Spam attached to picture files?
-
It seems that spammers have learned a new trick. Somehow, they are attaching their posts to picture files that I have uploaded! It’s happened several times over the last few days. How are they doing this and what can I do to stop it (if anything)?
-
When you say they’re attaching their posts to pictures you’ve uploaded, do you mean they’re linking to your pictures from their spam posts?
-
I checked your blog and didn’t see any spam attached to your pictures. Can you give us an example where we can see it?
-
Let me see if I can explain. I get an email each time a new comment gets posted. If it looks like spam, I click on the link in the email that says “You can see all comments on this post here” When I click on the link, it takes me to either no page or to a copy of the photo!
Of course, I’ve deleted all of the related comments (after marking them as spam) so there aren’t any for me to show you.
It is as if they have figured out how to access the space where the pictures are stored.
The next time I get one, I’ll keep it for all to see what I’m talking about.
-
Vivian, I had one of those happen to me just the other day — I couldn’t figure it out, either. I deleted mine, too, but I’ll send in a Feedback report the next time. I just figured it was an anomaly.
-
@Vivian
You have raised an issue here that is of growing concern. In 2006, spammers found new ways to evade sophisticated filters designed to keep spam to a minimum. The techniques include sending the dubious pitches as images instead of text to fool filters programmed to look for specific words.Image e-mails now account for almost a third of all spam, compared with two per cent in 2005. Source: CBC News Interactive article Spam-a-lot http://www.cbc.ca/news/interactives/who-consumers-2006/ -
-
inadvertently & karura – I’m glad to know that I am not alone in this.
TT & drmike – you both are not understanding what is happening. karura described it exactly – the comment is attached to a picture that I have uploaded to my blog. The commenter is NOT attaching a picture of their own.
As I said, it is as if the spammers have managed to get to the servers where the pictures I have uploaded for use on my blog are stored. In other words, the WordPress.com servers!
-
-
-
-
This happened to me early this morning. I saw that a comment was received on a post that was titled with the name of one of my own graphic uploads. So basically someone else created a post in my blog that contained only a graphic that I uploaded (and one which no longer appeared on my site anywhere).
The permalink to the post was set up differently than my other permalinks. It was only a digit – my other permalinks are the post titles.
The post did not appear in my “Manage posts” and it also did not have an edit link on the permalinked page (as my other posts do). So I thought I could not even delete it.
I ended up hitting the edit link in another post and then substituting the -28 for the permalink title of the other post and it took me to the edit page for the post – where I deleted it.
The person making the comment called himself excalibur. The IP I think was a proxy through Asia. The actual comment was “Makes you think.”
No image appeared in the comment by the way.
-
PS – I was using the Simpla theme but switched it in case there was a vulnerability in the theme itself.
-
PPS – for those of you that had this happen. The post does exist even though it was not in your list of posts etc. The only way I could get to it was via the dashboard comments page “view post.” The post didn’t appear on my front page or anywhere else.
So if you did not specifically delete the post – it should still exist. The only way you could get to it is if you remember the URL to it.
-
Are you sure the number didn’t match up to a post’s ID number on the manage page? Each post has an ID number and you should be able to pull them up via that URL.
-
I’m absolutely positive it matched nothing. The picture itself was the post title. I looked all through my Manage Post files for the post and it was as if it didn’t exist at all. (I looked for the post number and the post title). It also did not have the “edit” link on the post’s permalink page.
And again, the image that was used was no where on my site. It was actually a header image I was going to use with a different theme.
From the email I received to alert me to the comment:
New comment on your post #28 “drkheader2.jpg”
Author : excalibur (IP: [two IP number appeared here])E-mail : name was (email visible only to moderators and staff)
URL : [removed link – drmike] <—- this was the actual url given. I wouldn’t visit it.
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%5Bip address was here]
Comment:
makes you think doesn’t it
You can see all comments on this post here:
http://candyslice.wordpress.com/?attachment_id=28#comments
Delete it: http://candyslice.wordpress.com/wp-admin/comment.php?action=cdc&c=108
Spam it: http://candyslice.wordpress.com/wp-admin/comment.php?action=cdc&dt=spam&c=108
Also, I seem to remember the delete it link didn’t work and neither did the spam link.
-
AH! They attached the comment to one of your uploads.
Yeah, I would just delete that. It does concerns me though that someone can comment on a file upload.
Feedback sent.
-
Just to let you know, since I wasn’t very clear… I left out identifying information. The guy’s name on the email address, the ip addresses. The guy’s site URL is real.
-
But how can they make it appear as a post and how did they get the upload if it wasn’t anywhere on the site?
- The topic ‘Spam attached to picture files?’ is closed to new replies.
WordPress.com Forums 