tags:Security, Society, Spam, WordPress
Spammed by MyNiceMailAt .com
September 17th, 2005, by Rich.
Hopefully I just spoiled a spammer’s whole week. How? I bought the domain that he’s trying to promote (MyNiceMailAt.com) before he did.
When I receive comment spam which doesn’t obviously link to a gambling, pornographic or pharmaceutical site then I usually do a little investigation to see what’s on the site, who owns it, why they’re spamming me, etc.
In the last 24 hours I’ve been hit by comment spam promoting MyNiceMailAt.com.
- I tried to look at mynicemailat.com, and it didn’t exist; so
- I tried to find the domain ownership records, and they didn’t exist either.
MyNiceMailAt.com was an unregistered domain, being promoted by a spammer.
- I like to do my bit for hindering spammers; so
- I bought the domain, before the spammer could; so
- the entire spam run has been a waste of the spammer’s time and resources.
Useful Info
- If you’d like to learn more about comment spam, I highly recommend Ann Elisabeth’s SpamHuntress blog.
- This is not the first time such action has been taken by a spam recipient, last year jagk.com was similarly snapped up, and now has a regularly updated spam blacklist that you can add to your .htaccess file (if you don’t run your blog server, tell your administrator about it).
I’m not sure of having understood what has happened. I’ve received 2 comments on my weblog, clicked the link and it brought me here.
Curiously, yesterday the link read not found, but today it lead me here. I’m confused at this point: were they spam-comms? They were signed “Donny” and “Gaane”.
Thks, anyway.
Hi mjm,
What’s happened is this: we were both spammed by the same person – but – they hadn’t actually registered the domain which they were promoting when the spam run started.
Yesterday, no web site was registered at the domain, so when you (and I) looked at the URL, there was just an error message instead of a website.
Today, I was able to register the domain, and redirect it to this story on my website, explaining what’s happened.
What you received was comment spam, what I’ve done is to remove the financial gain from the spammer, by registering the site before they can.
What a smart idea. I think I might actually leave this spam comment up. Ha! Beat those spammers!
Heh. That’s funny.
Who says this blog is not owned by spammers to collect email addresses?
/dons tinfoil hat
… and now another spam hunter has bought a spammed domain out from under another spammer’s nose …
I just got the same spam link in my blog comments. I guess he didn’t get the memo that you had bought the domain name! Bravo!
Mare:
You wouldn’t know this, unless you were already in the spam fighting circles. Rich has had a clear stance on this a long time. He’s one of the good guys, attested by his long history in fighting spam. As so many other bloggers do. We know nothing about blog spam, then we get spammed to oblivion, and start fighting the phenomena.
Welcome to the club, so to speak…
HAH! Thanks for making just another spam comment on my site into something better. You got ‘em where it counts, you rawk!
Thanks for buying this up. Out of the 195 comments I got yesterday, 193 of them were spam for this domain, and MTBlacklist let about 10 of those get approved because they were on recent enough entries.
How dumb to you have to be to promote a domain you don’t already own [sheesh!] Keep up the good fight!
Mare may or may not be right that the spam was sent to bring people here. But the owner of this blog is clearly benefiting from the spam. Without the benefit of increased traffic, why waste your money on the domain?
Hi Jason,
The truth is it was just an impulse and what happens next is freefall. If I had anything to hide I’d certainly not be publishing “doubting” comments, and I certainly appreciate yours, because it’s exactly the kind of thing I’d be asking. BTW I notice from the logs that you didn’t look at any other pages before commenting, so before I continue allow me to http://boakes.org/helloâ€>introduce myself.
When I made the purchase, I justified the expenditure as follows:
So I bought the domain, wrote the article and set up the redirect.
Going forward it is my intention is to publish an analysis of the traffic that is generated by the MyNiceEmailAt domain. To my knowledge such a study has not been conducted before so it may provide some useful insight into the economic model of the spammer. If anyone knows of similar work, then RSVP because the authors methods may be useful to follow.
Rich
Nicely done! What a hoot. I got hit by this spammer too.
Great job Rich. If I had found a domain like this I certainly would have picked it up too. It may not really hurt the spammer much, but it certainly makes them look stupid.
For those wondering why a spammer would spam for a domain he doesn’t own yet, maybe they think the domain won’t be blacklisted if it doesn’t exist yet. By the time Google crawls their victims they would have bought the domain and benefitted from the links. It is hard to tell what (if anything) is going on in their heads.
Of course it doesn’t help your PR at all…
You could’ve bought it, hidden your ID, and not promoted it, because some people who don’t bother to read the blurb will assume that you are the spammer.
I received some comments too – I suspect this comes from India, judging from the spammer ‘name’ selection
Just a thought… what if the spammer has the foresight that if something like this happens, maybe those who purchased the domains would not renew them a year later? Others who got spammed might not remove the link because it’s now pointing to a legitimate site like this. A year later, if the domain is not renewed, the spammer returns to buy it and puts his website up and enjoys the hundreds or thousands of available links pointing to his website…. !!!
Got spammed by someone named “SANY”, with a “nice blog” comment. Looked like spam, cut and pasted the URL to see where it was from, and zoom-zoom here I am.
Thanks for your help, I guess. Hope I don’t see any more spam from that URL. Been very happy since upgrading to the new version of MT and being able to control my comments.
Now if there was just some way to control the trackback spam besides turning off trackbacks…
Cheers for beating the spammer to the punch! I got one innocuous sounding comment from this domain yesterday and wondered why it was hitting a dead link also… And just checked my mail and saw the new one today. Stupid spammers, I wondered what they were trying to sell also
Aw….I was just following one single “nice site” sort of comment… Could it be that it was someone that wanted to be anonymous? There’s no ad, no long comments only a single phrase. Sometimes when I have to fill in an email field but I don’t want to give info to sniffers, I put heidi@addyonmysite.com. Maybe there are folks looking for that domain too!
Still, it’s a wonderful joke that you’ve bought the domain, and it cracked me up. Nice!
Hi Carol, that’s the first comment that’s ever made me sound like Keanu Reeves going “Whoa”. You are absolutely right; if I let the domain ownership lapse, and the links remain, the (or any) spammer could benefit.
You’ve now got we wondering if/how this happens already when a domain expires. If anyone from any of the major search engine companies comes across this article and has any insight, please let us know how it’s handled.
In the mean time, I don’t need the links, please either delete any comments that mention MyNiceMailAt.com or change their url to this story (because the boakes.org domain is going nowhere).
Incidentally the domain name has been added to Jay Allen’s MT Comment Spam Blacklist, which can be downloaded from here, more information here.
Hah, what a great idea. Good job!
Hi
My site too received a nice brief kudo from mynicemailat.com and thus I ended up here. I mostly leave my postings closed nowadays until I get that MovableType security piece installed anyway.
Meanwhile I would like to draw your attention to voice-spam, otherwise known as telemarketing calls. With the advent of VoIP you can rest assured this will take off like wildfire especially once someone out starts paying for every message left on someone’s answering machine.
I have started gathering a list of known telemarketer caller-ids and am looking for ways to publicize this list. Any suggestions you might have are greatly welcomed.
Of course to use this list of caller-ids you do have to install a system capable of acting on them. For this I use Asterisk [www.asterisk.org] software and about $200 of hardware from Digium [www.digium.com] integrated into an old PC.
You can read more about this on my website at PBnJ Solutions.
PaulW
Rich,
I’ve heard that when a domain expires, the Google pagerank automatically goes away. But, if there are still other links around, those can build the PR back up when Google sees them again.
In this case I’d be surprised if that was their motive. For one thing, it may be a hard name to pick up when it expires. If there are a lot of links to the site (and Yahoo currently shows 687 links to that domain), it’ll be in relatively high demand by people that snap up expiring domain names to put ads on them. The going price for the expired domain name would be fair amount higher than what you paid for it, and the spammer would then have to compete with anyone else that notices all the incoming links to try to grab the domain.
