OddThinking » New spam getting through

Pages
Archives
- 2005:
  - JFMAMJ JASOND
- 2006:
  - JFMAMJ JASOND
- 2007:
  - JFMAMJ JASOND
- 2008:
  - JFMAMJ JASOND
- 2009:
  - JFMAMJ JASOND
- 2010:
  - JFMAMJ JASOND
- 2011:
  - JFMAMJ JASOND
- 2012:
  - JFMAMJ JASOND
- 2013:
  - JFMAMJ JASOND
- 2014:
  - JFMAMJ JASOND
- 2015:
  - JFMAMJ JASOND
- 2016:
  - JFMAMJ JASOND
- 2017:
  - JFMAMJ JASOND
- 2018:
  - JFMAMJ JASOND

« If wishes were elephants… | Expensive In Deed »

New spam getting through

Filed by: Julian on February 23rd 2010

Sorry if you have noticed some comment spams getting through.

Someone out there is using a new technique. As well as their random email address, they are providing a URL to their home page, which is faked as http://www.somethinkodd.com?<random -string>.

That’s enough to fool my (now aging) SpamKarma plugin into giving them the benefit of karma from the comments I have posted.

The bit that is missing in my understanding here is what benefit they are getting from this. They aren’t mentioning a product. They aren’t including a URL to their own page, so there’s no Page-Rank juice flowing to them. They aren’t using a single email address, so they aren’t grooming an account for a later real spam payload.

Are they expecting to have hacked my WordPress account so the random string acts as a redirect?

4 CommentsCategories: About OddThinking

Comments

RSS feed for comments on this post. TrackBack URI

Comment by Dave on February 23, 2010

Indeed, that’s baffling (but then again, if I had a karma point for every batshit-stupid useless spammer trick out there, my next incarnation would probably be as Penelope Cruz’ front-opening bra strap)…

An easy workaround is to add your own URL to the gray list. For that matter, you could probably even blacklist it (your own comments will still go through no matter what).
Comment by Julian on February 23, 2010

Thanks, Dave, I will try that.

(Hey! You are not supposed to be supporting SpamKarma any more. I hope the real-life karma of doing so helps with your re-incarnation.)
Comment by Aristotle Pagaltzis on February 23, 2010

Reminds me of spam mail that contains no attachments and no links and just a lot of nonsense text. People theorised that they may be attempts to de-train Bayes filters. Maybe something similar is going on here with someone trying to bamboozle some popular spam comment filter in order to puncture it with real spam later.

But who knows.
Comment by Julian on February 24, 2010

In an ironic twist, Aristotle’s comment was posted exactly as the server (MySQL DB?) had some downtime – apparently, the hosting providers admins were doing some work on it.

It got caught in a limbo state between being posted and being rejected as spam, and wouldn’t appear until I manually pushed it through the spam filters again.

I am trying to reassure myself it was a coincidence, and not just part of a spammer’s vengeful Denial Of Service attack.