I woke up to referrers from report-abuse.dmoz.org today.’
Huh? How come they were accessing the post where I celebrated being included on dmoz?
Then I found who’d probably reported me.
I also posted my take on what happened in my original post. Let’s just say the person who wrote abuse must see conspiracies everywhere…
Update
They’re talking about this post on the dmoz forums. I’m SOOO curious what they’re saying, but don’t have access.
I’m roaming the net looking for spam now and then.
Lately I’ve found that PHP-nuke is extremely targeted by porn spammers.
If you’ve got an installation of PHP-nuke, please get it under control. It can get really ugly!
Hmmm, looks like the nuke people have discovered this problem.
My friend used to have a mod for phpBB that made the memberlist closed for non-members. But I figured if the point was to make forum profile spam less interesting for spammers, a robots text might be enough:
User-agent: *
Disallow: /forums/memberlist.php
Disallow: /forums/profile.php
There’s a lot more you could block, and you can probably find them on the phpBB forum. But this should be enough to stop phpBB forum profile spam.
I was talking to a friend who was delousing her forum. It’s a phpBB forum, and you have to be approved to post there. But that still didn’t stop people from signing up just to have their website address displayed there.
So I had a look at it. For that particular forum, the best way to find the spammed profiles, was to look at the memberlist, then sort it with sort method website, descending.
For that particular forum, I could skip users who’d posted at least once, and hover the mouse over the website icons for the rest. There are quite a few .ru sites, but also some non-porn sites that could almost look as sites some enterprising members might put in their profiles to earn money (for instance, one real member has her Mary Kay site in there, which is OK in that context).
Then it’s a question of removing the spammer profiles, and look for a mod that (for this forum) bars users from populating the fields of their profiles until after they’ve been approved. Or any other good anti profile spam mods?
Sigh, nothing is sacred, is it?
I sometimes run across links that I’d like to show you guys, but don’t necessarily want to make a whole post about them. So, here’s the contents from my linkdump file for the last few days:
REFERRER SPAM: Timur Tasbulatov / emedia-omni.com / gay-ethnic-list.com
Highlights: The webhost ( Layered Technologies) does not consider referrer spam abusive. Bad webhost.
Highlights: PHP scripts that block spambots by analyzing their HTTP headers and comparing to known spambots.
Yahoo tops phishing statistics
Highlights: Phishing sites stay operational longer on Yahoo, and it’s hard to figure out how to report phishing and select other types of abuse on Yahoo (I tried and gave up myself).
Hightlights: Popularity tool for recent posts. Get ranked according to how many other bloggers link to your recent post.
I’ll put bots I find that I haven’t found an explanation for here. These are mostly recent hits to my sites:
IP address
203.144.160.242
caching1-true.asianet.co.th
User agents:
Shockwave Flash
Mozilla/4.0 (compatible;)
—————-
IP Address:
217.159.201.143
User agent:
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; (R1 1.5))
Fetched 100 pages from a friend’s site in less than 2 minutes. Kept going after being banned.
The IP number only has one site on it, that’s got a password protected home page: bulletrehosting.com
The dns server is on Atrivo’s net, no known sites on the same IP number. The e-mail address in the whois info doesn’t work - domain name inactive. And finally, the address in the whois info suggests the company is incorporated in a tax haven. What are they doing? No clue.
Here’s an example of forum profile spam in action:
play pool
The spammer registers user names in the beginning of the alphabet, populates the URL field with his spam, then leaves.
And of course even better for the spammer, the forum has been closed because they couldn’t moderate it effectively enough.
Another example from the same spammer:
macmerc.com.
Update: I noticed a referer from macmerc and rechecked the page I’d linked to. The profile is gone! Not only that, but the admin seems to have removed any other profiles left by the same spammer!
This is the same spammer that’s behind that whitebear nonsense that redirects to this site.
Forums and other sites that let people create profiles need to use captchas. Not only that, but making the profile pages and member pages unavailable to search engines might also help keep the spammers away.
For those of you who’ve been around long enough to remember the beastiality trackback spamrun, which STILL points to my blog, and I’m getting sick of all the people looking for that kind of porn, BTW, it tops my search statistics by a good margin…
Anyway, that spammer seems to have really revved up his campaigns lately. No doubt concentrating on those blogs that haven’t been regularly cleaned.
I’ve kept up with the Danish people, getting them to 404 several subdomains, but the spammer is branching out to other free service providers. What can we do to make his business a little less profitable? There’s unfortunately obviously a market for this stuff, so the only thing we can do is make it more difficult at this point, I fear.
Examples of heavily trackback spammed pages:
Kevin (edit: has cleaned his page)
Siva
Those of you who have a similar problem, check out my trackback block post.
Via Micro Persuasion
Meet Red Herring, supposedly from a communications company.
Early April Fool’s joke?
whois info shows the owner to be:
NA
Pete Majarich (petemaj AT hotmail.com)
21 Macleay St
Bradbury
NSW,2560
AU
Tel. +61.401929690
Creation Date: 14-Mar-2005
Update
Is this the guy? Just wondering.
Your mileage may vary, as they say.
Here’s one take on how effective simple obfuscation of e-mail addresses is, and my comment on that: