Tag Archive for spam

Twitter App Cards Hijacked for Spam

It seems some folks have found a way to spoof Twitter cards for their own personal benefits.  The spam Tweet shown below that I was sent tonight looked like a standard Twitter App card for Pinterest mobile app but it’s certainly not!

The link is obviously not a for Pinterest or the App store but what makes this attempt scary is that if they picked a domain that was similar enough to Pinterest then it would potentially be very successful and far harder for users to notice.

One other reason that it failed is that this is a random account but if this tactic was done from a compromised account then it’s possible more than a few people may click the link expecting to download the Pinterest app.  It should be easy enough for Twitter to shut these type of exploit down as this time the data-user-id#106837463 was identified as invalid and the data-screen-name was https://twitter.com when it maybe should have been something like https://twitter.com/Pinterest?

Twitter

The First Link link goes from the Twitter shortner to a random and unique long URL.  It seems every tweet got their own unique URL so there is automation and tracking in place so you should be careful not to click these types of links for any reasons!

redirect-1

The Second Link shows a 302 redirect to some type of php script, typically check.php is a tool that can be used to diagnose code issues such as CAPCTHA verification images not showing so you should be concerned if something a bit more advanced is running.
redirect-2

 

What to do if you receive these types of Tweets?

You should report these types of links directly to Twitter and NEVER EVER click on the link in the Tweet as your computer can easily be infected with malware! You can report spam tweets directly to tweet here using the form in the screenshot below.

spam-linkIf you know for certain that there is something suspicious about the tweet you can also flag the media by using the link shown in the screenshot below in the hope it may reduce the chance other users see and click the tweet link.  I’ve got no idea if Twitter actually makes use of this feature for identifying spam.

flag-tweet

 

Facebook expands link blocking

While Facebook has been progressively censoring links from sites that might contain illegal material such as Torrents they have been progressively expanding this security technology to also track onpage content. This expansion may not be a bad step forward a majority of the time as it reduces the number of spam and malware spread via it’s platform my issue is that it’s reading the page for any suspect or reported links and not allowing you to share the link on your page. This is a massive move forward by Facebook in it’s process of cleaning up the web and potentially censoring any content that it feels is illegal or unsuitable for it’s 700,000,000 members.  The potential risk for user-generated content providers and open discussion platforms is one of a concern and what is the potential impact for publishers?

Facebook Blocked Link

These new notifications appear to be part of the expanded Web of Trust platform that moved beyond re-active into pro-active screening of everything shared.  This new Web of Trust platform thereby offers Facebook real-time monitoring of what is being shared across it’s platform, since the beginning of last week. The question is what is next for social censorship? Can you no longer share content if the context of the discussion does not fit within Facebook’s vague guidelines or impacts on their commercial agreements?

So what is being blocked?

The link that I was trying to share was a YouTube clip, which in it’s description actually contained a Bit.ly link that pointed to a free web hosting account that before being suspended could have possibly have been sharing torrents of the song for download or loaded with advertising and affiliate links. The broad messaging from the Facebook notification was that the link was being blocked for being spammy or unsafe but this is very vague and there is no easy process for appealing your content if you have been added to their blacklist….

You can see the link is not a central part of the content and would not be clicked or noticed by most users watching the YouTube clip but because it’s featured on the page you are not allowed to share this YouTube clip via Facebook.  The other issue is that you might need to manually check your content can be submitted to Facebook and how unreasonable it is to block content based on any links that might be listed as part of the content. The implications on how your content will be censored based on the content around it seems to be a bit broad and obviously very based for YouTube as most popular clips feature similar links.

Blocked YouTube Clip

So what is the implications?

The issue is that Facebook is reading and tracking the content on your pages and potentially the any spam comments that might be automatically approved.  This is one of the strongest reasons why you should be moderating your comments and removing any spam or unknown links otherwise you might find that your content may no longer be able to be shared on Facebook. There is also another reason that you might not want to approve pingbacks on your content as it could jeopardise the ability for users to share your content via Facebook.

