your information, you own all of it and we will not share or sell it to any third-party.”

“Let me be clear — we do not sell or rent any information,” wrote Kundra. “We keep our users’ private information private, bottom line.” This is good policy, and I was wrong to leave it out. See more of Kundra’s response below.

The problem

The problem with myZamana is not the site itself as much as it is the company’s email-hijacking practices, mentioned by Heidi. Here’s what happens: You receive an email that appears to be from someone you know — that’s the name listed as the sender. Inside, a message reads, “[Your friend] has sent you a message.” Below that is a green, hyperlinked button that says “Read Message.” You are told to fill out a user profile first, then you’ll be able to see the message.

This is a classic phishing scam tactic, and one of which many users these days are aware. However, because the myZamana email appears to have been from someone you know, it at least seems legit. It’s not.

What happens next is the worst part of the whole thing, and is the reason Heidi emailed us. By clicking the link and signing up for the site, you have effectively given myZamana access to your Gmail contacts list. From there, the company apparently spams your entire contact list with emails that appear to have come from you. And if anyone you’ve emailed with does the same, the problem starts all over again, for eternity.

gmail-authorization
Image used with permission by copyright holder

The solution

If this happens to you, this is what you need to do: Change your Gmail password. (See instructions for doing so here.) We haven’t seen any evidence that myZamana accesses your Gmail login credentials. But given then sketchy nature of the site, prudence is highly recommended.

The most likely problem here is that by signing up for myZamana, you added the site to your list of approved sites in Gmail, which would give it access to your contact list. To revoke its access, sign in to Gmail, then click your profile picture in the top-right corner of the window. Click Account, then Security (left column), then Edit button “Authorized Applications and Sites.” Find myZamana, click “revoke access,” and you should be rid of this pesky site for good.

We have contacted myZamana about this story, but have not yet heard back. We will update this space with their response if we do.

Update: myZamana responds

Soon after publication of this article, myZamana President and CEO Ashish Kundra emailed me with a few points that he believes were initially misrepresented here. “First,” he wrote, “myZamana is not a dating service, it’s a social network (the Crunchbase description was not written by us).” He adds that myZamana “initially launched as a traditional dating site,” but the company has “since evolved the site a great deal.” Given myZamana’s look, features, and functionality, I fail to see how it is anything other than a dating site. But if Kundra wants to describe it as a “social network,” so be it.

Further, Kundra says that myZamana has “a lot of active users that really enjoy using the site,” but that this “may not be immediately evident to users outside of Asia,” where, he says, the majority of active myZamana users reside.

Finally, he says that myZamana uses a “freemium” model, and that it is possible to use the site without paying to do so. He says that I “could have messaged those users for free without paying! ([I] didn’t hit the daily limit for free accounts).” In fact, I wasn’t able to message a single person, though I admit that it’s possible I overlooked some functionality.

As for the issue of myZamana accessing users’ Gmail contact lists, and sending out emails using those users’ names — which, as I explained above, is the only real problem with myZamana — Kundra had no response. I have asked him for clarification on this, and will update with any response I receive.

Andrew Couts
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Bluesky finally adds a feature many had been waiting for
A blue sky with clouds.

Bluesky has been making a lot of progress in recent months by simplifying the process to sign up while at the same time rolling out a steady stream of new features.

As part of those continuing efforts, the social media app has just announced that users can now send direct messages (DMs).

Read more
Reddit just achieved something for the first time in its 20-year history
The Reddit logo.

Reddit’s on a roll. The social media platform has just turned a profit for the first time in its 20-year history, and now boasts a record 97.2 million daily active users, marking a year-over-year increase of 47%. A few times during the quarter, the figure topped 100 million, which Reddit CEO and co-founder Steve Huffman said in a letter to shareholders had been a “long-standing milestone” for the site.

The company, which went public in March, announced the news in its third-quarter earnings results on Tuesday.

Read more
Worried about the TikTok ban? This is how it might look on your phone
TikTok splash screen on an Android phone.

The US Supreme Court has decided to uphold a law that would see TikTok banned in the country on January 19. Now, the platform has issued an official statement, confirming that it will indeed shut down unless it gets some emergency relief from the outgoing president.

“Unless the Biden Administration immediately provides a definitive statement to satisfy the most critical service providers assuring non-enforcement, unfortunately TikTok will be forced to go dark on January 19,” said the company soon after the court’s verdict.
So, what does going dark mean?
So, far, there is no official statement on what exactly TikTok means by “going dark.” There is a lot of speculation out there on how exactly the app or website will look once TikTok shutters in the US.

Read more