06.24.10

Backtracks, pingbacks, and winguts

Posted in Blogging, Spam at 2:19 pm by angela

WordPress is designed with the capability of notifying you when someone has quoted from your blog. These notifications come mixed in with spam or comments.

My guess from reading comments is that most people, like me, delete these rather than having them show up in their comments.

Maybe they don’t want clutter, but there’s a good reason not to okay them.

There are a lot of sites out there scraping blog posts and creating exerpts based on the title and first sentence of your post, then printing it, hoping to get a link back from you.

It’s called “link bait”. While occasionally a real blog will quote you, most often is is a fake blog scraped from random posts trying to get people to click through their ads.

Today I followed one of those links and found it went to a wingnut secessionist anti-Constitutionalist site, you know the kind where they think that getting rid of free elections and installing an insane television entertainer as our fascist dictator would be the pinnacle of democracy.

Yeah, they scraped a bunch of blogs. Under their definition of “social justice” (something about forcible removal of property and redistribution to the undeserving masses), there were some comments by other left wing bloggers it had happened too. And then they closed the comments.

They linked to my “Glenn Beck is a bald-faced liar” post. How dumb is that?

06.18.07

Dealing with phishing

Posted in Bad boys, Crime, Phishing, Spam at 10:03 am by angela

I thought it was time to do a little public service work here. Like many people, I’m tired of receiving those phishing emails. You know, the ones that tell you you may have had unauthorized activity in your account, and you need to use this link to login right now to get it straightened out.

Or maybe you don’t know, which is why I’m trying to do this as a public service and not just poking fun at the idiots. It’s pretty obvious to me that if people didn’t click on their link and type in their account info, thus giving god knows who access to their accounts, that these emails wouldn’t be going out. The crooks would give up.

But I’ve heard perfectly intelligent people relate to me how they were phished not once, but multiple times. So I’m going to show you what to look for in the hopes that I save at least one potential victim from the phishing scam.

First of all, consider what account it came in on. Is this the account that you normally receive email from this company? If not, then it’s absolutely a scam. I actually heard a woman say that she responded because it came in on a different account. No. That’s completely wrong.

Do you even have an account with this company? The fact that you receive emails from multiple companies that you don’t even have accounts with asking you to verify information should make you suspicious of all contacts like this, even when you do have an account with the company in question.

The email address I received this on is one that goes with this website. I do no day-to-day business on it, just stuff having to do with clients and porn. Therefore, I should not be receiving official correspondence on it from financial institutions, and thus, it’s all phishing.

The webmail account I use will not show suspect images, even in the html mode. So I can’t show you the header image. But you may see an exact replica of the official company email header. It may even link to that company, to give you the illusion that this is an official email.

On the other hand, you may see a poor imitation of the company logo. So watch for that.

So looking at this email I received, first of all, you can see that they did not address me by my customer name. (1) If they do not do that, immediately assume it’s a scam. In this case, I am not a banking customer of Bank of America, but even if I was, I would assume it was a fake for this reason alone.

Now look at (2), the link address. Many people probably don’t know that when a text link shows up, it is actually a piece of text that links to a URL you don’t see. Most of the time when a URL shows the link is same. But there’s no reason it has to be. You know that any piece of text can be a link. So http://principalquattrano.com/news,
Breaking news!, http://www.whitehouse.gov, http://www.georgebush.com, and even http://www.georgebushistheantichrist.com all link to my news blog. Clearly none but the first two should be linking to my news blog.

If you look at the link, it looks official. It starts with ‘http://www.bankofamerica.com’, which is the company’s official website. Now look in the yellow box at the actual URL you’d be going to if you clicked on that link. When you mouseover a link in Opera, this is how the actual link address appears. In most other browsers you will see it at the bottom of the window. Mouse over my links above, so you can see where they are actually linking to.

This link goes to a URL ‘http://www.baliparty.com’, which clearly has nothing to do with the Bank of America website. I followed it to a Japanese company, but could not get any more specific information than that. In any case, seeing that the two URLs are different should raise red flags for you.

