Understanding Context Aware Trackback Spamming: New Frontiers in Web Spamming
By Angsuman Chakraborty, Gaea News NetworkFriday, June 10, 2005
Let’s begin with an example.
Name: Stanford scientists takes first step towards producing renewable source of insulin producing cells from brain-derived … | IP: 81.176.65.76
Stanford scientists takes first step towards producing renewable source of insulin producing cells from brain-derived …
The scumbags at com.ru have tried (albeit unsuccessfully) at spamming my site with 30 or more Trackback Spams. What is different about their technique is that they actually pick the title of the article and generates the title of the spam message. The same title is also used as excerpt as can be seen above.
Most of the bloggers just scan the message content and decide whether it is a spam. This works because most comment spams comes with telltale messages and/or descriptive URL’s like poker and vioxx.
In this case the message looks plausible, someone has possibly tried to reblog your entry.
The URL doesn’t give away anything either.
Both of this techniques are designed to fool not only spam checkers but also most human.
However intelligent as they may try to be they have faltered on two counts. First you don’t get thirty or so trackback comments from a website. So much unilateral love is always suspicious.
Secondly all the spamming attempts were from the same IP address - 81.176.65.76
Lets look at yet another pitiful attempt by them:
Name: GPL is forced socialism | URI: https://hernya.com.ru/ | IP: 81.176.65.76
GPL is forced socialism
GPL is forced socialism
In case you still have a doubt which IP address should be added to you block list. It is 81.176.65.76 and the host name is com.ru.
The moral of the story is that crooks always make stupid mistakes somewhere. Yet another round for anti-spammers. However the sombre take home message is that this will not be the last of context-aware-trackback-spamming. I can easily see how they can use much more spohisticated techniques to disguise their spamming attempts.