Wittering on about blog spam again

This blog feels slightly shortchanged in the weird searches department. For example, if you look at HjHop’s site, he gets searches that are bizarre enough for him to make a funny feature of them.

Search engine choices that bring unsuspecting people here are generally just odd. Not entertaining, just odd. Normally, there are between 5 and 15 for Schwarzenegger (?) and similar numbers for pictures of guns. (??????) Sometimes, castles come top, usually Bodium castle – but there were only 7 searches for this today. Today’s search referrals also included Rorschach (?7) art and fine art, (?6) and (?5). 5 Fruit and veg is normally a front runner but came nowhere today. I defy anyone to make a readable post out of that lot.

I suspect noone has ever been directed by a search engine to what we fondly believe is the normal content of our posts.

But this blog could acquit itself well, if it ever gets in a competitive event relating to volumes of blogspam. According to WordPress stats for this blog, there have been 2,624 approved comments but

Akismet has protected your site from 13,409 spam comments already

Akismet doesn’t even cover the whole life span of the blog and it’s probably been reinstalled a couple of times – hence, reset to 0 – but even on these figures, that’s a good few times as many spam comments as there were legit ones.

There are clearly spam fashions. I quite admire the craftsmanship involved in the ones that have generic phrases designed to flatter you into allowing the comment through the filter:

Love your blog. I’ll bookmark it and return later.

or the old favourite from last year, with words to the effect that:

I didn’t quite understand what you said on [insert name of blog] but I’m interested to know more.

However, it’s as if the heart has gone out of the spammers. This week’s “new black” for spam seems to involve sending some random syllables, occasionally with a load of links:

qkncihdf tjnprcd mitqlanp oznqx eaqrpzu imfwatulo sjmxrqgh

for example. Or, what about this, where even the links don’t make an effort to disguise their innate spammishness, let alone entice the unwary with promises of free meds or unfeasible bodily expansion?

biprong unbrimming martinetism bosn amative biota spongida expectingly
ziafm wnwwqwuy
http://jdskmnffl.com
ktuhbdk info
http://jlvxkeva.com
uosgu wcmqjs
http://sgqwajre.com
kxrrd qzfkagqn

What’s going on? There are eleven of these in the Akismet spam queue today. Not one has an English word in it.

The Register had a long security post about blogspam, on Friday. The article was about a malware scam that claims to take the user to various legit sounding places.

Over the next several weeks I noticed a lot more of these, not only pointing to Google but also to Yahoo and MSN. The servers they pointed to all had the same basic structure, such as google-homepage.google-us.info, msn-us.info, yahoo-us.info, etc. Every one resolves to the same IP address: 124.217.253.8. That IP address is registered to Piradius.net in Singapore. The server appears to be hosted out of Kuala Lumpur. The domains, however, are registered in Ukraine:

(They’ve all moved since the article was written, of course.)

The rest of the article is fascinating. Click on one of these imaginary images and they run an executable. The article shows a series of legit looking screendumps, with the alerts very well designed. They put the fear of malware into you and offer you apparently Microsoft-approved solutions. There’s even a blag Microsoft Security Centre. The only intrinsic design flaw was that it said XP Security Centre, which was immediately suspicious to someone running Vista.

I’m as much of a mug as anyone. I just hope I haven’t fallen for any of these…….

One thing I’m pretty sure this blog been subject to (thanks to Firestats’ fund of fascinating information on referrers) is a hack of restricted WordPress content using the Google cache. It just involves asking for things from the cache by modifying the url request string. (I’ve done that by accident I suspect)

That password-protected site of yours – it ain’t
It’s one of the simplest hacks we’ve seen in a long time, and the more elite computer users have known about it for a while, but it’s still kinda cool and just a little bit unnerving: A hacker has revealed a way to use Google and other search engines to gain unauthorized access to password-protected content on a dizzying number of websites.

We don’t have any restricted or pay-per-view content,so no loss as far as this blog is concerned. But, it’s sort of blog-validating to be in there in a “dizzying number.” 🙂

2 thoughts on “Wittering on about blog spam again

  1. On the positive side, a spam to real rate of under 6 to 1 is actually quite good. Compare that to your email inbox… 🙂

  2. While a lot of the search terms that reach my personal blog is probably reaching relevant content, I do see a similar incongruity in that the most popular search terms that reach it is “yoo sex”. 😕 Not only do I never talk about sex (the closest that comes to the subject is talking about the Sex and the City movie), I have to wonder just what they were looking for. Is there some obscure sex ritual or something that I’m not aware of?

Comments are closed.