“SEOMimic” attacks comment whitelists

March 2nd, 2011 Comments Off

I just saw a new attack on my member whitelist, in what may be a new wave in comment spam designed to attack sites that use member whitelists to control posting.

On Coastsider, my community news site, all commenters must verified before their comments are released and their accounts are taken off pre-moderation. This is relatively easy for me, since my service area is small and I ask new registrants for the name of the community they live in. That’s more work to fake than most comment spammers have time for. They don’t even try, usually using nonexistent places, such as “farm road” and “western trench”.

I verify most new members if they post a reasonable comment on a entry. Today I had a registration from a new user who left a comment that could have only been left by an informed local:

Tough to imagine the county of the present doing anything right in this part of Fitzgerald, where they can’t even locate the California Coastal Trail where it has already served well on an ad hoc basis for the last decade and a half.

No wonder: He lifted that comment from one of the informed locals who had already left a comment on that story.

I wouldn’t have figured that out if “Tom Smith” hadn’t also left a comment in Chinese on another story, and used the email address “seomimic@yahoo.com” and the real — but unlocal — community of “UK”.

I doubt SEOMimic is going to be as careless the next time it shows up on my site — or yours.

I get plenty of comment spammers on Coastsider, but this is the first attack of this nature I’ve seen. My guess is I’ll be seeing more — and more sophisticated — SEOMimic attacks in the future.

Comments are closed.