Friday, July 21, 2006
Forum Spam Lists
I hate signing up to forums. There are a number of sites I visit regularly and read their forums, but never sign up even if I have something useful to say. I hate giving out my email address, even throw away addresses because then I still have to remember what I used and the password.
I am also always a bit worried about the site selling members' email addresses or accidently letting them leak. Well it looks like the latter has recently been happening with Invision Power Boards though it is certainly only the latest to be compromised.
I first heard about this at one of those forums I read but don't sign up for, someone noticed they were getting spam at a site specific address used only at that forum. He isn't the only one.
At Neowin, a hacker setup the site to download some Windows exploits when visited with IE. It was that malfomed .WMF file exploit from a while back which would only hit unpatched Windows system, but surely there are still plenty of those.
It seems Invision already has a fix for this, but of course no one keeps up on security patches. They also have a new version that includes this fix and now has a virus scanner built in.
I am also always a bit worried about the site selling members' email addresses or accidently letting them leak. Well it looks like the latter has recently been happening with Invision Power Boards though it is certainly only the latest to be compromised.
I first heard about this at one of those forums I read but don't sign up for, someone noticed they were getting spam at a site specific address used only at that forum. He isn't the only one.
At Neowin, a hacker setup the site to download some Windows exploits when visited with IE. It was that malfomed .WMF file exploit from a while back which would only hit unpatched Windows system, but surely there are still plenty of those.
It seems Invision already has a fix for this, but of course no one keeps up on security patches. They also have a new version that includes this fix and now has a virus scanner built in.
Monday, July 10, 2006
Disney Spam
Today I found someone upset that Disney.com referrer spammed him. If true, that would be very shocking and upsetting. But it is very unlikely that Disney or anyone associated with them did the spamming. Most likely, it was a spammer testing out his new software. I have seen such spams for sites such as Google, CNN, Disney, and Wikipedia. Often a few days after these test spams you may get the actual spam following a similar pattern.
The purpose of web spam is to get more visitors, more ad impressions, and/or to improve the site's ranking in search engines. Disney as well as the other large sites I mentioned already have very high PageRank and tons of traffic so a few more links would mean little to them.
Of course, this is still spam and you should take the necessary measures to block it. But you can't blame these big corporations for what some mentally challenged spammer is doing to test his software or your defenses.
Spammers also sometimes spam for antispam sites such as chongqed.org, spamhuntress.com, or even a journalist who writes about spam. But these are for revenge and hurting our image rather than testing. This really doesn't make sense though. Few people that check the sites are going to mistake us for spammers. And the links only add to our PageRank.
The purpose of web spam is to get more visitors, more ad impressions, and/or to improve the site's ranking in search engines. Disney as well as the other large sites I mentioned already have very high PageRank and tons of traffic so a few more links would mean little to them.
Of course, this is still spam and you should take the necessary measures to block it. But you can't blame these big corporations for what some mentally challenged spammer is doing to test his software or your defenses.
Spammers also sometimes spam for antispam sites such as chongqed.org, spamhuntress.com, or even a journalist who writes about spam. But these are for revenge and hurting our image rather than testing. This really doesn't make sense though. Few people that check the sites are going to mistake us for spammers. And the links only add to our PageRank.
Monday, July 03, 2006
Spamhuntress DDoS
Just a quick note for those that might be worried that Ann's SpamHuntress site is down. She didn't quit, and she wasn't shutdown. She is being hit by a Denial of Service by some stupid spammer and should be back soon even more determined to hunt down such idiots.
Update: The site is back online now.
Update: The site is back online now.
