Mobile app version of vmapp.org
Login or Join
Rivera981

: Forum Spam Question. Why are Chinese hackers posting tiny images on my forum My forum is getting attacked by spammers with Chinese IP's. Replies are created to discussion topics, always short

@Rivera981

Posted in: #Forum #Security #SpamPrevention

My forum is getting attacked by spammers with Chinese IP's.

Replies are created to discussion topics, always short responses and along with the response an image is inserted using forum code which is then modified by the forum to an HTML image tag (no anchor tag).


So beautiful picture [img]http://www.coupon-domain-goes-here.com/avatar2.jpg[/img]


The replies are created by humans not bots because they are slightly relevant to the discussion.

The images do not display so regular forum members have no idea that this is spam. the reason they don't display is because the images return a 302 response code and redirects to a URl like this


coupon-domain-goes-here .com/avatar.php?u=2


which then redirects with a 302 to another image on the same domain which is also called avatar.gif.


coupon-domain-goes-here .com/images/avatar.gif


My question is why are they doing this. Is there an SEO benefit. There is no link created. It's only an image so the URl in the middle which is a PHP file should not be getting any link juice from search engines. Or maybe I am wrong?

What do you think?

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Rivera981

2 Comments

Sorted by latest first Latest Oldest Best

 

@Jessie594

Ok here is a very good possibility which you can test out. Since it's a coupon domain they are potentially cookie stuffing your visitors using the hot linked image.

How it works is they hot link to an image on their server. And within their own .htaccess rule they create a redirect so when that image is loaded it redirects to an affiliate link, your visitors get cookied because when the image loads it's actually loading an affiliate page.

To test this clear all your cookies then visit the forum thread with the images then check to see what cookies may have been stuffed into your browser.

10% popularity Vote Up Vote Down


 

@Kristi941

They do this because they can go back later on when the thread is forgotten about (e.g. less likely to be moderated) and switch the image with a spam advertisement. Doing it doesn't require anything more then switching out images on their end so even if you delete the account as long as the post remains they will be successful and with virtually no work on their part.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme