Category Archives: Spam

Bork-Edition User Agent

Opera User Agent “Bork-Edition”

bork-edition spam bot iconHave you seen Bork-edition user agent strings? Wondered what browser uses this string? Maybe noticed nearly all traffic to your site with Bork edition in the user agent string is spam and hacking attempts. User agents with Bork-edition are considered by at least one writer among the top 10 spam bots that must be blocked.

There’s several user agents which on first glance look harmless e.g. user agent string Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]

Read the rest of this entry

Advertisements

Weird Spam by E-Mail

Nonsense Spam

Just when I thought I’d seen it all, I get some really weird spam e-mail from a webform response. Every possible field filed in with a website URL, or nonsense text. And there are lot’s of fields. Stranger still, the mail form responds to a promotion that ended in October last 2011…

Email: wxgokb@ hswhrm.com

First Name: zmcpff
Last Name: zmcpff
Company: zmcpff

Bus Tel: 5283678809
Cell: 2194836070

Post Address L2: http: //thumekeyzrdi.com/
Suburb: http: //thumekeyzrdi.com/
City: New York
Code: 9804

Street Address: http: //thumekeyzrdi.com/
Street Address L2: http: //thumekeyzrdi.com/
Suburb: http: //thumekeyzrdi.com/
City: New York
Code: 9804

Ownership Type:  Self Employed (Sole Trader)
Business Sector:  Clothing/Textile

Employees: 1-3

Description of Business: Gog0rh <a href=”http: //geqsrfadufdz.com/”>geqsrfadufdz</a>http: //chxxwqcqcloy.com/]chxxwqcqcloy, http: //zadxoljxogol.com/zadxoljxogol, http: //xynmrvbkogwj.com/

Read the rest of this entry

Trackback Spam

A Rising Trend – Trackback or Pingback Spam

What is Trackback Spam? Trackback spam is a way for spammers to garner backlinks from your posts to their website. I categorise trackback spam into several groups. Firstly, false trackback spam. Then we find the obscured related article link. Finally mass trackback spam.

False Trackback Spam

trackback spam diagram
Image from Rice University – Computer Security Lab

This is the most insidious, and unethical of the three groups. False trackback spam is when a spammer creates a list of related article links, publishes the post, so a ping is sent to your blog resulting in a trackback (or pingback) that the spammer hopes will get published, either automatically if moderation is not in place, or by a blogger thinking, “how nice of this person to link to my post”.

After the ping has been sent, the spammer then REMOVES the links to your article… This is a trackback spam method I see more often lately.

Obscured Links

Read the rest of this entry

Spammer Asks For Help

Markhproperty@aol.com Requests Spamming Help

This must be the most ridiculous help request I have ever received via this blog. Note the items I marked-up in bold.

I need your service for the following: I have a big problem. A whole bunch of sites have come across a massive problem. Over the past 4 days I have been uploading 10 sites per day. The sites that I loaded up 3 days ago have started to disappear from their positions. I am just cautious that I don’t want to keep uploading sites if they are not going to stick:

One example site is: Vodafone Contact Number.co.uk – this site was uploaded on the 20th November, and the URL was added to Google on the same day. On the 21st November in came straight in on Page 1 – Position 8. ( only 1 day later) Then today 24th November it has disappeared. I put it down to the Google dance (does that still happen?) It can’t be the lack of content on the site, because I have another site almost identical, which I did not add the URL to Google (could that be the problem), I just let it index naturally, and had a few backlinks added to it, and that one has stuck big time. The site is http://www.wellknownbanktelephonebanking.co.uk The same goes for this site: http://www.wellknowncouriercontactnumber.co.uk and even http://www.licencecontactnumber.co.uk has crept from page 2 slowly onto the bottom of page 1. They have seriously firmed up, with similar content to the ones that have disappeared.

I really need a plan to make these new sites stick. As it is pointless buying new urls, only to have them disappear 3 days later. I have a roll out target which is 2,000 sites all of which I would want your help on. We just need to find a way for these sites to not come on and then disappear.

We could both earn a lot of money out of this project, just need to get it 100% right from the beginning. I know your probably really busy, but if you could please spend a bit of time looking into this for me, it really will be worth your while. Its a shame you’re not in the UK, otherwise we could have met up.

Kind regards Mark

(edited, abridged, speling corrected and some changes made to mentioned names)

Even the help request shows typical characteristics of a spammer; numerous spelling mistakes, grammatical errors, and of course the motivation to ‘make money’

Read the rest of this entry

Congratulations to WordPress Anti-Spam Team

Well done, you guys are really on the ball today. Another outbreak of SEO tagged spam from JASA SEO was started, within one hour the WordPress.com Anti-Spam Team had begun suspending these blogs.

Having a quick look at Readomatic, the spammers are still active, with the last post from them at 19h42 (GMT). The most common blog name being used is similar to “mydiarydumenvps25” – except the numbers are being changed. They are also using other Indonesian sounding names, most with numbers attached.

Jasa SEO Again!

What a pity there is no way for the WordPress Team to block all posts where the term ‘Jasa SEO’ is used (including this post – rather that than the spam!). Of course this would be unfair to bloggers posting articles condemning this company…

This is the second time in 3 weeks this company has hit WordPress.com with this kind of spamming, the previous occasion was short lived as most of their ‘splogs‘ were suspended within three hours.

Spammers Hitting WordPress Again

Jasa SEO is a Black Hat SEO Company

All website owners looking for SEO services are advised to avoid Indonesian based Jasa SEO. They are actively practicing ‘black hat SEO’ techniques which can get your website downgraded or even banned from Google’s search results.

The operation uses multiple web addresses (URLS) which I am not going to provide here; a simple Google search for Jasa SEO will expose these URLS.

This black hat operation is also using blog spam to generate backlinks and leads to the websites run by their unethical low quality business.

Jasa SEO is a low quality operation; the content used in these spam blogs is so poorly written, full of outrageous spelling and grammar errors, that Google will not rank the content. If this is an indication of the type of service they offer to their customers, anyone paying for their services is getting ripped-off.

Jasa SEO Spammers Target WordPress.com

Today this black hat spam company embarked on a multi faceted attack on WordPress.com, creating multiple blogs using several sets of duplicated content. Their posts were tagged SEO and possible other related tags. In less than 90 minutes the spammers produced posts from spam blogs listed in the graphic below: Read the rest of this entry

More on Spam Comments

Support for Spam Commenting

Spam is not to smile aboutSome people actually defend spam commenting!

 Why would anyone support spam commenting. There are only two reasons I can think of.

  1. The supporter is so desperate for attention they get a sense of satisfaction from receiving any comment, even if it is just pure spam. Possible I suppose.
  2. More likely the supporter of spam comments is a spammer. Obviously someone who spends their time generating spam, possibly even creating spambots and botnets, is not going to oppose spam comments. They want bloggers and web site owners to allow spam comments. That’s where they derive their income from.

Stop Spam Commenting

This is my opinion. Stop spam by any technical means possible. If that means preventing public (unregistered) commenting, critical moderation of comments, using CAPTCHA tools, feel free to do it (unless of course one wants to publish irrelevant spam comments on their articles).

Personally, I have no objection to signing in to one of my accounts, either WordPress.com, Facebook, Twitter, OpenID, creating a new account with the site, or filling in a CAPTCHA challenge – if I have something I think may be worth saying in a comment.

Connect with Facebook Twitter and WordPressIn a similar vein, I have no objection allowing Twitter or Facebook to connect my accounts with WordPress.com – if I did not trust WordPress.com I would not blog on this platform. I have come across the objection from someone who doesn’t see why they should use their Twitter or Facebook account to login in order to comment and thereby ‘letting me post articles to their account’ This is pure nonsense. Connecting with WordPress.com does not connect my blog with their profile. A statement saying ‘I do not want Joe Soap to post in my name’ simply indicates the remark comes from someone with little real world understanding of web things, suffers paranoid delusions, or who has possible ulterior motives – Freedom to Spam perhaps?

I have allowed the connection with WordPress.com to my Twitter accounts and Facebook – and I am yet to see any post to my wall, or a tweet from someone other than myself appearing as ‘coming from me’ or indeed in the timeline from anyone I do not follow on Twitter or a friend on Facebook. Maybe I will one day…

The idea that commenting using WordPress.com, Facebook or Twitter automatically allows someone to post or tweet using their identity is utter nonsense – unless it’s a malware app, in which case there are ways to deal with it. Internet security is always a concern. Exactly why spam should be blocked.

Use of CAPTCHA challenges Read the rest of this entry

SPAMMING FOOL: “Stevie the Spammer”

Spam cartoon

Spam, we all get it

E-mail ads for useless unwanted items, medication which is neither needed nor legal to buy online, requests to ‘help me get money’ invest in your country’ (although those are usually phishing attempts to get your bank details (with PIN and password) so your account can be emptied, brainless comments on your web site or blog….

This last one reminds me of a particularly sorry spammer, calling himself “stevie@pleasenospam.net”… Poor Stevie (what adult uses the diminutive form “ie” of his name) spends his time making inane comments on blogs and websites, but lacks the courage to use a real e-mail address. do a domain search for ‘pleasenospam.net’ – the domain doesn’t exist!  Using A false e-mail address, well, anyone can do it… so you’re not even being particularly clever…

Come on “Stevie” if you have something to say, make it a 2 way conversation.  You may even get over your extreme loneliness and insecurities.

Or perhaps “Stevie” just get his kicks from spamming others….

Dealing with spam: We will be bringing a full article on this subject with examples in the near future

Mike Otgaar