MacHouse

Last updated: April 08, 2008

1. Who is sending me spam messages by e-mail?
2. How can I catch the spammer?
3. What can I do to stop spam comments at my WordPress blog?
4. There is some guy who still manages to post spam comments. How can I stop them?
5. What is pharmacy spam?
6. How can I stop pharmacy spam?
7. Do you have direct contact with comment spammers?
8. One of your videos show damage at my website. Why don't you report the exploitation directory to us?
9. Which spam website have you guys exactly destroyed?
10. How can I destroy .HK websites?
11. I reported a spam website to its domain company.  But they say that they cannot suspend or kill it.  So what?
12. Who are these comment spammers?
13. What is PrivacyProtect?
14. Are you able to kill every spam website?
15. A lot of spam links point to one domain.  Could you destory it for me?
16. What do you know about comment spammers that come to WordPress blogs?
17. I really want to catch the guy who coment-spam my WordPress blog.  Tell me what?
18. How can I avoid receiving spam comments at my WordPress blog?

1. It's likely to be sent by an unemployed criminal with no formal education who has hijacked other people's computers.
   
   
2. That won't be easy because you first need to locate the virus-infected zombie computer and then find the guy who is accessing that computer. 
   
   
3. You can stop most of them, but not all, by installing anti-spam plugins and block IP addresses.  For more information on anti-spam plugs for WordPress, watch a video tutorial titled "WordPress - Introducing Simple Anti-Spam Measures," which can be found at Video Tutorials for Other Applications.
   
   
4. Going after an invisible man won't bear fruit.  Go after something tangible instead.  One easy way of stopping spam comments is to destroy the very website that is associated with those spam comments.  Simply, watch a video tutorial titled "How to Destroy Spam Websites" for more information.  It'll take some 10 minutes to destroy a spam website.
   
   
5. There are several large online drug stores that recruit website owners (affiliates) to get Internet traffic. These affiliates earn commissions that are usually based on the amounts that visitors have spent.  So pharmacy spam is concerned with the cybercriminal who posts a comment with a hyperlink to an online drug store.  Notorious pharmacy spam groups hijack a subdirectory of a website and install a CGI script of some sort to automatically redirect visitors to online drug stores.
   
   
6. There are a few things you can do. One is to destroy the guy hiring a hit man.  Again, just watch "How to Destroy Spam Websites," and watch the source of the problem.  Another thing you can do is to file a complaint at your country's agency responsible for communications and regulations.  If you live in the United States, and the domain of the website is owned by an individual or a corporation residing in the United States, then you can file a complaint at FTC.
   
   
7. No, we don't.
   
   
8. We don't always report it because we don't get much respect for doing it.  We try to report by e-mail an exploitation problem to every academic institution.  However, only a few of them have bothered to write and thanked us.
   
   
9. Some of them are shown under "Notorious cyber scum group" found on the sidebar of our blog.  Ther are more.
   
   
10. Many pharmacy spam websites nowadays have a .HK country domain.  And, basically, you can't destroy them because Hong Kong Internet Registration Corporation Limited (HKDNR) harbor them.  APNIC may have jurisdiction for overseeing this Hong Kong-based registration body.
    
    
11. Domain registrars have no jurisdiction over how their registrants use their domains.  That doesn't mean you can't destroy a particular website.  Find their weakness.  How did a notorious mob Al Capone end up in jail?  He was found guilty of tax evansion, not of racketeering or importing alcohol from Canada.
    
    
12. Many notorious comment spammers who disguise their IP addresses can be located in Russia.
    
    
13. This service is offered by a company in New Zealand.  It's been used by some Internet criminals to disguise their domain registration information.  It's a free service, according to the company, and PrivacyProtect.org simply puts their mailing address for your behalf.  We want more cyber idiots to use this service.  Why?  After registering a domain and this service, they will eventually lose both them.  It's easy to open the held private information to the public.  We've done it a few times.  In this way, cyber idiots will exhaust money, time and resources.  If you are a cyber idiot, go get it.  Here is a link - privacyprotect.org.
    
    
14. To be honest, no.  There are some spam websites that we cannot destroy because of lack of information.  But you could on our behalf.  The only reason why a spam website can thrive for longer than a month is only because people in general don't want to waste their valuable time in destroying it, not because one particular cyber idiot is good at hiding themselves.
    
    
15. No.  We are not Internet security experts at all.  If we can do it, you can do it as well.
    
    
16. Small-time comment spammers use zombie computers to post spam comments.  Disguising (annonymizing) their IP addresses, notorious spammers use Windows NT 5.1-based user agent (robot) to go directly to "wp-comments-post.php" and post spam comments.   So one way of preventing spam comments is to simply change this file name and make changes elsewhere accordingly.

    Be careful, by the way, with comments like "Hi, how are you?," "ello," "hi" that are posted by visitors.  (See Screenshot 1)  This Russian spammer seems to create a channel by making a successful comment like those.  Therefore, you need to label it as "Spam" at first, and then delete it.
    
    The screenshot to the right also shows a spam comment by a cyber criminal.  (See Screenshot 2)  How do we know it's a spam commen?  (1) "Very good web site, great work and thank you for your service." is a common comment.  (2) This comment is posted under a very old article.  (Place your Mouse over 'View Post' to see under which article the comment is posted.)  They often try to penetrate a system by using a clean IP address with a common Thanks comment.
    

    Screenshot 1

    Screenshot 2

    
    
    
17. Catching an invisible man takes a lot of resources and mostly cooperation from law enforcement agencies across countries.  First, identify the group/company hiring the spammer.  That won't be so difficult.  Simply, trace the links.  If you get a spam comment that leads to upspiral.com, for example, have a law enforcement agency seize payment records.  And they will be then able to find out what money goes. Tracing money will eventually enable you to identify the invisible man.
    
    
18. You will start receiving spam comments right after posting a comment with the URL to your website at WordPress' support site.  They send spam crawlers to this website plus other WordPress support websites overseas like this one.  So don't mention website if you can.  If you just want to advertise your weblog, you should do it somewhere else.