Forum spammers - “anti-spammers”

    Today I received a letter complaining from a regular user of a small forum that I administer:
    Hello, on your forum I occasionally receive spam in the LAN ( private messages ).
    It would seem a common thing. Until now, users occasionally received a certain amount of spam in their personal mail. But this time, the number of messages sent, judging by the reports, was large, and I went on to decisive measures. And I was surprised a lot: it turns out that they already “helped” me in the fight against spam!

    Spam messages were sent from several users who were registered in the interval from March 26, 2009 to March 2, 2010. They did not show activity on the forum, had relatively meaningful nicknames, mail addresses and did not cause any particular suspicions.

    The fact that spammers who have been visiting for almost a year, activated at one moment is not as interesting as the rather dull content of their spam (dating, porn, etc.). It was interesting the content of personal messages of one bot, which registered just a day before the "hour X". I will bring it here in its entirety:
    Hello. Today, the Forum Administrator informed us about the fact of spamming by members of this forum (Spammers: % username% )
    We strongly recommend that you go through an online check on our website: _http: //
    If you ignore the requirements of StopSpam, We reserve the right to file a complaint with your Internet Service Provider about blocking access to the Internet.
    Sincerely, StopSpam World Anti-Spam Organization

    In general, the simple scheme:
    1. Some users who receive spam are more likely to report this on the forum
    2. Another part of users receives an impudent message with threats from the supposedly administration of the forum and finds out that spam is actually sent to the forum. Next, an inexperienced user in fear follows a link to a phishing anti-virus scanner, where he receives a good portion of trojans.
    3. ...
    4. profit!

    And although the scheme is simple, but, apparently, effective. A search in Runet showed that a similar "attack" was recently conducted in many forums. Administrators and moderators, be careful.

    PS: By the way, on my and some other forums messages from fake anti-spammers were sent from Alexey Pleshkov's account . Look for it at home, just in case.

    Also popular now: