Back to Top

Friday, March 19, 2010

Spammy Mike

3475284847_377416d47c_b While most of the time I simply skip / delete any malicious content encountered, from time to time I do some quick investigation on items which peak my interest. For example the following comment was posted on a friends blog:

You make a good point, and it is one I often make about encryption. There are just too many standards out there for any smooth communication to occur. I think there are some companies who are getting it right with their approach to malware, but many malware just can't seem to get their fundamentals down.

I didn’t remove the links, since they point to complete benign sites ( and Mike’s profile is private, but a quick search shows many other spammy comments. Unfortunately there doesn’t seem to be a way to report individual Blogger users as spammers, just actual blogs.

BTW. the same comment spam seems to have hit at least one other security blog. From the screenshot it seems that the spammer also uses the Blogger name MikeFrizzi, which seems to be linked to a real person, but then again, it is quite easy to create realistically looking “shadow identities” for people by scraping other websites.

This is as much as a quick search revealed and I would like to leave you with the following thoughts:

  • Do comment moderation, at least retroactively if not proactively (small plug: I do moderate comments, but for the ones I approve the username links are without the nofollow tag – as per the u comment, i follow “ethos”)
  • There is very little certainty on the Internet. Just because someone claims to be somebody (like the MikeFrizzi profile), it doesn’t mean he actually is that person.
  • Also, the link between spam and the actual company being promoted is hard to prove. I don’t think that Sophos or Kaspersky were spamming here directly, but I do think it’s possible that some remotely connected company (ie. something along the lines of “a company hired by the outsourced marketing department”) did in fact employ such dubious (and useless, since in Blogger all the links in comments are “nofollow’ed”) techniques.
  • Or, it may be, that some blackhats want to give the impression that these companies are spamming to erode their credibility...

Update: Sophos confirmed that it was a run-amok "marketing" company hired by them who posted the spam.

Picture taken from madmarv00's photostream with permission.


  1. Anonymous9:35 PM

    I've been wondering when this will happen more and more "legitimately." I mean, we get unwanted ads blaring on the tele, on the radio. We get junk mail, telemarketers, and spam email. We get spam tweets, facebook friend requests, fake blogs...

    Granted, many of the digital ones so far are phishing attempts or other scam-type attempts, but how long will there be a thin line between real companies being spammy like that? I mean, it fits with decades of marketing strategies...

  2. @LonerVamp: I think that junk mail and telemarketing work for certain products, however most well-respected brands wouldn't use it because of the stigma attached to it.

    The stigma is already attached to "spamming" in the virtual worlds, all that remains is calling companies out (like it happened in this case) which should result in increased awareness on their part that such behavior is not considered acceptable.

    Or, to sum it up: I think that "naming and shaming" works.