Tag Archives: Spam

Trackback Spam Gateway

It’s over. My referrer experiment is over… at least, in its current form. Today, I roll out firsttube.com referrer gateway version 1.0. That makes it sound fancy, but it’s not. Basically, it’s PHP to prevent trackback spam.

Traffic at firsttube.com has grown steadily, for some reason, and the logs reveal it: we get a TON of traffic from search engines, and the most popular terms are surprising – sensitive readers beware – here are the terms that most frequently drive people here:

cumtube, red-tube, uporn, adult youtube, milf, gay tube, tube 8 and many more equally odd terms.

You know why? Because, in a shrewd move that search engines seem to love, I display links back to my referrers, thinking they are trackbacks. But when it’s not from Google, Yahoo, Live.com, or OSNews, it’s most often spam. Why? Because not only are we using the name “tube” in our title, but with each erroneous entry, we tell the search engine it’s a good thing by back-linking to that search. In short, I’m perpetuating the problem. As a result, dozens of spammers have begun issuing basic GET requests in the hundreds placing their sites in my referrer lists.

Some time ago, I began the battle by adding rel=”nofollow” to all outgoing links not added via the admin section. But alas, that wasn’t good enough, the spammer didn’t care, so I implemented a pre-check, whereby referrers are, via regular expressions, matched against a list of known crap. As of today, there are 36 terms that I actively filter. In time, this will be performance intensive, if it isn’t already.

Thus, a gateway. Now, *all* referring traffic goes into a temp table, and each entry must be approved. I wrote a nice tool to batch import, batch delete, or even approve based on certain filters, such as domain or term. As it matures and I get an idea of time, I will “whitelist” certain domains that can immediately post to the referrer table. In the meantime, I need to decide if I want to filter referrers with obscene unrelated terms or just leave them and let the magic run its course; after all, these are not “spam,” they are simply organic mistakes. An argument could be made that it’s interesting, and therefore, mostly the reason to post referrers, to see what terms and sites around the internet drive traffic to a site.

Anyway, spammers, take note: I gotcher number! Stop referrer spamming me! That means you , you stupid lyrics sites!

Tagged , , ,

Trackback Spam, Again

Once again, I am dealing with trackback spam, aka referrer spam. Since firsttube.com records the pages that refer hits to us, I’ve had to deal with jerks who issue HTTP requests so that they get a link back. Too bad they don’t realize that every referrer gets a rel=”nofollow” attribute (more here).

So, I had to issue these SQL statements to the database today:

DELETE FROM user_agent_table
WHERE (referrer LIKE 'http://mp3%' OR referrer LIKE '%mp3.com%')
 
DELETE FROM user_agent_table
WHERE referrer LIKE '%musicforum.org%'

Musicforum.org has some asshole posting all sorts of links that pass a GET variable with a firsttube.com URL in it, which appears to do nothing other than ping the page. So, effective immediately, we run a regex validator on referrers and will be doing a more frequent clean up.

Hear that spammers? Take your crap elsewhere.

Tagged , , ,

ReCaptcha is a Smart Ass!

ReCaptcha thinks it knows me, huh? It started calling me names today.

reCaptcha

Tagged ,

Suckered by a Spam Text Scam

I got scammed.

I got a text message yesterday that said “Free Msg from Verizon Wireless: We have new calling plans for UNLIMITED text to anyone in the US. Requires new customer agreement. Call 877-256-XXXX. To opt out reply X.”

This type of message is not completely unseen on my phone network. I’ve gotten a few “notice”-type emails in the few years I’ve been with Verizon, so before I even really knew what I was doing, I quickly replied “X” and hit send. And then I saw it: “Sending message to 9000XXX03671”

I realized what had happened. I had just texted 900-XXX-0036. And unfortunately, 900 numbers can charge, according to Verizon up to $25 or more for this type of thing. I IMMEDIATELY dialed 611 to talk to Verizon. Much the same way that if I complain with American Express, they can withhold payment from a merchant, I wondered, can Verizon refuse to square up on what was obviously a spam text scam?

Yes and no, apparently. The helpful rep I spoke with, “Sarah,” told me she could “flag” my account for a follow up when the billing cycle ends, but the agents cannot see live data and couldn’t see a text message within the last few days, let alone minutes. She promised to credit me whatever the message cost.

So I asked her the same question I’m broadcasting now: “Why do cell phone companies allow incoming text messages from 1-900 numbers?” Even if they were limited to just replies it would be an improvement. What possible reason could I have for a 1-900 number to send me an unsolicited message?

Is this the future of cell phone? SMS spam from 1-900 numbers? This is very dangerous ground, and I see where it’s heading: advertising spam (which has already started), “verified” senders, block lists, and finally an option to accept SMS only from your contacts. A new age is upon us. May the people who perpetrate these scams rot in the blackest pits of hell.

But Verizon is going to take care of me this time, and I won’t get suckered again. The moral of the story is: don’t reply to text messages from people who aren’t your contacts, period.

Within seconds of hanging up with Verizon, I got another message from 900XXX003671: “Thank you. If you want to eliminate all future SMS informational and marketing messages from Verizon Wireless, reply Q.”

Tagged , ,

Pwned!

This morning, I checked my Gmail and found that I had received 203 comments on firsttube.com last night. In case you don’t realize how odd this is, I typically get 1-2 comments a day max, unless a particular discussion gets moving, and then it might be 10 at best.

These 203 comments were generally grouped, about 30 to a group, with identical information. The name was some kind of drug spam (you know the typical Viagra, etc) and the IP was blank (which I may soon require to comment). But the odd thing: it was almost like it was custom written for my blog: the thread kept changing, the parent comment changed, the content changed, and it passed the captcha… or so it seemed!

So I changed my captcha. I think I might have found a bug in it whereby if your browser wouldn’t begin a session, it might pass the captcha. So that’s fixed. Plus I added several little checks to the comment page. It will not only reject lots of comment variants (all of which are unlikely to occur with real comments), it will actually ban some users automatically if certain strings are found, etc.

It’s kind of ironic that my last entry was on spam, and then my site gets spammed.

Tagged ,

Trackback Spam

There is a new trend out there, one that hasn’t received much coverage, but it’s a big deal, and it’s getting bigger. As user generated content becomes more and more prevalent, we have a new type of spam out there: trackback spam. On my blog, beneath all of the entries (above the comments), there is a section that shows you the user agents that loaded that page as well as the refering pages. I recently discovered something: people gaming the system. Read on…
Continue reading

Tagged , , ,

Reinventing E-mail

There’s been a lot of discussion in the last few months about the rapid increase in spam e-mailings, defined loosely by one website as “mass-delivered, unrequested advertising delivered via email or discussion groups.” Many have wondered what should be done, but few have proposed anything truly worthwhile.
Continue reading

Tagged , , , ,

X10 cameras – f them.

Do people actually buy the X10 web camera? If so, do they actually buy it from pop-up ads? That’s the question of the day.

Honestly, that friggin ad follows me all over the damned internet. You’d think it was just that necessary, “Hey, buying a CD…why not pick up an X10 too?” “Say, checking your e-mail….need an X10 while you’re at it?”

Seriously, I need to know – who is buying these things?

Tagged , ,