I also just can’t imagine a spammer having such a long-term plan for a spam run, but who knows. My first guess was that it was a typo in the spam, and the spammer had already registered the domain that he meant to spam. Who knows.
Ah hahahahahahahahahahahhahahahaha HA!
I think you are a genius! I think you are brilliant! I am your number one fan (in a good way)! You rock! Go get ‘em tiger! Mr Spammer is a complete moron and you are not.
When life gives you oranges – eat them. That’s what I say.
How irritating, to have that stupid “your site is realy interesting” comment left on just about every picture in my photoblog. Thanks for at least thwarting their advertisement. Pity we can’t track them down in real life …
Since I discovered SPAM, I’ve always wondered how interesting that was financially. Since fighting SPAM costs so much (mainly in time spent on filtering it, misconfigured servers making plenty of false positives as well as CPU usage), I wondered how much money a spammer can earn. I’m afraid the spammer earns less than the cost it produces…
I believe we are many extremly interested into your traffic (and financial) analysis of the potential benefit of this spamming event.
thanks for buying the domain, I got comments from the spammer andit lead me here.
You are my HERO! I HEART YOU!!!!!
The scuz actually spammed the blog of a little boy with BRAIN CANCER!
http://blogs.oc.edu/ee/?/jsims
-dhl
Thanks for buying up that domain!
I think it’s great you bought the Domain to stop the spam….and this is a good forum, but only for people who get to it by ways other than you ’spamming’their Blogs by commenting.
You are doing what you vowed to change. I still keep getting comments like ‘Nice Site’ from people lilke Donny. I already know you are here. Please Stop leaving comments.
Or are we all being trashed, and this is a perfect domain for advertisers and you are really the enemy??
I certainly DO NOT get why you are still leaving comments on
my BLog……maybe we are all being bulldozed with Bull.
[12 minutes pass then Peach comments again]
Listen,
I think I understand what is going on now. But I already have Spam Blacklist and it is working fine. I haven’t had spam in a very long time until I found you.
If a spammer leaves junk(comment) on my Blog and it leads me here. Then I cannot copy him to add to my Spam Blacklist and I will just keep getting his same spam comments that lead me here.
Does it stop that one spammer?…. and then I’ll still get others? I really do not understand. If you are not ‘Donny’ and he is a spammer, then I could have knocked him out already after only one spam with my Blacklist.
But I cannot knock him out with my BLocker the first time because it brings me here. So please excuse this non-techie, but I do not understand how this is helping the ‘ongoing’ spam(same person) if it always brings me here.????
Hi Peach,
it looks like you twigged that it’s not me that controls the spam-run. Your main question therefore is about who has been stopped and how, for which the answer is: my actions stop one particular spammer from profiting from one particular spam run, because he can’t use the clicks to channel viewers to a website promoting pills, porn, poker, or whatever else is paying his bills.
As for how it’s helping the ongoing spam problem, well, hopefully the traffic analysis will be interesting to some spam fighters, but ultimately, on it’s own, this small little act of defiance can’t do much.
Rich
Rich, when do you plan to make and publish the traffic analysis?
I’d reckoned on leaving it a month and then taking a look, which will be next weekend, plus or minus a few days when I have time.
The hits have dropped off almost entirely now, with new arrivals being in the single figures each day.
The analysis may take several iterations if people can come up with some good suggestions. The logging is all done to a DB so what I might do is extract the relevant data and make it available so others can see the raw stuff and analyse it too.
I’ve received 1 comments on my weblog
Spammmmmmmmmmm???
Hi Paolo, yes it was spam.
Finally that site links to somewhere. Hey nice move hehe!
Rich, where are you with your data analysis? Have you considered sharing your data for other inputs?
Hi kwa, good prompt.
I’ve started a new article for the analysis.
Haha, that is a great idea! I’ve never heard of something like this happening. If there are any bots reading this, please spam me -> i.love.spam@web.de
Great post! CU
I came across this entry by accident and misread the date. When I actually loaded the site I looked again and realised it’s been a couple of years.
Pity you let the domain go – someone is probably making some nice $$$ from it now… Inlinks: 1,240