Related Images:

SMH publishes garbage article on seo

Snake Oil SEOIt’s clear sometimes that personal blogs and open forums are not always the best source of information about SEO from a best practice “white hat” perspective, but you can usually rely on main stream media to not screw up and publish garbage like I read today that encourages spam as a SEO technique.  There are lots of blogs,communities and forums that specialise in SEO covering practical/training, guides, tips and from a pure research perspective such as: SEOmoz, Search Engine Journal, Search Engine Land, Search Engine Watch, SEOBook, SEO Dojo, Webmaster World.  A majority of these sites work hard to educate their members about not spamming or following the advice contained in the SMH article I read today.

Before I upset every journalist who writes for The Sydney Morning Herald or any of their other papers such as The Age, this is a story that shouldn’t have gone to print and there is another related articles by the same writer that do nothing but cloud businesses view on SEO and increase businesses view that the whole industry is made up of Snake Oil salespeople. From my many past conversations with business about what is SEO and how it can help their business get more traffic from Google there often confusion around what you should and shouldn’t be doing as part of getting more organic traffic from Bing & Google.  Garbage articles like this break down all that good knowledge and understanding with cheap parlour tricks and spam.

Search engine voodoo: little-known SEO tricks” should not have been published as one it’s based on a technical paper published back in February 16th 2010 and its fairly clear that the SMH journalist didn’t take time to even read it as many of the points he later suggests are not advised by Nicholas Carroll.  The two so-called experts he quotes in the piece don’t appear to be anyone known in the industry and if I have the website right one expert is more of a snake oil salesman that is out of his depth in being quoted for this article as knowing what was is seo.

Comment spam is back in

The biggest failure around this article is the around the encouragement of comment spam, where readers are encouraged to use your keyword phrase as your name using blog finder software to pick which sites to attack with your spammy comments.  This is one of the many parts to the article that is not in the spirit with the original article by Nicholas Carroll that this article is apparently based around. So there you go its official from 2 experts no-one has ever heard of and a journalist how you can get ranked #1 in Google that no-one else has ever tried and failed to use successfully.  Now go search for a general blog topic and comment spam away and you will notice a huge increase in your search rank in no time, no need for link building campaigns or creating content just comment spam what’s already out there! It’s article like this that encourage the constant bombardment of your blogs with crappy comments and irrelevant statements just to get that link, no comment on how well it works in the short-term but its not something business should be using if they value their reputation.

Fact check please

I would expect that publications like The Sydney Morning Herald would at least take some time to vet or fact check what garbage some of their journalists are pushing out into the market place under the Fairfax brand.  It wouldn’t take more than an email phone call to the Fairfax owned Advantate to fact check the article or even provide some guidance around what is SEO for the journalist.  Publications like SMH’s My Small Business carry a lot of weight for business wanting to stay ahead of their competitors, so seeing low quality articles like “How to rocket your search engine ranking to the top of Google” make me understand why Australian businesses struggle with SEO, it’s the garbage they read online.

One of the previous articles written by the same SMH journalist uses terms like mysterious or art when he is discussing SEO does nothing to improve both a reader’s understanding of search optimisation, unless you are doing blackhat/greyhat practices it’s not a mystery it’s just hard work!

Keyword stuffing??

The rocket your search ranking article talks about peppering pages with keywords and every page should repeatedly feature one keyword and to embed that keyword several times.  This amounts to nothing more than keyword stuffing or spam and shows the misunderstandings the website designer has about effective SEO and to the writer for publishing it, where is your journalistic skills in vetting both the subject being interviewed about a subject he doesn’t understand and a topic you vaguely don’t care about. If you are unsure of his experience his background states that he “vaguely specialises in the internet” in an interview back in 2007.

Don’t make SEO harder

If you are going to conduct an interview with a focus around SEO that is just going to make the job of SEO consultants and SEO agencies that much harder, please just don’t publish it.  Articles like this are often brought up during discussions with business owners when talking about SEO, and often the business owner will stand by the article’s points because they read about it in The Sydney Morning Herald’s Small Business section so it must be of reasonable standing.

