Spamhuntress

Spam + Blogs = Trouble

That’s exactly how Maryanne Myers is presenting a blog on one of her blog networks.

spamhuntress blogmysite - Blogs by Webstars2K

Which I take exception to, because I’m associated with the name Spamhuntress, and because I would NEVER EVER have a blog on any of her sites, nor use any of her software.

It’s retaliation on her part, because I wrote about her earlier.

Notice how there are about 350 comments on the first blog post there. The comments tart to fall off the page after about 14 days. That’s her program, blogmysite, in action. The punters get backlinks lasting about 14 days.

I wouldn’t pick on her, except she’s got a new technique out, which you can see on what apperas to be my blog on her network:

myblogbomb

What she doesn’t say, is that the blogs with those ads on them are easily identified, and it would be very possible and easy to just ban anything that appears on there.

And it turns the blogs into splogs, effectively…

I was running down splogs that refer to one of my other sites (nativecelebs has good serps and content, so often included on junk sites).

And I found one blog that I suspected was part of a splog network, with blogs living in various folders. But the root didn’t work, so I turned to Google.

And found this:

a2b for 70.86.36.194

It’s a list of URL’s that point (or pointed at one point in time) to one particular IP number.

And it looks like it’s part of a blocklist that susses out splogs. Have a look!

And I was absolutely right. The domain is part of a scraper splog network.

About a2b: They’ve now added nofollow to the spam URL’s, so I lost the nofollow on the links!

Oh, and the spammer behind the splogs? He’s best known as peteinoz on forums and such. He owns wpburner, catbcreator, completeadsensetoolkit and probably a few others. All splog creation, posting and pinging tool. Matt, are you there with your red crayon? These need banning. The guy talks openly about splogging. I’m debating whether or not I’ll post the URL to his forum, so you can see for yourself. Hmmm…

Actually, most of the URL’s on that blocklist should be banned. Most are probably generated with wpburner or similar.

Update: Proof of concept

Remember a little while ago, that a spammer said spamming had moved on anyway? Well, I believed him, and have been anticipating evidence of the new types of spam.

I found one today.

A yahoo group started by a spammer, with public archives.

There’s only one message, and that message was linked to from a guestbook spam entry somewhere.

spammer yahoo group
(Update: Yahoo already acted on my complaint. The group is history, a mere hours after my report. But they still have a lot of work to do, because they didn’t nuke all his pages. They should have some way of nuking all of them, don’t you think?)

Details:
The affiliate links are in an iframe in the body of the message in that group.

The guestbook spambot was 69.50.187.242
And the affiliate feed was from 69.50.191.22

The whois on the domain is:

Zuluz Networks Inc.
David Zuluz (ppcse@te.net.ua)
175, Carnival str.
San Diego
,45789
US
Tel. +95.22564879

ns1.loldns.com
ns2.loldns.com

That name server domain is on: 69.50.191.21

The domain itself, disorders.biz, has a WP blog on it. It actually looks legit, like a bona fide medical info site. It even has a masthead with a photo of a doctor on it. But the most recent article was lifted from eMedicine. A splog, in other words.

The domain was once linked to Webtouch.

But my main question is: How do we notify Yahoo about this? There’s bound to be more of this sort of thing, and we need a way to make them aware. They actually have to delete groups! Not something they’re likely to do, but there’s no way around it. Either they start doing it, or the next splog like hysteria will be Y!spamgroups…

Here’s a start point: yahoo groups TOS reporting

I was reading about Splogs on Plagiarism Today, and it hit me:

Adsense could search for Adsense publishers who get income from a large number of blogspot addresses. Shouldn’t be too hard to whip up some statistics software to do that. Then do a hand check on some of the splogs, to verify general splogginess (and please have some real geeks doing that, not some Adsense manager who can be fooled by anything).

Then remove those publishers from the program, and remove the blogs from Blogspot.

Easy, eh?

Earlier having free content was a good idea. It was a way to get your own links on to other people’s websites, and a way to get a reputation as an expert in a field. But today the internet has changed once again, and the primary use of free content is on splogs.

