Are U Fooled by This Spam Technique?

Akismet flagged a comment as spam and I had not seen the spam technique used before, so I was fooled. I reviewed the comment and approved it, but the name, Michael G. Redmond, made me wonder a bit more (Redmond, WA is the home of Microsoft). So I goggled it. Oops. I remarked the comment as spam. Why?

The same comment, word for word, was also a book review on Amazon (see here). A really nice trick that avoids most of the red flags that spam usually has.

So why did I initially accept the comment? Because the comment, unlike most spam:

  1. Actually referred to the topic at hand (Top 7 Reasons for Security Certification).
  2. Was intelligent, lacked typos and grammatical mistakes, and had the feel of legitimacy.
  3. Did not promote the website linked to the commentor’s name.

Why should I have rejected it outright?

  1. The email address of the commentor (you can enter anything you want, of course) ended in @cisa.certification.com.
  2. The link embedded in the commentor’s name was URL-shortened (not totally uncommon) and went to a computer hardware site in the UK.
  3. The comment criticized a CISA book, but didn’t note the title. That puzzled me until I realized that it wasn’t necessary in the comment’s original context: an Amazon book review.
  4. Finally, Akismet flagged it. And she has a lot more experience with spam than me.

So why did I decide to accept initially?

  1. Every blogger loves comments, especially intelligent comments.
  2. The comment added to the discussion and bolstered a suggestion I’ve made before (see #2 in How to Pass Certification Exams).
  3. See #1.
  4. I had a brain fault.
  5. See #1.

This was the first time I ever overrode Akismet’s work. So watch out for this technique when you review your flagged comments.

When in doubt, trust Akismet.

Tell me about your spam experiences you’ve had, or just leave an intelligent comment.

Related posts about Akismet and spam:

Blogging: Spammers

Stupid Spam Comments

Stupid Spam Comments 2

5 Comments

Filed under Blogging, How to..., Security

5 responses to “Are U Fooled by This Spam Technique?

  1. Danny

    I have been running in to tons of spam campaigns at work. I look for similar things in the body of the email, but typically, I get the variety that says: “Please bank of US for log in and password. This is security for money bank you will be poor if not”
    And for some crazy reason, people actually click on the link and change their password. I guess they think .ru at the end of USBank means nothing.

    Like

  2. Danny,
    Thanks for stopping by and commenting.
    Do you run the antispam software or are you saying your work doesn’t have good antispam protection?
    I doubt most people even notice the .ru as they don’t understand URLs in general.

    I think it’s crazy that people click on what is so obvious to you and me a scam. Here’s my theory:
    1) Texting and chat have so corrupted the grammar and spelling of so many people that many don’t know how to spell or write like they did prior to the birth of Al Gore, the Internet, and mobile devices.
    2) Due to #1, people actually expect poor writing skills and it’s accepted.
    3) So many more people are in the workforce for whom English is not their native language, so again, this is more accepted.
    4) Many people are so scared of all things electronic and networkish that they believe everything they receive (or read). In addition, they feel they have to respond to every phone call, email, and text they receive. Yes, I really know people like this, and I’m sure you do too.
    5) Too many people have lost the ability to reason and think. It takes too much time and they have more important things to do. Hence, they do what they are told.

    Hey, Danny, thanks for your input. You’ve helped me generate fodder for another post!

    Like

  3. Somewhat similar to the SPAM you encountered. A few months ago there were a few comments left on my blog. The comments were generic but targeted the topic of digital forensics and happened to go along with my post. I never posted the comment due to a small error which was talking as if multiple authors were involved in writing the post. That was a dead give away since anyone who actually reads anything on my blog can see I’m flying solo. I did a couple of good searches and found the comment on a few other forensic blogs.

    The technique was good enough to get past Blogger’s SPAM feature. It took awhile for Blogger to catch up and mark the second comment as SPAM even though it was pretty obvious. So far, this has only occurred once but seeing the Spam you encountered is making me think more about researching the comments before I post them. A quick search on the comment or author could show if the comment is unique or if its SPAM.

    Like

    • Good to hear from you again, Corey. Thanks for sharing your experience.
      That will teach you to use Blogger instead of WordPress–WP’s Akismet caught my comment — just kidding.

      Yep, googling questionable comments first is extra work, but I think it’s worth it. Until of course we both start getting 100+ comments a day :)

      You do well flying solo. Keep up the good work. For those of you interested in incident response and digital forensics, I suggest you check out Corey’s blog at http://journeyintoir.blogspot.com/

      Like

  4. Pingback: » Over 1,000 Spam Comments In 24 Hours!

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s