Zeek Rewards Exposed: OFAC, DDOS and compliance
As a result of our continuous coverage and analysis of the Zeek Rewards MLM opportunity here at BehindMLM, over the past few months several questions have arisen that to date have remained unanswered.
Today we take you behind the scenes at Zeek Rewards and reveal some of the more pressing issues that have surfaced:
Did OFAC really have anything to do with the recent banning of members? What is behind some of the relationships between well-known figures in the MLM industry and Zeek Rewards, exactly how much fraud are Zeek Rewards dealing with, how do they address it, is the company still vulnerable and if so, why?
Read on as we explore these very questions and more.
Probably the most pressing question regarding Zeek Rewards these past few months has been “why exactly did Zeek Rewards start banning members from various countries?”
For those who missed the original controversy, back in early April Zeek Rewards abruptly enforced a blanket ban on members from several countries, including Serbia, Slovenia, Belarus, Egypt, Croatia and Macedonia.
Initially the reason given for these bans by Zeek Rewards support suggested that international politics were behind the bans:
We do not have total knowledge of what happened. What I do know is that it is something with your countries government policies (not the Serbian people itself), that has required us to not list your country anymore.
Under mounting pressure over the vagueness of this reason, Paul Burks (CEO of Zeek Rewards and Zeekler) then put out a press release explaining that
The United States Government has established an Office of Foreign Assets Control (OFAC) through the US Treasury Department.
This Federal agency maintains a list of “sanctioned countries” (and) under US law it is illegal for a US based individual or company to do business with individuals of companies in those countries.
After I contacted OFAC, they refuted this claim stating that they do “not currently administer comprehensive sanctions programs against the countries listed in your email“.
Since then, to date there has been no official explanation, clarification or explanation as to what exactly happened from Zeek Rewards.
Information recently received by BehindMLM explains in detail what prompted the bans and why they happened:
It had nothing to do with OFAC. For a sustained period of time in Feb the company experienced 85% of all site transactions as fraud out of asia/indonesia.
In January 2012, 1.5 million visa/mastercard numbers were breached by hackers – that means 1.5 million stolen card numbers were being sold for fraud purposes.
Fraud was taking place on Zeekler auctions and through the bid purchases before then (and still is), but not on this kind of scale because there weren’t this many numbers out there in the hands of fraudsters before.
Fraudsters all scrambled to find places where they could cash in on the stolen cards and because of the way Zeekler operates – the business model and technology was easy to exploit for that purpose.
Zeekler probably would have been fine if they had fraud protocols in place so they didn’t identify it immediately and they didn’t have the technical capability.
Visa/Mastercard was taking responsibility for the breech and their zero liability policy protected card holders. Payment gateways that have fraud protocols in place WERE ABLE TO IMMEDIATELY IDENTIFY FRAUD AT THEIR CUSTOMER LEVEL, so the payment gateways cut Zeekler off because of the amount of fraud being processed through the site.
Zeekler had to reduce the fraud to get the payment gateways back. The majority of the fraud was coming out of a select number of countries, so their solution was instead of solving the problem, (to) just block entire countries from transacting on the site.
They compounded the problem by instead of telling the truth, taking responsibility with some of the language Visa/Mastercard provided to corporate customers, or deferring the answer they blamed OFAC, when that failed, they said it was a DDOS attack.
This again compounded the problem because once you publicly say a large site can be downed with DDOS, every amateur hacker in the world wants those bragging rights.
It was also indicated that whilst there are definitely ongoing DDOS issues affecting Zeek’s sites, that my source hadn’t seen anything indicating that these issues existed prior to Zeek announcing the DDOS attacks on their news blog.
How bad were the DDOS attacks? Alberto Mujica (friend of CEO Paul Burks) sent out an email on April 10th detailing the full extent at the time:
Hello Dan, Dawn and Paul,
Attached is a sample list of IP addresses seen attacking Zeek Rewards today.
The offending IP addresses are found to be consuming roughly 2.5Gbs of bandwidth. There are roughly 4000 IPs so far attacking the site.
The list detailed as described about 4000 IPs which were then presumably blocked from accessing Zeek’s online properties. This IP blocking protection, whilst largely ineffectual due to the obvious deployment of botnet swarms, was the primary defense method deployed to deal with the attacks.
So, what started with 1 fire is now 3 and the first fire was never actually put out because blocking ips doesn’t solve the hole in the system that allowed the fraud to begin with.
In the midst of all this – because there was so much fraud on the site and they failed to follow visa’s guidelines handling it, the payment gateways ceased doing business with Zeekler so affiliates couldn’t get paid unless someone manually processed them.
Not being able to use credit cards has been a huge thorn in the side of Zeek Rewards as to date they’ve failed to adequately or sufficiently explain why members cannot use credit cards to perform certain actions within the company.
Furthermore Zeek Rewards has only ever suggested that they themselves made the decision to stop accepting payments from credit cards, rather than acknowledge that they were cut off by payment processors.
In February 2012 Zeek Rewards did admit that hundreds and thousands of dollars of fraud was occuring through the company, but this was after the fact and failed to mention that around this time constituted 85% of all transactions being processed by the company.
Around this time payment delays were starting to be noticed by Zeek Rewards affiliates and shortly thereafter
all hell broke loose… Dawn called in O H Brown to get other payment gateways and in their mind it solved the problem but, again, the root cause was NEVER addressed – the technical infrastructure that allowed for the fraud and the DDOS (still) existed.
Since then Zeek Rewards and Zeekler have been up and down like a yo-yo with the company citing repeatedly that they are either under DDOS attack or are upgrading or maintaining their systems.
