do you ever worry about signing up to a ccbill prog?
 

I have often wondered if anyone has ever set up a fake ccbill affiliate site.

By this it gives you the 3 boxes to sign up to, but they are fake.

instead its a quick way of getting your log in info, which they could change the deatils to there own and thus get all your sales.

you know you are fucking thick yeah ?

I have worried that too. Because the password box is not ******** it actually shows the passwords

This thought has come into my mind too

nope never thought of that, seriously.

but i guess you need to sign and sent the wire details form to change payout details. in ccbill

His point is a very valid concern.

Actually yes, I've worried about that a lot. Every time I hit the submit button, I realize that form could be going to any server, always glad to see it going to ccbill...

They should have a system more like paypal - showing you what server you are on before you enter password.

I am not sure why the 3rd box is your password. Why not make it your email address, or mabe ccbill could provide a seperate password, so you have one to sign up to sites, and a main one to log into your account.

Although I guess if someone can log into my ccbill account and access my info, they are doing better than me, as when I try to log in it goes a real mess.

I do wish they would go back to the old system as that worked.

yes, I have thought of that as well. They allow you to embed the password box on your page and that could easily be changed to fish for passwords.

Definitely. I check the html to make sure it's posting to ccbill's site and there's no JavaScript grabbing my info. Web Developer browser add-on makes it easy to check everything quickly.

I never have any concerns signing up for CCBill. If i don't see their program in my stats, then I would nothing something is wrong.

In this instance he has a decent point, often wondered about this myself

Do this before entering your details:

view source->search "<form"

Then ensure the form posts to a ccbill domain.

I like the nats feature that even when someone gets access to your cpanel, and tries to change email, it sends confirmation email to the originally registered one.

did you watch again criminal minds?

ccbill does this too. I recently changed the email on my profile for verification purposes, and it sent an email to the old one notifying me of the change.

Throw enough shit at a wall and something is bound to stick :2 cents:

Yes. That's why I always look at the source code of the affiliate signup page and disable JavaScript before I join a CCBill program.

I worry about that as well. What I do is have about 10 sites I want to join and then I will change my password to something simple. As soon as I have signed up for all the programs I want I change it back.

I thought everyone used .htaccess redirects on the form post to sniff all the aff details so you could go in and browse their stats to see how much money they make and what other progs that they have that convert well?

Some good points.

Always thought about that, yes.
I guess that's why ccbill forces you to change your password every so often. And you have to email in a form to change whatever payout info.

I worry more about custom affiliate sites that store the username and password in the URL!