Home    Files

software times™  Files...
November 19, 2003

Web Scam?


A most incredible new web scam is ongoing and I don't think the authorities are aware of it yet. There are two parts to it, apparently. What joins the two are some curiously similar facts. Of the 22 web sites that I believe are involved, and it could be many more:
  • 20 are registered at STARGATE.COM, INC.
  • All of them are hosted in a Rumanian university.
  • 21 use the same IP block 141.85.3.X.
  • 18 of these sites were registered on November 8 or 9, 2003
I speak of two parts because 9 sites proclaim to be web directories and the other 13 claim to be blogs (web logs). The two groups have different modus operandi. Let's start with the blogs.

All the 13 sites
  • http://a-b-l-o-g.com
  • http://akksess.com
  • http://bongohome.com
  • http://jennifersblog.com
  • http://kwlablog.com
  • http://mikesspot.com
  • http://malixya.com
  • http://saulem.com
  • http://teoras.com
  • http://websearchde.com
  • http://websearchus.com
  • http://worldnewslog.com
  • http://wr18.com
will show a plain vanilla innocuous blog until you add "/adult-webcam" to the URL. Then one of two things happen. If you have JavaScript enabled you will be taken to sign up page for a porno web cam, the same for all the sites. If you decide to test this be warned that on closing the page, the JavaScript will try to open lots of other sex related pages and you might have to kill your browser so don't try it if you have other important work open on your computer. If JavaScript is not enabled then you get to enjoy other forms of porn.

Apparently the idea is "Referrer SPAM" where you get innocent sites to link to your "innocent blogs" and then you use these links to fool search engines to boost your popularity. For a fuller explanation I will provide links to the sites that have been investigating this affair.

The second group is supposed to be a set of nine web directories.
  • http://keoz.com
  • http://keoz2.com
  • http://keoz3.com
  • http://keoz4.com
  • http://keoz5.com
  • http://keoz6.com
  • http://keoz7.com
  • http://keoz8.com
  • http://keoz9.com
Here is my working hypothesis. keos.com is not a real directory but just a way to harvest real domains from willing if unwitting collaborators who wish to be listed in that directory. Those directories are unreal.
  • There is no contact information anywhere.
  • The search box does not search the directory but uses Overture instead
  • There is no way to navigate from one directory to the other eight
  • Once you dig down, there is no way to climb up again short of starting with the domain name.
  • Most important, the links are cloaked with JavaScript so a search engine will never see them and they do you no good. Here is an example:
    <script>document.write('<'+'a
    href="http://www.domain.edu/xxx/xxx/contact.html"
    class="seemore"'+'>');</script>
A directory that can't be searched by a human visitor or by a search engine is a contradiction in terms.

This whole thing seems to be too well organized. The web sites are all very good and healthy looking and there is porn behind them, at least behind the blogs. I have not yet figured out the directory scam part but I doubt that they are up to anything good.

Here are some links to the forum threads where this affair has been discussed so far:
Blogs engaging in referrer spam?
Weird directories
Referrer Spam
I believe this needs to be publicized in important magazines on and off line and the legitimate search engines need to be made aware of what is happening. ICANN probably should also be notified.

Denny Schlesinger
Caracas - Venezuela

P.D. Add "d-i-s-c-o-v-e-r.com" to the list! Dec 4, 2003.



Home    Files Top
Copyright © Software Times, 2000, 2001, 2003. All rights reserved
Last updated June 22, 2003