This in itself is questionable when you consider that
everything comes down to politics and cronyism. Dawn’s son and Paul used old code from Free Store Club written in ASP (a very old language with distinct limitations and security issues) to start Zeekler. They just modified FSC code to be an affiliate penny auction site and used that db to market it.
Paul (and possibly) Dan (don’t) know modern languages or platforms like .Net, PHP or Ruby on Rails or work with big data solutions like hadoop – and they can’t really get new developers to jump in and fix what’s there right away because the code isn’t documented and they didn’t use SVN so they can’t work in development teams.
Basically, only 1 developer can edit in the entire code base at one time. If they used the proper systems and protocols they could work with a team of 3-5 developers and a big data guy to redevelop the system in a few months.
The code is very old, very insecure, undocumented, never reviewed before pushed live, etc and the database is a complete disaster that has to be optimized before it will ever perform properly – so the site is slow, unstable and almost impossible to secure and control.
They also host out of a single datacenter in Miami on 6 servers that is owned by Paul’s friend Albert. You cannot run a site of their size or traffic at a single datacenter. Their choice of hosting in miami is the reason they were taken down by the DDOS.
They should, like everyone else, host in the cloud on something like Amazon S3 so they can balance server load across multiple data centers in multiple geographic locations and have a dedicated server admin that would manage the bandwidth so they wouldn’t have outages if they have DDOS attacks.
The technical infrastructure is completely inadequate for the traffic and transactions on the site and they KNOW it. But they refuse to do what any other company that expects to be around in 5 years would – redevelop their infrastructure to handle their explosive growth with solid technologies.
They are using ASP code (a very old scripting language) from paul’s previous venture, Free Store Club (i don’t even think he transferred the IP rights on it) and modifying it to be an affiliate penny auction site.
With all the financial success Zeekler and Zeek Rewards claim to be enjoying, why none of the above has been actioned or addressed remains a mystery.
Are Zeek Rewards really exposing their affiliates and entire business operations to ongoing risk and uncertainty due to internal company politics and cronyism?
Moving on, much was made recently of some positive commentary in the Network Marketing Business Journal back in April. Published by Keith Laggos, turns out this wasn’t the glowing independent third-party endorsement many touted it as:
Dawn said she bought $100K worth of prints of NMBJ and Keith’s personal consulting time to review Zeekler for compliancy and in return Zeek gets good play in the mag.
I would not call the coverage in NMBJ anything other than an advertorial it is not journalism – Keith’s name might be on the piece but Dawn wrote most of it.
Peter Mingils is the Executive Vice President of the Association of Network Marketing Professionals (ANMP) and also seems to have a strong relationship with Zeek Rewards:
he is a paid consultant to build out a training system for affiliates – he attends every marketing and training meeting and while I do not know the exact arrangements if there is new work on the table he almost always gets it.
Many questions have been made recently regarding the nature of the relationship between Troy Dooly from MLM Helpdesk and Zeek Rewards. Beginning a few months ago, there was a noticeable shift in attitude in Dooly’s reporting which seemed to stem from nothing more than attendance at a Zeek Rewards VIP Red Carpet Event and talking to Zeek Rewards management.
Troy Dooly is listed as a Committee member over at ANMP and on his involvement in Zeek Rewards my source had this to say:
I believe he was initially critical of Zeekler, but I think it was Keith Laggos that reached out to him and sat down with Dawn and him in Vegas.
Troy and Peter were brought to the table by OH – after they learned that Troy was negative on Zeek, they held a meeting with him in Vegas. He comes to all events and is favorable on the company now.
I do not know if any money is exchanged for consulting or other services but he does attend all the Zeekler events, speaks at events to affiliates on Zeek’s behalf and now gives positive reviews on the company.
Based on the fact that they pay everyone…
The thought was left unfinished at the time but at a later date the source further elaborated:
(Dooly) is now paid. – he comes to all events and is favorable on the company now.
In the past Dooly has denied being paid directly by Zeek Rewards (and I still personally give him the benefit of the doubt) but at the same time has hinted at a possible financial relationship existing between the ANMP and Zeek Rewards:
when a company is willing to have me speak on issues surrounding network marketing to their distributors as a Board Member of the Association of Network Marketing Professionals, then I will gladly do it.
Observing the strong implication of a financial arrangement between the ANMP and Zeek Rewards, I contacted Dooly for further information and received this reply:
None of the companies Rex Venture Capital, Zeekler or Zeek Rewards, or any other company or entity controlled by Paul Burks or anyone else for that matter who might have some form of vested interest in any of the above companies are members or sponsors of the ANMP outside of Dawn & Alex.
Dawn and Alex are paying member. She paid the $50 annual individual membership fee.
That said, I’m still finding it hard to not read between the lines when it comes to the relationship between ANMP executive and committee members and Zeek Rewards but for now I’ll leave it at that.
- O H Brown does videos
- Troy Dooly – general advocate and speaks at events
- Peter Mingils produces affiliate training materials
- Keith Laggos is paid huge sums for the prints and reprints of his mags.
Looking forward, with compliance clearly taking centre stage as Zeek Rewards struggles to avoid being referred to as an investment scheme without actually changing the core of their 90 day ROI business model, I’ll leave you with some parting insight:
Their biggest concern right now is not the tech or fraud but the compliancy course.
The affiliates are continuing to sell the opportunity in a way that seems like a security because honestly – put the penny auction and the mlm thing together and how can it not be construed as such? It’s the easiest way to explain it.
They are investing all this money into compliancy because they already have a number of State’s attorneys sniffing around.
Footnote: In order to protect my source(s) discussion regarding their identity(ies) will not be permitted in the comments below. Members of Zeek Rewards who are able to are wholly encouraged to verify the information published above for its accuracy with the company itself.
I myself have verified the credibility of the source(s) used and am satisfied at the time of publication with the accuracy of the information provided.