In the latest episode we had a person pertainging to act for animal rights in China, which no doubt the content of the story may itself be true, but that is 'social engineering/phising at the viewers expense in real fact.
I have gone though that users entire profile and data and gone on a search mission.
The message itself redirects to a site that appears legitimate and in fact it is NOT as in the backend code of the site they are using 'phishing/social enginnering' and some of the sites are using in-line frames to display the content and others are using a 'copy' of the original site and then auto-redirecting your browser to a new location and as such are decieving users about the content they are viewing.
In this particular case the owner of the site and other sites that are being run by the same user they are trying to by-pass Windows Security and to use a 'Windows Security Exploit' that is reffered in Microsoft Security Bulletin MS06-014
The sites through the network of asociated links that I traced through Google, Siteadvisor and WhoIS tools shows many traces of the 'ActiveX Object', 'Remote Data Services Data Control' 'msadco.dll' to automatically install because you do not have the latest security updates from Microsoft installed and as such this ActiveX object could be installed automatically into the users machine then giving the web site open access to your PC.
A few of the other posts that have started to appear are not just the latest 'blue pill' spam (don't want to mention that 'V' word due to Googles Adwords rubbish and have someone actually profit from this post by having an 'impression ad' displayed for that 'V' thing above')
The other type of 'spam' we are getting is of a different subject to what we are used to, a few of late have been for everyday pagerank/seo fools and as such appears harmless though just their 'Username' is tied to their internet domain name and are trying to increase there pagerank by having 'that' name in as many internet locations as possible, with or without a website link pointing back to there home page. (As the line between SEO and Google Pagerank is associated more and more these days with spam {Google is an advertising company and so are spammers, Google ARE NOT doing enough to address this problem} and I have serious issues with Google on all of this 'false economy' (again if it is not obvious) that only benefits spammers and Google, not the consumer or advertiser)
A solution for this is far from easy, though I am thinking that 'new users' should only be able to see a single area of the forum to then read a VERY EASY introduction to allow them to be able to post quickly and easily, though if the seo/pagerankers go though this the site that they link to will be reported to Google as a breach of Googles Terms and Conditions and will loose there account from Google and be removed from Google thus loosing the income stream they are trying to artificially create. (Whether Google accept this or not is another question, though it is in their best interests to do so)
I have started going absolute ruthless on these people getting into the forum, it is not just the links they are posting either. It includes there USERNAME, ICQ Numbers, Instant Messaging Addresses, Location, Occupation and Notes fields that they fill with 'keywords' applicable to them, sojust changing the website link is not enough anymore. We need to delete all of the profile information for the user and update the profile. I am then going in and deleting them completely from the system and how often they are actually returning to do this again we have no accurate statistics, only speculation. I think it is quite low, so I am deleting all accounts in this way.
If you see a 'new user' on the forum with only 1 post to their name (ie. The post you are reading) and it is just a link to a website please do not click the link and have these people (Google and the spammer) make money from your mouse click at best, at worst there is spyware/malware/virus waiting for you at the destination.
Why no 'source links in this post, I want to keep people away from where I have just been in having a security dodgeball game. Now that I have no Anti-Virus software running on Vista, I may just go do a security scan to check that I am still safe and clean myself.
One of the other issues surrounding all of this is the fact that if you have a Google Adwords/Adsense account you are basically not able to talk about this or you loose your account. Even part of Googles T&C state if you take legal action against Google for 'click fraud' you are for life banned from using the Google Adwords/Adsense as a revenue stream to help ofset your costs for running your website. So if you catch Google out on 'click fraud' you lose your revenue stream of income and are never allowed to use Google services in the future again for absolutly no fault of your own. Thus people who are getting 'dudded' by 'click fraud' are basically wearing the cost of 'click fraud' because they are still getting some money from the legitimates but if they complain they then have no income at all. How can an advertising company have a motto 'Do no evil'.
So, Google get your act together and I 'may' recommend your 'search' to users again, stop mis-directing users from your search results to URL's that you display as the destination address and take them to a differnt URL that is an advertisment for the company in question. And STOP spammers and yourselves profiting from SPAM. Google you MUST address this, and it is long overdue.
Here are the stats from the 'main-end-point' of the spam on 'Saving puppies in China' that tries to utilise the security exploit I mentioned above. So we are all being 'had' by these {I must watch my language} and if we feel guily about puppies in China and don't have our security up to date our machine gets infected.
Sad for the puppies I say, but I will no longer be letting 'Dying Puppie' threads stay in the forum.
<img src="http://img159.imageshack.us/img159/1599/spam9jd.png">
I will delve into a fact finding mission to give some backup to what I am flat accusing Google of being the reason why we have so much exta spam these days on another day. But needless to say until Google clean up their act you will continue to see spam anywhere and everywhere on the internet becuase Google makes money from it.
Hmmm... Not the best worded or structered post, I apologise for that as it was a paragraph by paragraph typed as I progressed thorugh my discovery and its 12:30am now so enough of this for now....
As a sidenote I have reported this site to many software companies and will speak with some other 'authorites' tommorrow about this site and having it taken offline ASAP.