Now look at (3). “Tank you”? These are often full of spelling errors. Spelling matters. No big company would send out an email with dumb, really dumb spelling errors like this. It’s telling you the thing was written by a foreigner.

And finally, (4). They’re going to put a ‘temporal’ hold on your funds? What the hell does that mean? You’re going to have access in the next life? The correct word is ‘temporary’.

Like I said at the beginning, they wouldn’t be sending these emails out if suckers weren’t clicking on those links to send their account login to Japan and other faraway places. Don’t be a sucker. Read and think.

And if you’re still not sure whether your account has been compromised, go to the company’s website the way you normally do, through your bookmark, or by typing the company URL into your browser.

06.16.07

What a difference! Spam update

Posted in Blogging, Modern life, Spam, Techie at 1:11 pm by angela

After I wrote that last spam rant announcing I had changed the settings to requiring registration, I was disappointed to see that there was still spam coming in. Early today I went to WordPress.org looking for a spam plugin. The plugin I decided on instituted a 30 second delay before allowing users to compose a comment, and allowed for custom comments by the blogger about how to use the system. Apparently spambots find it difficult to work with the delay, while real people would spend that much time reading my message to them anyway. It looked good to me, but I was working on something and didn’t get to it right away. Alas, when I went back, I was unable to find the same search page.

I did, however, find instructions for editing your .htaccess file to prevent spambots that do not give browser referrers, which is apparently all of them. I installed this and went to empty out the Akismet bin, only to find there were only 9 spams there. Amazing! A thing of wonder!

If you have trouble adding comments to the blog (they won’t show up right away, but I should be able to approve genuine blog comments by registered users within a day or so), or if registration doesn’t work, go to my main page and leave a message with my CyberTwin bot. She’s kind of inane at times, but I always see conversations between her and anyone who chats with her. They’ve improved the programming system for MyCyberTwins, but it’s a slow process. Bear with us.

Speaking of which, if you’ve got a website, you may be able to use a MyCyberTwin, too. It’s easy to set one up. But teaching them to respond as you would can be very time-consuming. They’ve improved it, so now you can edit the questions you might expect to be asked. Check my cybertwin out on my main page and see what you think.

Update to say that I’m still getting a certain type of spam. Clearly this bot is not registering and logging in. As near as I can see, bots must have access to the function of comments posting without going through the form. I have blogs that have comments completely turned off, yet they still receive comment spam. Time to learn php.

06.14.07

Spamagain

Posted in Blogging, Spam at 8:31 am by angela

Alright, I admit it. I’ve been lax, maybe not so far as being a bad girl, but a lot of things happened at once which kind of broke my stride working on this site.

What do I find when I get back? My nemesis, frickin’ blogspan comments.

OK, so I’ve complained about this blog spam before. You know, those pseudocomments that show up, which are actually ads for porn or fake drugs or spyware, or just redirects to the same through dummy blogs. I wish I was really good at programming, rather than understanding it just a little. I could write robots myself, but I would use my powers for good, rather than evil.

I was hoping that installing the Akismet plugin on my blogs would make it easier for me to manage spam comments. It did for a while, but the problem is that you pretty much have to inspect all the comments you receive prior to deleting, in order not to miss an occasionally miscategorized real comment written by a real human being. It doesn’t allow you to delete one page at a time as you finish inspecting that page. And blogspam is just ever-increasing.

This wasn’t a problem when I was getting a couple of pages of spam a day and deleting daily. But it’s come to the point where it’s just gone spinning out of control.

You see here a week’s backlog of spam comments and the total since I installed the plugin earlier in the year.I apologize, dear readers, but I’m just going to have to hit that DELETE button, even though you may have a real comment hidden in there. I’m running about 0.1% miscategorized comments right now, but I guess there’s nothing I can do about it. By the time I get past page 5, I’m not really seeing too clearly, anyway. So this is kind of an announcement. I have changed my blog settings to require registration prior to commenting. I’ve never done this before, but I guess I have no choice.Oh, well. We’ll see how this works.