Saturday, July 20, 2013

A Tricky Bit of Spam - Where's General Keith Alexander's NSA Israeli Pedophile Spies when you need them ?


A Tricky Bit of Spam - Where's General Keith Alexander's NSA Israeli  Pedophile Spies when you need them ?

(Probably promoting their worthless shares of U.S.Nevada incorporated penny stock shares over at rangingbull.con or Yahoo!.con 'message boards' and busy counting the stolen proceeds at money laundering Sheik Mohamed Al Rashid bin Maktoum's NASDAQ headquarters in Dubai that ex SEC Chairwoman and ex IRS Commissioner and hedge fund money launderer Douglas Shulman sold to them in order to facilitate THEIR UNENDING THEFT FROM AMERICAN INVESTORS-VICTIMS ........)


http://from-the-sidelines.blogspot.com/2013/07/a-tricky-bit-of-spam.html

Thursday, July 11, 2013

A Tricky Bit of Spam

Spammers apparently never sleep and so it isn’t long before a new referral spam hits Blogger or an old one appears under a new link.  This particular one is a new one to me and came in as t . co / 1kXhhiBfBE using a shortened Twitter link. So what is it really?
Screenshot - 7_11_2013 , 8_49_44 AM
A misogynistic offer to teach men how to seduce women. Apparently it is a video and the format looks all too familiar. The content is different, but I never did see the presentation due to this:
Screenshot - 7_11_2013 , 8_52_25 AM
Firefox on Ubuntu failed to install when the camera icon was clicked on. Children don’t try this at home! Digging into the page source code revealed the video link claims to be in SWF format but as you can see, nothing happened. If it is malicious code aimed at Windows, it found the wrong operating system to play with.
Screenshot - 7_11_2013 , 8_54_31 AM
Finally, when you try to close or back out of the page, the javascript launches this appeal to the profoundly desperate. I’m sad to say this will actually work on some guys.
UPDATED: This is now coming in as a full address, thetaoofbadass . pw / ?a_aid=517d032416eac which makes it seem even more silly.
Looking at the source code (with no expertise on my part) was revealing in that this appears to be a prefabricated template complete with instructions. A talented coder will glean a lot more than I did, but it shows just how polished the malware and spam pushing has gotten. It is all very professional now and it seems that the weight loss spam used the same form.

11 comments:

Kevin K. said...
Got the same referral on my site today. It's a drag discovering, over time, that my audience isn't quite what I thought it was.
Patrick Boone said...
Yeah, it is a kick in the teeth kind of feeling. I still don't comprehend how the spammers think that there are enough blog owners to make money off of them.
George The Boxer Dog said...
Thanks for the education. Like the others it's a little disheartening to have to take those hits off my numbers that I thought were growing. Oh well, my mother loves me!

John said...
Wow! You really took some risks with all that clicking. I admire what you do in reporting all these spam referral morons, but shouldn't you also be educating your fellow bloggers to ignore them. Really that's the best way to fight spam referral. I never click on the links. NEVER. And I rarely Google the links anymore. This Twitter URL disguise got me, but I'm done with spam referral for the rest of this year.
Patrick Boone said...
John - I took no risks at all when I investigated the link. I check them out by starting up a virtual machine (VM) that mimics a full blown computer, but with no access to my real operating system or hard disks. It's a disposable setup that I can simply delete if the VM does get infected. Very few viruses and malware out in the wild are aimed at Linux, so that reduces the odds of trouble quite a bit in the first place. I also only use that particular VM for checking spammers!

Yes it is best to ignore the referrals and most people that find the blog are checking before they click, which why I post about the spammers. A few do visit after the fact, so I suppose a standard disclaimer might be in order for future posts.
Kim Anderson said...
I appreciate this post as well. I'm new to blogging so I don't want to go clickin on stuff I don't know about. They are trixy with the twitter cover though.

Patrick Boone said...
Yes they are, to the point of being as bad as Bagginses.
Eve said...
A really useful site. I've clicked on a suspicious link once so far and they seem to visit my blog every day ever since. Is it that bad to search for the addresses of the links on the net? Does it give the spammers any kind of publicity? PS I'm from Poland so it's even weirder that they found me;)
Patrick Boone said...
Eve - These spammers hit the entire world from Asia to Europe to the Middle East to the Americas with stops everywhere else. I've created a blog and the first hit on it was by a spammer though no clicking has been done on referrals -- in fact nobody else had seen the blog yet!

Clicking on the visit links in your Blogger statistics does tell them it worked and puts you on a list, but the way they mass harvest blogs it doesn't matter much. But don't click on the suspicious ones since some will try to hijack or infect your PC.

Searching for them on Google, Bing, or DuckDuckGo doesn't really help the spammer, so don't worry about that. It might raise their site in the index, but the only people looking for it will be those suspicious of the site. Hopefully they will find warnings instead.
Linda said...
Dear Patrick, I have this 'Spam' stuck on my Blog .. It is an animated ad for getting the girl! It bothers me it is there and l want it gone ... how do l stop this spam viewing? Can 'l' stop it being there at all?
It is coming in at 12 page views today, 24 yesterday etc... I only found it by seeing what it was in Traffic source. I have one more too .. Plagued by these people :(
Patrick Boone said...
Linda - You will keep seeing those hits on your blog if you only use Blogger's statistics to track your visitors. I suggest using an alternative such as Google Analytics or StatCounter.

For Google Analytics: Sign up at http://www.google.com/analytics/ and then get your "analytics web property ID" and paste it into the box at the bottom of your Blogger 'settings - other' page. There are also instructions at Analytics if that doesn't work.

For StatCounter: Sign up at http://statcounter.com/ then look for the "Guided Installation" section on the main page. The first guide happens to be for Blogger!

Both services don't register the spammers, though once in a blue moon I see something like a false referral in Analytics. They also allow you to see more information about your visitors like what browsers they use and what screen resolution.

That helped me decide on a final layout for the blog because I was tempted to go to a wider layout but discovered most people visiting have smaller laptop screens. So lots of uses beyond just seeing where the visitors are from.

No comments:

Post a Comment