tumblr hit counter

Spammers & Blogs, new techniques

Apr 26

One of the things I do everyday is to chek all the comments in the blog, both in the English and the Spanish version. A good blogspamthing is that some time ago we installed the Blog Comment Spam Honeypot, so I don’t have to deal with all the spam. Anyway I use to check it, sometimes you never know what you are going to find there, and the spam filter is not perfect and some non-spam comments could be filtered. Sometimes I’m really worried about this spam, not because I receive a lot (which is true, but thanks to you this is quite a popular blog so I won’t complain ;) ) but because somehow I’m afraid it can be targeted spam. And who bieng targeted by this spam? Me, of course. Don’t you believe it? Well, then take a look at the kind of spam comments I’m getting:

blogspambig

As you can see, this kind of spam is not really smart, and anyone could realize that it is spam and just delete the comment. However, last Friday I met a clever one:

blogspam10aThis is a comment related to the blog post Sex, Lies & Spam, so it makes sense. But there was something wrong with this comment, I knew that. I have read that comment before… in the same blog post, 10 days before this comment arrived, André Silva wrote exactly the same. So spammers are changing their techniques (as usual) to be more successful. The comment has no external links, but the URL that you can add when you write a comment  was the one they were trying to promote. When accessing that URL, you get to an empty WordPress blog, with nothing being advertised and no malicious activity. So maybe they are just performing some tests before go live. That URL was registered on April 17th, 2010. It is hosted in the United States:

blogspam11

It turns out that there are a number of different websites hosted there, some of them are just empty WordPress blogs, and some are clearly spam:

blogspam12

Lessons to be learned:

  1. Install a spam filter for your comments.
  2. Be careful with the new ways the spammers are using to be published in your blog.
  3. If you need some female sex related videos let me know, I’m thinking on modifying our Honeypot to download just certain kind of stuff ;-)

Post to Twitter

  • (5) Comments

Comments

  1. Mike says:

    I’ve noticed this in the last couple of days at a few political blogs – they often repeat messages from the same thread, but with a new author…

    Same effect.

  2. Wow, now they copy comments! Spammers are getting smart, really. They do everything to put their links in a public page…

  3. melina says:

    Copying comments, a brilliant idea… Never seen that, only numerous “That”s great what you wrote” comments… sent by robots with a URL to promote!

  4. Nsaids says:

    Unusually gripping bits, thanks for the work.

Trackbacks

  1. [...] week we published a post about the huge amount of spam we receive in the blog and how the antispam filter we’ve installed [...]

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  • Become a fan!


    Panda Security on Facebook
  • Blogroll

  • Categories