A couple of weeks ago, I commented on a post that Judd Bagley, chief Overstock.com (NASDAQ:OSTK) stalker and “Deep Capture reporter” made on the InvestorVillage message board for Overstock. He stated there: “…my first master stroke was getting a tracking cookie placed on the laptop computer of Dan Schoenherr…”
I thought it might be important to revisit the cyberstalking and spyware tactics used by Judd, with a little help from Scipio Africanus, a blogger who did much to expose dirty tactics used by supporters of Overstock.com.
Some history on Judd Bagley and Overstock.com: Judd Bagley is responsible for a site called AntiSocialMedia, which has a history of posts about critics of Overstock and its CEO, Patrick Byrne. Those posts have historically focused on the harassment and intimidation of those critics.
Although Patrick Byrne initially denied any knowledge of the person behind AntiSocialMedia, the relationship between Byrne and Bagley can be traced back to at least November 2005.Sometime on or before August 24, 2006, Bagley was hired by Overstock.com, and he eventually became the “Director of Communications.” Bagley’s authorship of AntiSocialMedia was exposed in January 2007 by Roddy Boyd, writing at the time for the New York Post.
Judd has specialized in getting his hands on the IP addresses of Overstock.com critics through very questionable means. For the less technically inclined, an IP address is to computers what a telephone number is to a telephone. Some people have fixed IP addresses, which are the same each and every time they get onto the internet. Others have IP addresses which change from time-to-time (sometimes each time they access the internet). So in that regard, IP addresses differ from telephone numbers, but they can be used to track the activity of people online. Each time you access a website, there is a record that your IP address visited there.
Whenever someone visits my website, I have the opportunity to see what their IP address is. That’s a legitimate way to get an IP address. When you visit my site, you may also receive a “cookie,” which is a bit of technology that will allow me to see when you come back to my site and might alert me to that fact.
Here’s where the use of technology to harvest IP addresses and get people to accept a cookie gets very sketchy: When someone secretly embeds something in a third party website without permission from the site owner or the people who will be accessing that site.
Judd Bagley has done this more than once on message boards related to Overstock.com. He added a hidden graphic to posts he made on those boards, and anyone who even looked at those posts had unknowingly been giving Judd their IP address and often accepting a cookie from him. Because these things were done on sites not owned by Bagley, users had no reason to believe he was accessing their IP address information or accepting cookies from him.
This message on the InvestorVillage stock message board exposes the fact that someone put one of tese hidden images in a private message made through that site:
PM message includes hidden image link for tracking IP addresses
Sent: 1/8/2007 11:22:29 AM
Subject: wrong link
I think you put the wrong link up on the SCOX thing. That link didn’t say what you said it would.<br><img src=”http://am1.activemeter.com/webtracker/track.html? method=track&pid=26393&java=0″>; <br>StockFoo
The part of the message that starts “img src” is actually the hidden code that is meant to track the online activity of the person who looks at the message. The person can’t actually see that code when they read the message. She or he has to look at the source code behind the message to realize what has happened.
The tracking code wasn’t just inserted into message board posts and private messages on message boards. They have also been inserted into emails, often using false names and false pretenses to get the recipient to open them (and therefore get the tracking code onto their computer). If the recipient forwards that email, the tracking code also ends up on the computer of the person who received it.
Bagley’s favorite service to use this little “technique” is called ActiveMeter, and he’s also used hidden images hosted on servers owned by Provo Labs, a private company that he worked for in early 2006.
He’s bragged on more than one occasion about doing this, saying:
“The cool thing I figured out was using ActiveMeter on remote sites. Maybe its been done before (In fact, I’m sure it must have) but this iteration was developed independently by me and you have no idea the insights it has yielded.”
The reason why this is so insidious? He’s essentially stealing information about traffic from a third party site (like InvestorVillage) without anyone’s knowledge or permission.
The key word is “remote” site. In other words, he’s stealing traffic data from a 3rd party site without anyone’s knowledge.
Judd Bagley even tried to shut up a critic of Overstock by trying to blackmail him. He sent Scipio Africanus an email, saying he knew his real identity and would tell the world who he was and where he lived if he didn’t stop writing about Overstock.com. Bagley Evren Karpak (paid shill for Overstock.com and Patrick Byrne, and person working in concert with Byrne and Bagley) repeated the threat on a Yahoo message board:
You call? Very simple, then. Respond to this message and violate the condition ASM has set on not revealing what he has. Make your denial.
And then Bagley did proceed to publish the information on Scipio Africanus. Similar tactics have been used against other critics of Overstock.com, and to this day, Bagley, Byrne and Company continue to try to intimidate critics of Overstalk.