Saturday, July 20, 2013

Time for Some Polish Comment Spam

One of the best reasons to enable Recaptcha aka the oddly colored and jumbled letters in the comments form is the fact you will very quickly see spam show up in your comments if you don’t. I moderate every post and had done this to save time though it does stop real people from commenting due to frustration deciphering the text.

To make it easier for people to post, I disabled the Turing test last night. At 2:17 AM this morning, the following arrived in my mailbox (edited to defeat autolinking):

Anonymous has left a new comment on your post "Godzilla vs Biollante (1989)":
[ url = http : // www . page1 . pl] pozycjonowanie [/ url ]

Needless to say, that looked suspicious sort of like a masked man robbing a bank does. Firing up the trusty virtual Ubuntu machine, I investigated the link which led to a very professional looking site put up by a company called Arteria.

page1 spam 01page1 spam 02

It’s a rather large page involving a lot of scrolling, so I present only the top and bottom of the content. I’ve edited out the actual contact information which includes an address in Krakow, Poland.

Courtesy of Google Translate, the opening text in English:

page1 spam 03

As you have probably guessed, they are selling something. In this case, SEO optimization and placement. What’s SEO? Search Engine Optimization. That’s why they are spamming websites, hoping to get someone wanting higher traffic to pay them for their services.

If you are a webmaster or blog owner, do not click on this and feed their shady practices.

UPDATE: Turns out I missed another comment spam from a mere hour or two after I disabled the robot check. What’s hilarious here is that the link goes to a page that no longer exists:

Anonymous has left a new comment on your post "Howl’s Moving Castle (2004)":
When some one searches for his essential thing, so he/she wants to be available that in detail, thus that thing is maintained over here.
My weblog: southwest florida art galleries

atlcurling . info / wiki / index.php?title = User: JZFLourde

Once these spambots are set loose they seem to keep going long after the site is dead. I wonder how much zombie spam is out there?

Posted by at No comments:
Labels: , ,

Monday, July 15, 2013

Referral Spam Overload

Updated 15 July 2013 with screen captures and testing Tor for browsing.

A very quick post; referral spam went nuts the past 24 hours on the blog totalling 35 hits. The culprits:

adsensewatchdog . com

adsensewatchdog spam 01

This is what it looks like without Tor and NoScript. A wide index of terms so they get hits. Just another fake search engine riding the real ones to get traffic and money for pages served.

adsensewatchdog spam 02

With Tor (an untrackable browser) and NoScript it looks completely different. Fancier parked graphics and no links.

Read more »
Posted by at 3 comments:
Labels: , , ,

Running on Less than Empty

The problem with having CFS/CFIDS is that you never have enough energy and if you do have any it expends quickly with little rebound. I write “little” because if there was none, you’d be dead. Instead returning energy trickles in at glacial rate. Add in being a type A personality and it becomes a recipe for running one’s self into the ground the moment you have any energy.

This month of July has been a tough one of burning up energy and crashing repeatedly with each crash harder than the prior one. It began with family visiting and being on maximum output through the first week. Somehow I made it through that with only a small lapse into a bronchial infection that cleared up after two days.

Read more »
Posted by at No comments:
Labels: , ,

Spam and an Apparent Pyramid Scheme

Commenter Charlotte gave a heads up that a new spammer has shown up in Bloggers stats so I checked it out several days ago. I didn’t get the spam myself and wasn’t feeling the love from referral spammers. Then the last 24 hours produced 22 spam hits of various kinds including the new one awsurveys . com / ?R=1070526 which showed up seven times. I guess they still love me. Is this what they call “bad love”? UPDATED with another link being used and a shady service connected to it.

AWSurveys Spam 01

So I fired up my virtual PC and checked out the link. Remember folks, don’t try this yourself! Clicking on referral link spam can cause any number of problems including getting you computer infected with malware.

Read more »
Posted by at 3 comments:
Labels: , , ,

Saturday, July 13, 2013

Pacific Rim Short In-Theater Review

Giant robots bashing giant monsters using the latest in state of the art computer generated special effects. What could possibly go wrong?

Nothing actually. The movie was my most eagerly awaited of the year due to being a fan of kaiju and giant robots since childhood. I didn’t expect anything brilliant but did fear a turkey that would ruin any chance at the genre getting a fair shake in Hollywood again. I won’t say my fears were unfounded, however it is a simple fact that Pacific Rim is a good movie.

The director, Guillermo del Toro, is on record as wanting the movie to be something airy and light, not something brooding or contemplating the human condition. Frankly, if he thinks this story was airy I worry about what he thinks is dark. While clearly an action movie first and foremost, it is pretty grim from the start.

Read more »
Posted by at 3 comments:
Labels: , ,

Friday, July 12, 2013

Old Spam Is Still Indigestible

Getting back to posting reviews is turning out to be harder than I expected and the new rounds of referral spam have taken up time meant for writing on other topics. The latest to hit by Blogger stats is from newsuc . com and according to DuckDuckGo it is a parked domain which means no real content is hosted there. The page showing up from this dedicated to spamming site is newsuc . com / blog / blog1 . php / 2009 / 07 / 20 /giant-quake-tsunami though there are several others at the site.

newsuc spam 01

I fired up my virtual machine (VM) running Ubuntu for safe investigation of the site and to take screen captures. Remember, don’t click on the links from newsuc! What I found looked like a real blog, if out of date by three years. But why would they be linking me now?

Read more »
Posted by at 1 comment:
Labels: , , ,

Thursday, July 11, 2013

A Tricky Bit of Spam

Spammers apparently never sleep and so it isn’t long before a new referral spam hits Blogger or an old one appears under a new link.  This particular one is a new one to me and came in as t . co / 1kXhhiBfBE using a shortened Twitter link. So what is it really?

Screenshot - 7_11_2013 , 8_49_44 AM

A misogynistic offer to teach men how to seduce women. Apparently it is a video and the format looks all too familiar. The content is different, but I never did see the presentation due to this:

Screenshot - 7_11_2013 , 8_52_25 AM

Firefox on Ubuntu failed to install when the camera icon was clicked on. Children don’t try this at home! Digging into the page source code revealed the video link claims to be in SWF format but as you can see, nothing happened. If it is malicious code aimed at Windows, it found the wrong operating system to play with.

Screenshot - 7_11_2013 , 8_54_31 AM

Finally, when you try to close or back out of the page, the javascript launches this appeal to the profoundly desperate. I’m sad to say this will actually work on some guys.

UPDATED: This is now coming in as a full address, thetaoofbadass . pw / ?a_aid=517d032416eac which makes it seem even more silly.

Looking at the source code (with no expertise on my part) was revealing in that this appears to be a prefabricated template complete with instructions. A talented coder will glean a lot more than I did, but it shows just how polished the malware and spam pushing has gotten. It is all very professional now and it seems that the weight loss spam used the same form.

Posted by at 22 comments:
Labels: , , ,
Subscribe to: Posts (Atom)