Home / Blogs

Phishing Moving to the Web Channel

Today we received one of the first phish attempts to be made as a web spam (comment spam/blog spam) attempt.

I wasn’t convinced, and thought that perhaps it was a way to gather and verify RELEVANT online identities. Someone put me straight. It’s phishing.

I’ve often in the past had run-ins with the good folks in the anti virus realm back between 1996 and 2005 who thought Trojan horses and then spyware were not part of their business. Years later the AV business people ruled it is part of their business and ran to catch up. Same with botnets.

I’ve often had friendly discussions with anti spam folks who said phishing isn’t part of the spam problem, or interesting to them. Or that if spam is done on a medium other than email, it obviously isn’t spam and needs a new name.

They were wrong. I wasn’t very smart in how I approached the subject matter, though.

Today, most anti spam experts consider phishing a priority. Today, Trojan horses, bots and spyware are considered a priority with AV-ers.

Web related spam is still in the terminology and turf fighting stage, but with the increasing ROI and interest combined with the decreased success of other mediums over time, we can see the results for our selves.

Where there is ROI, the Bad Guys adapt. The Good Guys are a step behind regardless of faith, as we are inherently reactive. Still, we should stop being surprised. :)

Today, phishing makes the transition to yet another medium, which is comment spam.

Here is a quote of the phish, as it came in the comment spam earlier today:

“HEllo, i just wanted to say, after 3 years of playing neopets, i have gotten bored with it and have decided to quit. insted of letting my neopoints and items just sit there and rot, i am gonna give them away. in my years of playing i have made about 6 million neopints and have a couple million neopoints worth of items. all you need to do is send me your screenname and password so i can put the stuff in your account and a reason stating why i should give you my hard earned items.”

So, we start with neopets and move on to the rest. Welcome phishing to yet another distribution channel, the world of comment spam.

By Gadi Evron, Security Strategist

Filed Under


Matthew Elvey  –  Jul 23, 2006 9:18 PM

An anti-abuse system that assigns a reputation to a data source is likely to be usable for any kind of spam, not just email spam.  For example, blacklists and whitelists are are already widely used to combat wiki and blog spam.  Most of what’s on wikipedia’s Stopping e-mail abuse page is applicable.  I’ve said for years, it’s about internalizing the externalities that spammers exploit.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix


Sponsored byVerisign

Brand Protection

Sponsored byCSC