Wednesday, May 07, 2014

Just What I Wanted: More Spam

While the blog hasn’t been hammered with referral spam recently, there have been a few drive byes. Also in the mix was an attempt at comment spam that shows how the Web 2.0 emphasis on social media makes it easy to establish a false identity on the Internet, thereby lending an appearance of credibility to a post.

Remember not to click on suspicious links, folks. Leave that to crazy people like me who use layers of security and virtualized computers to poke cyber hornet nests.

First up is from Russia, without love:

Trust Combat Spam 01Trust Combat Spam 02

Trust Combat’s spam came in as http: // www . trustcombat . com / faq . htm and appears to be an SEO (search engine optimization) outfit wanting money to help boost your web page ranking. They want to help you so badly that they accept Bitcoin, Litecoin, Nextcoin, Primecoin, and Paypal for payment. Links to proxy services are also found on the site.

trustcombat Blog Spam 01trustcombat Blog Spam 02

UPDATED: Taking advantage of Blogger’s ease of setting up blogs to fake a legitimate presence is nothing new. What’s new is trustcombat . blogspot. com showing up in my referral data, complete with a Google Plus account. Tips and tricks for link building and creating a fake social media presence along with every single link going back to trustcombat . com fill the page.

I’d steer away from them, nothing good would come of doing business with what looks to be a fly by night operation. While neat and tidy, this is a barebones site that probably was set up in an hour or so of work. Avoid clicking on this link if it shows up on your Blogger stats.

Next up is from South Asia and came in as a post. It is always wise to enable moderation and approval of all posts coming into your blog because both the bots on the Net and their poorly paid human counterparts tend to find open commenting in a hurry. Then comes a flood of worthless posts that can get you in trouble from Google if they contain links to bad sites.

This one showed up complete with a G+ account associated with it, so it must be safe, right? Think again. Since I have all submitted posts forwarded to an email account, I’m able to see imbedded links that don’t show up under the approval screen on Blogger itself. Without further adieu, here’s what I received:

Lacy Brown has left a new comment on your post "Comment Spam in the E-mail":

thanks for sharing,this method is very usefull i am very impressed,great post Gmail Account Support

The last three words are actually part of a hyperlink to a webpage, of course. http: // www . acetecsupport . com / gmail_support . html leads to the following page:

Acetecsupport Spam 01Acetecsupport Spam 02

There seems to be support service offered for almost everything PC related under the sun. But Gmail support? Talk about raising red flags, that is clearly about getting access to Gmail accounts. The unwary who fall for that could soon find their account hijacked, I suspect. DO NOT CLICK on this spam if you have received it. Besides, contacting Google themselves for support is the way to go, not pay a third party for something you can get free.

Acetecsupport Spam 03Acetecsupport Spam 05

So what about this Lacey Brown who sent it? Well, the name looks fishy in the first place, sounding more like a model/actress/porn star name than anything else. Of course, Lacey has a very pretty portrait photo on the Google Plus account. Obviously cropped and filtered to B&W from a photo found on the Net of a model, it’s clear that this is a dummy profile.

The only people in her circle are guys, which suggest to me that this isn’t a real female in the first place. Social engineering is one of the tricks of the spam trade and guys will click on contacts for hot women at a depressingly high rate. Notice how there is nothing else there other than Google’s automatically generated YouTube channel.

Acetecsupport Spam 04
Digging a little deeper, it turns out “Lacey” is a prolific poster to blogs all over the world. All are tech related and from a brief perusal the comments leave links to various sites, mostly Acetecsupport. Over time, the comments will give the appearance of a real person existing, but I think Google’s algorithms will catch on to it if they haven’t already.

So don’t trust a comment automatically, even if the person has an associated Google +, Facebook, or Twitter account. Lately I’ve read that over 100 million of the accounts on Facebook are fake and that ten percent of the likes on larger liked accounts of celebrities and businesses are purchased. So please be careful accepting comments that make it past Blogger’s spam filters, they aren’t guaranteed to be spam free.

Ftnfddvfd Spam 01Ftnfddvfd Spam 02

Finally, referral spam from a blog on a Swedish hosting service is about as transparently spammy as a site can get. http : // ftnfddvfd . soclog . se / doesn’t even try to look like a real blog. Randomly culled sentences jammed together in paragraphs create an unintentionally hilarious read that was meant to fool Google’s spam site detection routines. Then there is the keyword stuffing for the post titles, I hadn’t seen anything this blatant in years.

Topping it all off is photos of scantily clad models for more of the luring lonely guys technique of generating clicks. The pictures are taken from the Net and must be copyright violations given the professional quality. It’s like every black hat method of SEO was thrown into a blender.

The whole thing is so ludicrous that I didn’t bother clicking on the huge “Find out more” buttons at the bottom of each post. Stay away, there’s no telling what you’ll get from this ridiculous attempt at generating ad revenue.

4 comments:

Anonymous said...

Thanks for the warning, just saw the trustcombat one in my stats.

A rootdigger said...

me too, they are there along with behancenet/gallery////////// anyway with posts like yours one at least finds out with out the risk of clicking on them. I have so much to learn

A rootdigger said...

crappy proof i am not robot gets my comment everytime=== thanks for your good post on the crawler

Patrick D. Boone said...

Sorry about the Captcha security, my email account was being overwhelmed with spam comments the last few weeks so I turned it back on.

That behancenet gallery seems to be them proving their methods of how to use a social media site to push spam. At least it fits what they were talking about on their site if Google translate is anywhere close to being correct!