Someone’s spamming Australian email addresses with a fake news bulletin about PM John Howard having had a heart attack. It includes a link supposedly to The Australian newspaper, but which in fact goes to http://www.theau-news.org/ The spams come from a variety of addresses, with subject lines such as “John Howard, the current Prime Minister of Australia have survived a heart attack” and “Best surgeons are struggling for the life of the Prime Minister”.

The domain was registered only a few days ago, to a post-office box in Nova Scotia, Canada, and apparently the site tries to install malware.

• The Age: Howard heart-attack email carries virus

SYDNEY, February 18, 2007 08:56pm (AEDT) – The Prime Minister of Australia, John Howard have survived a heart attack. Mr Howard, 67 years old, was at Kirribilli House in Sydney, his prime residence, when he was suddenly stricken. Mr Howard was taken to the Royal North Shore Hospital where the best surgeons of Australia are struggling for his life.

Click on the link below to get the latest information on the health of the Prime Minister:

The Australian – keeping the nation informed
(more…)

What spammers don’t seem to realise is that advertising doesn’t scale. Spruikers know this — that’s why every shop doesn’t have one, it would be a cacophony of noise. Junk (snail) mail people know this — if everybody’s mail box was flooded 100% of the time, everybody would get a No Junk Mail sticker. (Mind you I did once get 28 items in one day.) Telemarketers… well, they may not have figured it out yet.

In fact no, I’ve changed my mind. It’s all about the cost of the pitch. As the cost approaches zero, and assuming there’s no regulations preventing it, there’s more pitching. So those who don’t batton down the phone hatches like I do get endless calls. And spammers flood email boxes, despite that their pitch would work better if it was the only one that arrived that day. Not to mention if it wasn’t in broken English.

Which is why my Gmail spam folder currently has 2702 items in it.

Do people wanting to buy Cialis and Viagra actually wait around for a spam to arrive telling them how to get it? Why don’t they just go to the chemist?

People are comment-spamming blogs on behalf of DealsDepot.com.au. The comments I’m getting look something like this:

Name: mirror
E-mail: mirrorconsultancy@yahoo.com
IP: 125.22.69.34

Talking of [topic], may be if you want to buy [product] at best price, I have a suggestion to make do look up Online Shopping

I’ve had about a dozen of these today, hitting various entries, where the topic closely resembles the topic of the blog post hit, though the link to [product] is often tenuous.

Apparently (see comment 16 here) the company offers discounts from products in return for people posting blog comments about them. Certainly looking around they appear to be successfully hitting a lot of blogs.

Not mine though.

More examples after the fold.
(more…)

I’m glad I’m not the only one getting endless offers of jobs from Israeli Brokerage Services Limited.

Apart from anything else I find it puzzling that they think their scam will work better if they bombard email address many dozens of times every day. Like getting ten of the same offer isn’t going to make me suspicious?

Update 10-Nov-2006: Information on this scam at the Western Australian government ScamNet.

Oh great, so now we’re getting trackback spam which is linking to Google searches of random garbage, such as http://www.google.com/search?q=pzzfxcus. Which, if you’re wondering, finds nothing.

Bizarre-O.

Report web spam to Google. Please.

I’m thinking splogs here. Specifically for splogs is SpogSpot.

The comments on Jeff’s post that Software development is basically a religion found themselves talking about Jeff’s captcha, which is the word orange. Always has been. Basically, there’s a mandatory field. Fill it in wrong, and you get no comment. But because having this mandatary, when’t a spam bot going to figure that out? You may as well have the word “orange” as text, not a graphic, and then the vision impaired can play too.

I think I’ve talked about this before.

BTW: welcome to the 6th of the 6th of the 6th. Finally Americans and the rest of the world can agree on the date.

Update to this post about human comment spam, about a new trend in blog comment spamming, using real life human spammers, to get around the fact that most bloggers can see the robots coming from miles away.

I’ve had a large number of these come through on my blogs in the few weeks. They’ve all been leaving links to sites like the one pictured. This one’s about antioxidants, but some are purportedly about computer viruses, drugs, whatever.

I really should update all my remaining blogs to use NoFollow, so if any get through, they don’t gain any PageRank. Time to chuck WP-Hashcash into the fray on all of them, as well.

Uh, so many blogs, so little time.

Update 26/5/2006: Another example added.

Amongst all the easy-to-spot robot comment spam, I’m getting a bunch that (at first glance) looks like it’s written by humans. Gone are the stupid out-of-context broken-English comments and links to drug sales. These all have comments that look like they’ve got a few milliseconds’ thought put into them, all on new posts, they all leave a rediffmail (Indian GMail-type operation) address, a 209.97. IP address, and a link to a web site featuring lots of links and no content.

So far I’ve been spiteful and kept the comments but wiped the URL link.

I wonder if they’re particularly targetting WordPress sites that haven’t yet been upgraded to use the NoFollow links.

Yesterday I answered the ‘phone. Because I was home, having a holiday, which is soon to be rudely interrupted by a short working stint, but that’s by-the-by. I could tell that whomever had called didn’t know anyone in the house; the phone’s listed in my girlfriends name. “Hello, Mr [Girlfriend's-name]?” is a dead giveaway that they’ve pulled the number from the phonebook, and immediately puts me on the defensive. Which is why I have no interest in having the phone in my name. I can spot low-life scum a mile away with the arrangement as it is.

Now, the first thing I do when I have a telemarketer on the phone is to get them to tell me who they are. The lass weasled about, talking about a survey. Surveys don’t care about the identity of the respondent; this was marketting. Eventually she said she was representing the Jehovah’s Witnesses, at which point I terminated the call; religous fundamentalists get up my nostril.

Neither Cathy nor I get any telemarketing calls – oh, well maybe we get a couple a year from local gyms. It’s because we’re signed up to the ADMA’s do-no-call list. If you’re not signed up, stop reading, and go sign up now. The local gyms get the line “we only purchase goods from members of the Australian Direct Marketting Association” and they’re taken care of.

So, here we have technology being used for evil. Evil, not only because it’s evangelical fundamentalists at work, but because they claim they’re doing a survey about how people in the local neighbourhood feel about stuff. Because it’s a survey, that would be covered by the Australian Market & Social Research Society, which (they would claim to keep the statistics clean) doesn’t operate a do-not-call list (in spite of the fact that people that don’t want to be surveyed are going to do all sorts of bad things to their stats).

Worst of all, I don’t think there’s much I can do about it, except I remember hearing about a guy who had installed a PABX with and IVR – “if you want to talk to Cathy, press 1 now. To talk to Josh, press 2 now. Pressing 3 now will let you talk at Owen, but don’t expect a cogniscient conversation out of him.” Apparently, in the US, he was getting zero telemarketing calls – which is quite a feat.

Questions:

1. Has the obesity epidemic reached the point where the Jehovah’s Witnesses can’t be bothered leaving the house to recruit souls so that they can, pyramid-sales-scheme-like, go to heaven?
2. Why don’t the Jehovah’s Witnesses tell people up front you’re not going to heaven, even if you convert (there’s only 144,000 spots – what are the chances you’ll be goody-two-shoes-super-converter enough to get in)?
3. Why doesn’t the AMSRS operate a do-not-call list?
4. Why doesn’t the government ban harrassment like this?
5. What can I do to stop this from happening again?

Scoble writes that WordPress.com has strong comment spam protection, but that it sometimes gets false positives.

I’ve found nothing better for spam protection than WP-Hashcash, which uses Javascript to make sure it’s a human entering the comment, not a robot, but without captchas or other stuff the user has to do. Works like a dream.

The only down side is it doesn’t work with some older WP templates. So while this site is fully spam equipped, my personal blog won’t run it until I upgrade the template (probably a project for Christmas time).

But apart from that, for WPers out there, I can’t recommend it highly enough.

Combined with settings that ensure firsttime posters go straight to moderation (subsequent postings are approved automatically) it ensures that those damn spammers never get their comments published on my site.

I might add that the company I work for (which develops B2B messaging systems) is working on a new site. To encourage them to update it regularly (some might call it blogging, but I’m emphasising “regular updates to existing and potential customers”) I’m building it on WordPress. Given WP’s ability to do a site of static pages and dated entries, it should work very well.

Today I got an actual, real, non-spam, genuine home loan approval by email.