Blog Spam works

Much of the focus for the search industry has been around building up content networks and everyone has promoted directly or had someone else directly plug their article, application or website via a comment on a blog or a post, but why do it? The point is that basically it works and will continue to work either via driving traffic, developing a level of trust via links or improving indexing of the promoters website. Rand wrote up a big open letter calling for the Google webspam team to review how they are evaluating what is spam based on a decreasing level of relevance for a number of popular terms.  As for the best process for defining spam or making a broad decision that a particular method or intention is black/white or gray is not the purpose of this article its to look at why it will continue to happen.

I have been meaning to look into this matter in some more detail so by just picking 2 random but popular articles that have been published on this blog that had obvious self promotional links dropped, was it worth it for them? This site being a run on the WordPress.com blog platform so I can make it clear that all the links placed into the comments are “nofollow” so their should be no direct benefit for “link juice” or ranking benefit for you, but why does it keep happening and what is classed as spam?

Author Name Keywords
There are 3 sides to using Blogs for self benefit or promotion, the first and most common to slip through is to use the author details to place in keyword friendly names as part of the websites backlink strategy.  The use of keyword friendly author names is usually heavily frowned upon by a number of popular blogs as some do follow the author URL so the link text does have relevance and a benefit for the poster. Often the author’s name is matched to the blog post but often so not relevant that the following listed below are classed as spam.

  • Internet and network marketing tutorial
  • Link Building
  • Demo
  • capodimonte figurine
  • limo in baltimore
  • iPad
  • business inspiration
  • iPad Frenzy – Everything Frenzy on the Apple iPad!
  • 22 inch car rims
  • Zone of the Dead | Playstation3 Blog
  • Mrs Anti-Virus
  • Get Paid for Your Opinion
  • Online Casino Roulette
  • SEO

Author Website
The next part will be that they will usually to match the author name to their website URL but often automated bots or low quality link builders often increase the chance of being flagged as spam by trying to matching the URL to a similar focused keyword domain.  So the author name used for the comment would be “website designers” will be matched to “http://website-design-ers.info” which is fairly easy to spot.  The author usually owns, manages, benefits or is paid to increase the traffic to the website they have listed. A number of the URLs listed below have been used in comment spam and have been flagged automatically as spam and I have not included the full website address because this post is not designed to provide them with a benefit.  Often much of the comment spammers are not just link spammers but drop links to sites that contain malware, MLM schemes and mostly just not suitable for work audiences.  The author websites listed below are easily classed as spam and many are low quality template websites that are mostly not suitable for this blog to be found associated with even it is just via nofollowed links.

  • antivirus-free-download51…
  • game101guide
  • roulettestrategie.fast-instant-money
  • 23-inch-car-rims
  • webuytool
  • limobaltimore
  • ipad-tipps
  • infinitydownline
  • relevantlinkbuilding

Spam Comments
It may not always be done with evil or spammy intention in mind and the comment maybe be manually approved after its viewed if the comment is relevant to the post. The following is a list of spam comments that have recently been posted on this blog, they are good example of the types of blog comments which are used and flagged automatically as spam:

  • This was a great post, thank you very much :)
  • thanks nice..
  • Thanks for your awesome post,! More to come on Monday….
  • nice work guys really impressed with your marketing style.
  • Thank you for your info, Recommended to read!!! i’ll bookmark your site and hope can find more hot info for the future.
  • :)
  • hy man thanks for the comment on my blog ,hope will be back soon
  • hi every body
  • I found your article very interesting, do you still have another article? maybe we can share the article
  • This is a really useful post. Thanks for the info.
  • I found your article very interesting, do you still have the article with the same theme? maybe we can share the article
  • nice blog and nice articel..coool ha !!

Often the comments are even less relevant, and if created by spam bots or lazy link builders just take sections of your own article and post that in the comments as if they had written something relevant and useful, this does not add value to a blog post so are classed as spam. The comment combined with the author URL is a clear sign if the comment is a spam comment or one that should be approved as it is relevant to the blog post and is suitable for visitors if they should want to visit the authors page to learn more about them.