I just caught a network of such splogs, presumably owned by Tyler from Edmonton.

The splogs all sport content from E-zine, and are posted by an L.R. Rokwild

Why is it that so many spammers, sploggers et al are young guys? Maybe it’s a reflection on their maturity?

I got three comments in my moderation queue a few days ago. I didn’t approve them, even though they were obviously entered by hand and on topic. Why? I’ll tell you later, but first let’s check them out:

————

Commenting on “MSN algo change more spammy”

I agree. simply by looking at my own site..just started 7 days back and now i have 1000 pages indexed in MSN already. Talk abt. getting crawled. It used my 10mb b/w to crawl the pages.

Thanx, Admans.

———-

Commenting on “Netsphere domain parking”

I have been in discussion at the digitalpoint thread. This is very serious issue.

Thanx, Admans.

———–

Commenting on “Spammers use old MX records”

Nice info…thanx mate…

Thanx, Admans.

————-

Let me introduce to you:
Saurav Bhaduri

General Adsense and SEO addict

Check out the general type of posts he makes on Digitalpoint.

So, why am I ticked off at him?

He entered manual comments, and on topic, so what’s wrong?

He used HTML in his comments, entering two links to his key sites under a few characters of his name, so that it looks like this:

To me, that looks like an attempt to sneak by me links I otherwise might not have approved. Bloggers get one link (and he had one in the website field too), but I don’t want to see links on my blog for commercial sites of that ilk.

Don’t let me catch anyone doing that again…

——–

I paged through his posting history on Digitalpoint, and found a thread where he offered to sell links. All blogspot blogs have since been removed. I assume they were removed by blogspot, but who knows. I guess they could have been splogs? No way to know this long after the fact, of course.

But the general point here is that you’re generally likely to see links from several sources on splogs in the future. And my advice would be to NOT buy links on splogs, for all kinds of reasons.

Oh my, I found a reference to one of those splogs, for lifting content without permission. And one guy who responded to Admans request to review his blogs, saying they’re splogs.

When I handle comment or trackback spam that use trampolines, I routinely check for the sites the trampolines redirect or link to. Then I add those sites to the list of domains to be blacklisted on Google too. The whole reason the spammers use trampolines, is that they’ve “lost” a good number of domains to blacklisting of various forms, and don’t want to lose any more. By checking for the money sites, you’ll hurt them a little bit more.

But why should we treat sploggers any differently? If the goal is as Joe says to get PR for their money sites, then we should get those blacklisted too.

But slow down a little: Reporting the money sites isn’t as easy as counting all the links on a splog. I’ve seen few splogs, but those I’ve seen have mixed legitimate sites into the links. And I’ve seen affiliate links. So if you want to report the money sites, you need to know what you’re seeing before you start reporting.

Threadwatch had an article with lots of interesting links to stories on the amount of static vs information in feed subscriptions these days.

Some well known bloggers are complaining that their vanity searches are overrun with splogs.

So I thought I’d try and see if the splogs have picked up my little name yet. And I was surprised to see what at first looked fairly legit. But the juxtaposition of my name, a sentence from my blog and a sentence from somewhere else, including a weird link, leads me to suspect foul. In fact, those links on that blog (dare I say splog?) reminds me of that URL within URL experiment I covered a while ago. And if you go further back into the past posts, you’ll find all the links ping the same net neighborhood… Around 70.86.78.22…

Someone said that they didn’t understand the point of the splogs. What’s the payoff? Probably Adsense for many, I’d say. But someone (I don’t remember where) suggested the splogs could be a delivery mechanism for malware. I hope it isn’t possible, but think about the IE bug that makes IE execute code found in iframes… I saw that when I did iframes a while ago. It was unintentional on my part, but it can certainly be used for ugly stuff. Hopefully it doesn’t work on feeds…

Michael Bates hunted down another form of spamming.

Basically blogs that are on many blogrolls and since have been deleted. Typically on large services that allow old names to be reregistered by someone else.

A spammer then registers the old name that has lots of incoming blogroll links, then posts something on that blog, and lots of comment spam…

Michael has the story.