A Blam (Blog Spam) Attack – What it Looks Like
It’s Sunday evening and I’m sitting at my computer catching up on email from the weekend listening to The Pros and Cons of Hitchhiking by Roger Waters. Amy is upstairs watching The Horse Whisperer, which I have no interest in.
I receive an email from email@example.com with the subject line [Feld Thoughts] New Comment Posted to ‘What do my blog stats really mean?’. I know this is an email to approve a comment. A little warning light goes off in my mind since this is an old post, but I hit Reply and send back an email that says “Thanks for the comment.” I then go to approve the comment and as I’m doing this, notice that the comment info is as follows:
IP Address: 18.104.22.168
Email Address: firstname.lastname@example.org
Wonderful work. I enjoyed read your site a lot.
While I’m thinking about https://casino-jp.com and why it would be in the post (duh…), my email thank you bounces:
email@example.com on 6/13/2004 8:13 PM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
mail.hotbank.com #5.7.1 smtp;550 5.7.1 firstname.lastname@example.org… Relaying denied
Then – nine more emails show up in my inbox – same drill – but comments for different posts. The emails are from email@example.com, firstname.lastname@example.org, email@example.com, and firstname.lastname@example.org.
A pattern clearly has emerged.
I delete the emails and go to Movable Type and delete the comments. It’s pretty clear where this is going.