Link Dropped in Comments

The aspect of dropping a relevant link to a related post or product is a tougher conversation to have with both blog owners, search agencies and link builders.  Placing a link into a blog post still works well and can often add a relevance to a blog post where an author may have not referenced some details contained in their post, you might have seen or read a post that disputes their post or seek to create some more discussion.  I don’t believe that there is a single person in the industry that can claim they have never dropped a link to one of their sites/posts/clients at one time or another, but when it moves away from relevance then it can border on being spam.  If I have written a post about AdAge Power 150 failing, dropping a link to a dating site is clearly spam and is not going to be approved. Here is a short list of some of the many comments and links dropped shown in blue text that are not relevant to the blog post shown in (example) or often even spelled correctly and are regarded as spam:

(Article was written about links)

  1. This is a wonderful opinion. The things mentioned are great and needs to be appreciated by everyone. Auto Marketing
  2. I don’t generally reply to posts but I’ sure will in this case. Seriously a big thumbs up for this 1 C CLass IP hosting!

(Article was about advertising)

free advertiser to all bblogger bussnines
free advertiser
free advertiser
free advertiser

(Article about a marketing failure)

Nice Blog thanks ankara evden eve nakliyat Hosting

Summary of comment links

Sometimes the links match the author but often gmail accounts are used with the author’s url being squidoo.com, blogspot.com or wordpress.com sites.  These are flagged automatically as spam by WordPress so its a waste of time and resources trying to get ranked #1. Often blogs automatically approve comments so you will see the same comment or link being posted under different authors name/email to try and get around spam filters but it will mostly lead to failure. Spamming in foreign languages will also be flagged as the blog author won’t automatically approve it if they don’t know what the text says.

Links dropped in comments get clicks

3 Links that were dropped into 2 posts on this blog, actually showed to give the website a decent CTR actually in aspects higher than any links that are contained within the actual post.  So if you are doing article writing for the pure purpose of driving relevant website traffic to your site, it maybe more beneficial to have a decent link placed within the first few comments if you are looking for traffic, people are curious so that is why dropping links into comments works. The click-through rate for the links was actually well above what I expected which is why I wrote this blog post, 3 samples show:

  • Link 1 click-thru-rate 5.88%
  • Link 2 click-thru-rate 1.13%
  • Link 3 click-thru-rate 0.27%

Summary of Spam Strategies

So dropping links and spamming blogs can work for some sites/projects but in the long-term it’s not sustainable or going to help your brand/site if you get flagged as a spammer.  There are a number of things you can do to ensure you get more benefit when using blogs as part of your social/content strategy but this blog post is not the place you can learn about that.  If you choose to go down the path of heavily spamming blogs, your problems will compound overtime and eventually even if you are not spamming a blog you will be automatically flagged for review every time by Akismet, so best not try to make things that much harder for you and play nice.

Diesel fails email marketing

It is always a major annoyance when a large retailer or company cannot get the basics of online marketing right and turns a loyal customer into well an angry consumer! One of the retail brands that I used to admire and respect because it was smart edgy but recently I have been trying to cut down the number of newsletters and marketing collateral that fills my inbox each day.

I had subscribed from the Diesel store newsletter several months ago, but it’s recently that the email newsletters have started up again, almost on a weekly basis which is really quite annoying but I was to discover it is not always easy to escape from a list.

Step 1 take action unsubscribe from Diesel email list
Deciding to take action at the start of this process began on the 19th January 2010, when I received the diesel online store newsletter I clicked the unsubscribe link at the bottom of the email and was advised that I was successfully unsubscribed by website image shown to the right.  The reason that I have even got a screenshot because at the time I appreciate the cool factor and how they try once more to get you back onto the list with one last beg…”click here”
Step 2 freedom from Diesel email spam?
I had at that time thought that it was the end of it and I could go back on with my life with one less email newsletter clogging up my email account each week, it was sad because some of the invitations, offers and deals were still quite relevant. I had thought that in the future if I bought anything from their online stores or entered any competitions I would be automatically subscribed again, but it was too early to think they had let me free.
Diesel won’t let you unsubscribe from their lists!

But wait there is more emails…. on the 9th February 2010 I received yet another diesel store email newsletter, so I tried the unsubscribe feature again thinking maybe it didn’t process for some reason last time, and I also sent an email request to the sender to not receive any more email in the future. The email was sent to diesel_cult-reply@immiscible.diesel.com which is usually the best way to get quickly removed from any legitimate lists.  I was interested to find out what email marketing package they were using, so I decided to check the subdomain the emails were being sent from, I soon discovered that the sub domain was operated by eCircle’s. I now that eCircle is their provider of their email marketing solutions just by doing a simple reverse IP lookup on the subdomain with the detailed information shown below.
Diesel shows they don’t care about your privacy
I had hoped that my two unsubscribe requests and followup email had removed me from their email marketing list, but today I received a new email newsletter from Diesel.  It seem that it is more than just laziness this is a total disregard for their consumers and I have lost complete trust in the brand and all that I respected them for in the beginning. So by running an ineffective email campaign they have turned a consumer evangelists into a toxic consumer and we all understand the power of word of mouth, and I seem to be unable to leave their list….
What about EU Spam Laws?
It is likely that this continued campaign is violation of several EU spam laws but without the time and understanding of their judicial system it is hard to determine are they in violation of European laws and also state laws of Germany where Diesel’s email marketing provider eCircle is based and in Italy where Diesel is based.  Some of the many EU directives that relate to electronic privacy, contact and data protection that are likely in violation are listed below:

They are an EU based company and email marketing provider, and the email was originally subscribed to while I was a resident within the EU, so they should have to answer to EU privacy and data protection directives and let their subscribers leave their email lists.

Who is to blame for failure?

So the question is who is really responsible for the email failure is it Diesel for not picking an email solution that allows consumers to leave when they request to do so? Or was the Diesel email marketing failure dependent on eCircle’s email software solution for failing to accept and process several of my unsubscribe requests and ignore my personal email which many other solutions would have flagged.  So how can companies expect consumers to trust them with their details and address privacy concerns when they can’t even do the basics?

It is unreasonable that a consumer should have to goto such efforts to be removed from a marketing list that I originally opted into, I was a legitimate Diesel customer who really was interested in finding out more about their products. This process doesn’t look like it is over yet, so it is likely myself and Diesel won’t leave on amiable terms and may turn nasty in this breakup with a brand.

Related Images:

Yahoo patents video CAPTCHA

Yahoo’s video CAPTCHA patent generally revolves around the central idea “The invention relates generally to computer systems, and more particularly to an improved system and method using a streaming captcha for online verification.”

The video CAPTCHA patent appears to have come out of Tel Aviv University’s Blavatnik School of Computer Sciences, who advise is purely research but it encourages a new way of thinking.

While i think this is a great move forward to combat spam and reduce the effects of social engineering but as most people seem to hate and often find some of the CAPTCHA’s difficult aren’t they just making it harder?

I agree that one of the central issues is bandwidth and it is something that really hasn’t been thought through with many of these patents lodged by tech companies.  Unless they plan to ignore the fastest growing segment “mobile” which is already having bandwidth issues via AT&T in the USA.

The only point I could speculate is that it might be used for other devices such as Satellite TV, public Kiosks or secure websites such as Banks which seem suitable platforms for this technology as they maybe inclined to be more open to social engineering.

It could be more useful to ensure that if someone is watching over your shoulder what you enter, the video patterns may make it harder to read and even impossible to recall? To reduce the chances that a non-human is trying to guess the characters the patent allows for the response to be timed, which can further impact those with slow internet connections.

Emergence is impossible for Bots

The next steps revolve around 3-D images but the first task is that they have to discover the parameters of “perception difficulty level” to ensure the application can be used for future security applications. The process is focused around how humans can perceive emergence images or the ability to aggregate information from seemingly meaningless images. The image below is such an image that we can process but computers will fail to understand.

Emergence Image Teaser

If you look closely at the image is there anything that hops out….

Another one of the sample images based around this is more of a best friend to most men.

So why not just improve KittenAuth?

So while this is a great move forward to prevent spam comments it seems to be a more advanced version of KittenAuth which requires visitors to count the correct number of animals in the image. The problem was that KittenAuth can be beaten with brute force attempts and requires a massive database of images. With time the bots can begin to learn so the image set may have to alternate between animals and objects and show below.

The other item identified in the creators improving KittenAuth post was that the bots would take screenshots of the CAPTCHA and a human would enter the relevant code which was passed back to the bot.  The Yahoo patent timing element would likely make this process much harder or atleast require more resources and make the site less attractive to spammers.

Watch the future of CAPTCHA

If you want to watch the video of the likely spam benefits of emergence images and how algorithmic trackers struggle to capture anything more than garbage. This makes it possible for the same image or video used more than once as slight elements such as colours, size and length could trick bots.

http://aiw2.uspto.gov/.aiw?Docid=20090328163&homeurl=http%3A%2F%2Fappft1.uspto.gov%2Fnetacgi%2Fnph-Parser%3FSect1%3DPTO2%2526Sect2%3DHITOFF%2526u%3D%2Fnetahtml%2FPTO%2Fsearch-adv.html%2526r%3D4%2526p%3D1%2526f%3DG%2526l%3D50%2526d%3DPG01%2526S1%3Dyahoo.AS.%2526OS%3D%2526RS%3D&PageNum=&Rtype=&SectionNum=&idkey=6FC696AE4CAE“perception difficulty level”


Velocity Credit Cards spam Google

This post follows on from an ongoing issue with affiliate networks being better than the actual publisher at search optimisation and at times spamming the search results with duplicate content.  Google has begun the process of applying gradual penalties and progressing to complete removal from affiliates from the search index. The problem is often affiliate networks are constantly launching new domains, subdomains off existing domains faster than Google is responding.

velocity-rewards-logoWith all the recent hype around VirginBlue’s Velocity Gold upgrade failure, there has been a significant uplift in search volume and it appears that some of these affiliate/automated results show the most to gain.

We can see from the results shown below that Velocity ranks #1 the Fairfax OMG owned #2 CreditCards.com.au result actually has a better call to action in its result and so would likely get a reasonable amount of clicks.  It is also noted that the NAB product information page does not actually feature in the first page of results and actually ranks #20 for the term “velocity gold”.

This poor ranking for one of their products shows that NAB needs to focus more on their online products as they are likely losing customers to affiliate networks who can often convert to sales better. As shown later in this post Banks.com.au are cross-promoting other Banks products against your product and also feature ads for competitors products such as the Qantas AMEX card.

velocity-gold-top-results

I have removed a Google news link and a link to a forum FlyerTalk for visual purposes.  But what about the remaining results and why do they all look similar? I have included the graphic of who provides the content and we can see the results are dominated by Mozo who appear to power the automated and duplicate content that is shown in the results. The final result is a Naked Communications run finance website likely operated on behalf of a client.

The Mozo-powered results are purely automated results with the only difference being the website name dynamically inserted into the page title and meta description.  The results look like spam and do not appear to provide a quality response to users.

velocity-gold

To show what I mean by automated/duplicate content for the Mozo-powered product I have included the pages shown above. The only slight difference between each of the pages is the website template being used with all using the same on site text content, on site images and even layout.  This is not quality content this is lazy automated results spamming the search results!

money-manager-credit-card-spam

brisbane-times-credit-card-spam

business-day-credit-card-spamwatoday-credit-card-spam

What about OMG Fairfax?

So lets compare the search results from OMG Fairfax and why they are similar websites why their results are better quality and more relevant.  Comparing Banks.com.au and CreditCards.com.au both while the content is similar I can clearly see while the text is similar they have ensured that the page titles and meta descriptions are unique but still relevant to the search result.

omg-credit-card-results

Meta Descriptions
The page description are included below to make it easier for you to visualise the slight differences in results.
CreditCards.com.au
NAB Velocity Gold Credit Card – review and compare Velocity Gold Credit Card features and apply for credit cards online.
Banks.com.au
The NAB Velocity Gold Credit Card – review the Velocity Gold Credit Card from NAB, compare features and apply for credit cards online.
Why is it not duplicate content?
So while both pages contain similar content why is CreditCards.com.au ranked higher than Banks.com.au? The CreditCard domain actually has around 20% more on site content related to the Velocity Gold Credit Card and also its domain is a more relevant for the content.
credit-cards-com-au
banks-com-au
Do you agree with my analysis of the search results and do you think the issue of affiliate/automated content is increasing or just getting better quality and harder to spot?