Early this morning, a spammer flooded this site with around 20+ comment spams. Thanks to MooKitty’s Spam Words Plugin, I was able to delete them all quickly, and ensure that the spammer will not be able to attempt spamming me again with any of the porn links he used in this morning’s attack.
The spammer’s attack was interesting. There were two separate batches, but obviously the same person, because they all came from the same IP number (217.110.169.122, ad96ea97a.dsl.de.colt.net) within the space of just a few minutes.
The first batch of comments all had an author URI that pointed to a particular (obviously porn) site, and the comment bodies each contained just a link to a different (for each comment, and again obviously porn) site.
In the second batch, the author URI was again the same for every comment, but to a different site than the first batch, and with a domain name that doesn’t appear porn-related. The comment bodies were all different, and they were all short snippets of text snatched from other web sites, mostly from articles talking about WordPress. In fact, they appear to be the excerpts generated by a Google search for “wordpress”. I wonder if any of the abuse admins at Google would be interested in pursuing the spammer for this misuse of their service? I’ve still got my email copies of all the spams if anyone wants them.
I wonder if this ties in to the recent bounty for a blog spamming engine? Yes, I’ve reported that to the Rent-A-Coder admins as a violation of their TOS.
One Comment
Sounds like he was trying both methods to see if you had filters in place. Check into my Friendly comments plugin to get some basic white listing going on, and set your links limit to 3. That’ll get most of it. And if you have Comment Killer waiting in the wings, and activate it during a spam attack, you won’t even need to delete the comments later
Comment vandalism is a pet peeve of mine. Version 2.1 of Spam Words is coming soon, it’ll do the work of striping the subdomains off the base domain for you.