Wednesday, February 04, 2009

Please Don't Post Clickable Links to Malware Blogs

Every day, well intentioned bloggers post anxious demands in Google Blogger Help Group
This person listed their blog in several forums. As an admin of two of them, I have had many complaints over it about spamming. We have blocked his address from our forums, but it seems he has many of them and he keeps spamming it hourly.

Please shut this blog down.

http://bigspamblog.blogspot.com


So getting "bigspamblog.blogspot.com" removed should be such a simple task, but it's not.

The problem is that, for everybody who reports a spam blog in BHG, someone else reports that their blog was just falsely accused of being a spam blog. Not every blog reported to be a splog actually is a splog, and not everybody reporting a splog actually is reporting a splog to get it removed.

So Blogger has to verify each spam blog report, before acting on a demand posted here.

Many spammers post in BHG
OMG, remove bigspamblog.blogspot.com!

and while we wait for Blogger to take action, they watch their hits roll in, from a clickable link in their post. They know that, while we wait for Blogger to take action against the blog, their post will sit here, attracting the curious
I know that it's spam, but what sort of spam? I have nothing better to do, so I'll check it out.


By the time Blogger does anything, the spammer will publish
"bigspamblog2.blogspot.com", "bigspamblog3.blogspot.com", and so on. Next week, the spammer will post under another name
OMG, remove bigspamblog2.blogspot.com!

and watch the hits roll in for that one.

And the spammers will use millions of botted computers all over the world (maybe the payoff of the latest worm, such as Conficker / Downadup) and create thousands of splogs daily - "bigspamblog2000.blogspot.com", "bigspamblog2001.blogspot.com", "bigspamblog2002.blogspot.com", and so on. Out of those thousands, one or two may get reported.

It would be real nice if Blogger would hire somebody to be more proactive and remove the spam blogs immediately. That same person could watch for the Indian Escort Service spammer in BHG, and axe the accounts used for each spam, immediately.

But, they won't.

So we have to take the initiative, and protect ourselves. Various security product providers (antimalware, firewall, and other security products) are providing browser add-on software, that will automatically scan each web page, and identify links to malicious web sites.

And, Google has provided a new form, for us to use to report the hacking, porn, and spam blogs. But making an entry in the form won't get the web sites removed, immediately - somebody will have to verify each accused blog. And a list of the verified guilty blogs will feed one of the malicious web sites databases. You may get some insight into the solution provided, in the Official Google Webmaster Central Blog: Better badware notifications for webmasters.

>> Top

No comments: