Blog Archives
Image Hotlinking
Image Hotlink in Spam E-mail
Some “kind person” decided to generate lots of traffic to one of my websites yesterday, and used an image hosted on the website server in a spam e-mail, resulting in over 500 hits on the image file in four hours. After redirecting and blocking hotlinks to images there were another 600 hits on the hotlink redirect notification page Broken Image Links for a total of more than 1100 hits in twenty-four hours, and then changed to display a copy of the image on the right.
Hits from the spam mail reached a peak between 1:45 pm and 2:15 pm this afternoon (March 27) with more than 1400 hits before stabilisng at around 100 /hour. The peak probably co-incided with workers checking their mail after lunch.
Spammer Asks For Help
Markhproperty@aol.com Requests Spamming Help
This must be the most ridiculous help request I have ever received via this blog. Note the items I marked-up in bold.
I need your service for the following: I have a big problem. A whole bunch of sites have come across a massive problem. Over the past 4 days I have been uploading 10 sites per day. The sites that I loaded up 3 days ago have started to disappear from their positions. I am just cautious that I don’t want to keep uploading sites if they are not going to stick:
One example site is: Vodafone Contact Number.co.uk – this site was uploaded on the 20th November, and the URL was added to Google on the same day. On the 21st November in came straight in on Page 1 – Position 8. ( only 1 day later) Then today 24th November it has disappeared. I put it down to the Google dance (does that still happen?) It can’t be the lack of content on the site, because I have another site almost identical, which I did not add the URL to Google (could that be the problem), I just let it index naturally, and had a few backlinks added to it, and that one has stuck big time. The site is http://www.wellknownbanktelephonebanking.co.uk The same goes for this site: http://www.wellknowncouriercontactnumber.co.uk and even http://www.licencecontactnumber.co.uk has crept from page 2 slowly onto the bottom of page 1. They have seriously firmed up, with similar content to the ones that have disappeared.
I really need a plan to make these new sites stick. As it is pointless buying new urls, only to have them disappear 3 days later. I have a roll out target which is 2,000 sites all of which I would want your help on. We just need to find a way for these sites to not come on and then disappear.
We could both earn a lot of money out of this project, just need to get it 100% right from the beginning. I know your probably really busy, but if you could please spend a bit of time looking into this for me, it really will be worth your while. Its a shame you’re not in the UK, otherwise we could have met up.
Kind regards Mark
(edited, abridged, speling corrected and some changes made to mentioned names)
Even the help request shows typical characteristics of a spammer; numerous spelling mistakes, grammatical errors, and of course the motivation to ‘make money’
Read the rest of this entry
More e-mail Problems with MWEB
MWEB and Spam
Today I received a mail from a client of MWEB regarding blocking of e-mail incorrectly identified as spam. Respecting the complainant’s request to remain anonymous, all names and any other identifying terms have been edited or deleted. The complainant found an article on this blog referring to this service provider and e-mail blocking.
Quoting the e-mail received
“This is not an inquiry but I thought it may be of interest after reading the comments on your site regarding Mweb and spam. I ended up on this site after Googling to see if anyone else has experienced my problem which is basically that for the past few weeks, except intermittently, I have been unable to contact my largest and most important supplier in Germany. The reason given is:
“Service unavailable; Client host [196.28.80.38] blocked using ix.dnsbl.manitu.net; Your e-mail service was detected by mx.selfip.biz (NiX Spam) as spamming at Fri, 16 Dec 2011 14:20:53 +0100. Your admin should visit www.dnsbl.manitu.net/lookup.php?value=196.28.80.38
A mail from my supplier’s IT department goes further:
“The problem is, you are using the mail server relay08 which frequently is sending viruses, spam and other malware.
At 14:45 this mail server was blocked by the biggest German malware protection blacklist which we are using.
So the mail to Mrs. P was blocked.Between 14:45 and 16:06 this mail server was removed from the blacklist.
The reason for this was, that the server stopped sending viruses, spam and other malware.
So your Mail to Mrs. K got through.If this server starts again to send viruses, spam and other malware he will be blocked again.
You should have this problem with many contacts which are using such blacklists.
To solve the problem you could switch to a mail relay service which is checking the outgoing mails for viruses, spam and other malware too. Or you can use an own secured mail server.”
I sent all of this to MWEB expressing my disgust at using a service accused of being a spammer, and received the following reply from MWEB:
Fun with Spammers
Spammers are Losers
It has been a while since I mentioned spam commenters… This blog get’s very little these days since restricting commenting to logged-in visitors only. A vast improvement from the days of finding 50 or more spam-bot or manually generated nonsense in the spam folder.
However, some of the blogs I manage for others get these spam comments. The ones I mention are still small, written by occasional bloggers, and I just take care of formatting, graphics, proofreading and admin tasks on behalf of the authors.
Last week I was doing the rounds of these blogs, checking the comments, and found a number of comments which were complimentary, short remarks even relevant to the topic of the posts concerned, but with outgoing links all over the place. I decided to have a bit of fun with the spammers, and approved their comments – after editing!
The net result – the spammers are all-round losers.
Editing the Spam Comments
First off the links had to go… The rule is simple, links from spammers are bad news, even if “nofollowed” – who knows what dangerous malware is on the linked to page. I really do not want visitors to these blogs to click the link (or even copy and paste to their browser) and end up getting their computers infected with a trojan or virus. So the links were deleted entirely.
Graphicline
+Mike Otgaar
Follow Me on Facebook
Follow Me on Twitter
Me on Linked-In
About Me
Intelligent Verbatim
Graphicline RSS
Weird Spam by E-Mail
Mar 31
Posted by Mike
Nonsense Spam
Just when I thought I’d seen it all, I get some really weird spam e-mail from a webform response. Every possible field filed in with a website URL, or nonsense text. And there are lot’s of fields. Stranger still, the mail form responds to a promotion that ended in October last 2011…
Email: wxgokb@ hswhrm.com
First Name: zmcpff
Last Name: zmcpff
Company: zmcpff
Bus Tel: 5283678809
Cell: 2194836070
Post Address L2: http: //thumekeyzrdi.com/
Suburb: http: //thumekeyzrdi.com/
City: New York
Code: 9804
Street Address: http: //thumekeyzrdi.com/
Street Address L2: http: //thumekeyzrdi.com/
Suburb: http: //thumekeyzrdi.com/
City: New York
Code: 9804
Ownership Type: Self Employed (Sole Trader)
Business Sector: Clothing/Textile
Employees: 1-3
Description of Business: Gog0rh <a href=”http: //geqsrfadufdz.com/”>geqsrfadufdz</a>http: //chxxwqcqcloy.com/]chxxwqcqcloy, http: //zadxoljxogol.com/zadxoljxogol, http: //xynmrvbkogwj.com/
Read the rest of this entry →
Posted in Spam
Leave a Comment
Tags: E-mail spam, spam, Spam Comments, Spambot