New ‘comment spam’ technique
p2pnet news | Off Topic:- Hi all, especially spam haters.
“Spammers run automated scripts which read everything on your web site, harvest email addresses, and if you have a blog, forum or wiki, will post spam directly to your site,” says Homeland Stupidity, going on:
They also put false referrers in your server log trying to get their links posted through your stats page.
As the operator of a Web site, this can cause you several problems. First, the spammers are wasting your bandwidth, which you may well be paying for. Second, they are posting comments to any form they can find, filling your web site with unwanted (and unpaid!) ads for their products. Last but not least, they harvest any email addresses they can find and sell those to other spammers, who fill your inbox with more unwanted ads.
Comment spam used to be a major problem on p2pnet but since switching to WordPress, it’s been all but eliminated.
That’s down to Akismet and Bad Behaviour, both excellent anti-spammer applications.
But the people who send spam are among the most creative individuals online. Every time someone comes up with a way to block them, they figure out a way around it.
To backtrack a little, Akismet does its thing by spotting multiple URLs in a given email. If sees more than two, it concludes the email is spam.
But what about legitimate-looking comments carrying the spam URL in the subject heading?
There are several examples of this and one of them which keeps on showing up on p2pnet throughout the day, all day every day, is k.daniel@msn.com.
It looks legit but ‘Daniel’ isn’t registered. The URL points to something called the National Finance Center http://www.money.amazingguide.org/, and sometimes jumps to pharmaceuticals sellers.
Daniel, and a handful of other spammers like him, get around the anti-spam apps with cleverly formulated posts which are always the same, with the topic picked from the headline and used in the body of the comment. The header for this ‘Daniel’ post was, for example, ‘Crime gangs running wild online’.
Daniel Says:
August 14th, 2007 at 7:34 am
I couldn’t understand some parts of this article Crime gangs running wild online, but I guess I just need to check some more resources regarding this, because it sounds interesting.
Oviously, this technique will inevitably be copied and will probably become widespread.
Unfortunately, as good as it is, WordPress doesn’t have a facility to block individual repeat comment posters: or if it does, I couldn’t find it.
So far, I’m dealing with these manually but ‘Daniel’ clearly recognizes he’s onto a good thing and is now starting to flood.
Does anyone have any ideas on how to deal with Daniel and others of his ilk? Or has anyone come across a way to reliably block individual WordPress comment posters based on whatever’s entered in the ‘name’ line?
Cheers! And thanks …
Jon
t/index-wml.php
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.
August 14th, 2007 at 11:06 am
I just found a way to possibly defeat these kinds of comment spams in Discussion Options. We’ll see if it works.
Cheers!
August 14th, 2007 at 4:14 pm
I find smp to be a good companion for the two plugins mentioned above.
August 15th, 2007 at 5:17 am
I’ve had these type of spam on one of my sites. Fortunately, it is no hassle for me to switch off Guest posting and prevent them. The only reason I caught them was because half the words showed up as hyperlinks (each letter was a different link).
August 15th, 2007 at 5:48 am
Got the same kind of posts in my own site as well but Akismet caught them. I almost approved one of them until I realised the spam. Unfortunately I have no advise for you
August 15th, 2007 at 7:14 am
It works : )
Cheers!
August 15th, 2007 at 10:47 am
Try this http://www.lesterchan.net/wordpress/readme/wp-ban.html
August 15th, 2007 at 12:05 pm
The log and stat on my site are not accessible from internet and they are deleted every day because of anonimity concern. Also I set some spam traps that fill the spamer database with entertainment industries Email addresses including the RIAA and MPAA and also with junk non existing address.
It’s working! I recieve almost no spam. Also the pop3 server is setup to just ignore Email address not corresponding to an accompt so spamers does not know what Email address actually exists on the domain name.
I hope that they have a good time with spam at the RIAA!
August 15th, 2007 at 9:40 pm
Just for the record: projecthoneypot.org’s HTTPBL has shown an impressive amount of catches on some sites that I run. They have a pretty interesting toolset available for webmasters, and a bunch of integrated plugins.
August 21st, 2007 at 7:43 am
Eric Maillard suspecté de Spam en connection avec Lisa Nova
Fake : Le FBI a récemment utilisé les puissants moyens informatiques de la base militaire de Las Vegas pour investiguer sur l’affaire de Spamming Lisa Nova.
Fake : La DGSE française serait en rapport avec les services de Police de l’administration américaine sur l’affaire Lisa Nova. ( Lisa Nova a lancé le mois dernier une grande opération de Spamming visant à intégrer le cercle des personnes influentes dans le milieu du cinéma à Hollywood ).
Fake : Le Fashion Blogger français Eric Maillard est suspecté d’être en connection avec la personne de Lisa Nova. L’objectif non avoué serait de promouvoir un mystérieux Blog de Mode nommé Maillard Hebdo.
Fake : Les six derniers mois, les services secrets français ont identifiés plusieurs spammers dans les milieux politiques et artistiques : Cinéma, Musique et télévision.
Fake : Soyez vigilants : Le Phénomène de spamming touche aussi bien Internet que la télévision et la Presse écrite.
Eric Maillard
September 3rd, 2007 at 3:00 pm
I use Spam Karma 2. It works great, so far it’s caught every single spam and no false positives.