Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Spammers making money from free Web-host services

Selling each other pages that can evade filtering

September 18, 2006 12:00 PM ET

IDG News Service - Spammers have found a way to mine free Web-hosting services for cash.

Online scammers have long used free hosting services such as Yahoo Geocities or Tripod as a way to get around e-mail filters that might otherwise recognize their spammy Web sites. But now some enterprising spammers have begun selling one another these free Web pages, according to security vendor McAfee Inc.

For $25 per week, a spammer will sell 50 Web-hosting accounts that can be used to redirect Web traffic to sites that normally would be flagged.

"These 'link providers' create and maintain thousands of free hosting accounts on behalf of the spammers," wrote McAfee's Nick Kelly in a recent posting to McAfee's AVERT Labs blog.

"They know that the bigger hosts are unlikely to get blacklisted because they have so many legitimate users," he added.

Scammers also use the free Web pages to try to manipulate search engines, by making it look as though their Web sites are widely linked, said Adam O'Donnell, senior research scientist at Cloudmark Inc., an e-mail filtering company.

And although the free hosting providers are taking steps to shut down this abuse, they appear to be fighting a losing battle.

In late June, Cloudmark researchers were seeing about 1,500 phony URLs on any given day on one of the most abused free hosting services, which O'Donnell declined to name. One month later, that number had jumped to 3,500.

Spammers are simply able to outpace the hosters' security teams, O'Donnell said. "They will gain more hosts for their pages than the company is able to take down," he said.

The free hosters have been placed in a tough position because they do not want to shut down legitimate users, but they also do not have the technical resources to mine spam for Web pages that are being misused, O'Donnell said.

Lately, however, the hosters have been partnering with security vendors to address the problem.

Cloudmark is working with some hosting providers, hoping to sell them "reputation" information that tells them how many times their member URLs are being seen in spam.

McAfee has been providing similar information to an undisclosed service provider, Kelly wrote. "This relationship has cut the abuse observed by us on that provider by over 90 percent in less than a week," he added.


Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

spammers

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Learn seven steps operators can take to meet IT configuration requirements set forth in the NERC-CIP standards.  

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.


IT Jobs