The Spam Diaries

News and musings about the fight against spam.
 by Edward Falk

Wednesday, October 29, 2008 spammers and more

In July, I wrote about a "reputation" web site which had been link-spamming this blog. I suspected that part of their business model would be to blackmail businesses into removing negative reviews. Comments on my article tended to back that up.

Today, alert reader Chad pointed out a couple of articles on PissedConsumer. In particular, YOUmoz blog is reporting that a reader has discovered that PissedConsumer seemed to be running a link farm in order to artificially boost their page rank and drive traffic. The comments are worth reading as well; one commenter claims that PissedConsumer was stealing content from his review site in order to populate their link farm. (Commenter also mentions that the DMCA complaint went ignored — this may be worth investigating on its own.)

Best of all is the comment from Google's Matt Cutts, who wrote in essense "they're nuked now". Way to go!

You can read more at Digital Point. Of interest is the first article in the thread, in which the author mentioned that PissedConsumer wanted nearly $2000 to remove bogus reviews. It looks like my suspicion of reputation blackmail was correct.

See also "Sockmonkey's" article How To Game Google SERPS.

Tuesday, October 14, 2008

Quick heads-up, spams containing zip files

In case you haven't noticed, there's a new scam making the rounds, in which the payload is a zip file. The zip file contains a single executable whose name is in the form of (for example) e-ticket.doc.exe.

The spammers are obviously hoping that the operating system will remove the ".exe" before showing you the filename, at which point you think it's a harmless doc file and click on it.

The emails themselves come with a variety of enticing subject lines, and I have to give the spammers credit for creativity. The latest round come with the subject line "Your Online Flight Ticket" (plus a hash-buster), while previous rounds have come with subject lines suggesting that there's a FedEx delivery waiting for you, trouble with your credit card or something of a similar nature that demands your attention.

The enclosed zip file contains a virus of course. Most of you reading this are smart enough not to click on random attachments in email*, but do pass the word please.

eWeek has a short article on the subject: Malware in E-Mail Rose Dramatically in September, Security Pros Report