Proving Bad Intent
-
Okay, so based on common sense re: author name and generic comment...
...I'm pretty sure this blog comment awaiting approval is aimed at getting users to a phony site in hopes they will make a donation to a fraudster impersonating Johns Hopkins.
But if you check out the URL, you'll see they are not idiots. It's an .edu address with a high DA.
Two questions:
- Are my suspicions well founded?
- How would I go about proving this, in a less clear cut case?
Author : how to grow weed (IP: 173.208.91.231 , 173-208-91-231.ipvnow.com)
E-mail : Diekema@gmail.com
URL : http://apps.pathology.jhu.edu/blogs/pancreas/?p=121
Whois : http://whois.arin.net/rest/ip/173.208.91.231
Comment:
After study a few of the blog posts on your website now, and I truly like your way of blogging. I bookmarked it to my bookmark website list and will be checking back soon. Pls check out my web site as well and let me know what you think -
Yes it is a spam site.
Google the email address and it pops up on several spam trackers.
https://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Diekema%40gmail.com
|
Date | 
IP Address | 
Username | 
Email | 
| 
|
| 9-Mar-12 07:33 | 173.234.161.143 | Hai Tanzi | Diekema@gmail.com |
| |
| 14-Jan-12 03:32 | 200.222.13.135 | top 10 dubstep songs | Diekema@gmail.com | | |
| 10-Jan-12 06:06 | 108.62.46.70 | decorator | Diekema@Gmail.com | | |
| 30-Nov-11 04:28 | 173.234.248.159 | how to attract men | Diekema@gmail.com | | |<fieldset><legend>Legend</legend></fieldset>
|
| Toxic IP address or "bad" email domain |
| Highlighted | Hot IP or disposable email address |I just delete all comments that even smells of spam.
-
If you do a search on part of the comment, you'll see it duplicated all across the web https://blekko.com/ws/+%22study+a+few+of+the+blog+posts+on+your+website+now,+and+I+truly+like+your+way+of+blogging%22
so it is certainly a spam comment. The URL looks decently legit, but the email is a gmail address, certainly a spam author name, and comment is spam. Not sure that they're trying to defraud anyone regarding JHU, but it is certainly spam and I'd just delete it and go on.
-
That's wild. If it's spam, I'm not sure what's going on.
If you go the website that's being linked to, the site actually looks semi-legit.
I chased down a few of the links and the only external one I can find is to a guy who rides his bike to raise awareness of John Hopkins...and the "official" site has links from legit, personal blogs that are surely real.
And...the only outbound links appear on the ste appear to be completely legit to real places.
Maybe I'm missing something, but why would someone be spamming this site? (Assuming they weren't trying to build the authority before they built their links...which really wouldn't be smart anyways.)
Just so I know I'm not losing my mind...we're talking about: http://apps.pathology.jhu.edu/blogs/pancreas/?p=121 right?
-
I don't believe that is the site being spammed. I believe the OP received a spam post on a different site, and the person posting the spam claimed that their URL was the JHU site.
-
We all agree that the comment to my client's site is spam.
The issue is whether http://apps.pathology.jhu.edu/blogs/pancreas/?p=121 is also a spam site. I initially thought it might be sophisticated fraud: someone replicated actual content form an authentic Johns Hopkins site with the aim of raking in donations. But that doesn't explain the URL and seemingly legit links.
So I'm left wondering why the bad guy sent spam to my client's site, with an authentic site's URL. What was he hoping to achieve?
-
One thought is that it would add legitimacy to the comment, and get it approved. On some systems, the first comment needs to be manually approved, and after that the person can freely comment.
-
0375
-
1465
-
07340
-
08115
-
0281
-
05206