: Forum Spam Question. Why are Chinese hackers posting tiny images on my forum My forum is getting attacked by spammers with Chinese IP's. Replies are created to discussion topics, always short

Posted in: #Forum #Security #SpamPrevention

My forum is getting attacked by spammers with Chinese IP's.

Replies are created to discussion topics, always short responses and along with the response an image is inserted using forum code which is then modified by the forum to an HTML image tag (no anchor tag).

So beautiful picture [img]http://www.coupon-domain-goes-here.com/avatar2.jpg[/img]

The replies are created by humans not bots because they are slightly relevant to the discussion.

The images do not display so regular forum members have no idea that this is spam. the reason they don't display is because the images return a 302 response code and redirects to a URl like this

coupon-domain-goes-here .com/avatar.php?u=2

which then redirects with a 302 to another image on the same domain which is also called avatar.gif.

coupon-domain-goes-here .com/images/avatar.gif

My question is why are they doing this. Is there an SEO benefit. There is no link created. It's only an image so the URl in the middle which is a PHP file should not be getting any link juice from search engines. Or maybe I am wrong?

What do you think?

10.02% popularity Vote Up Vote Down

: Canonical link to the home page A friend and I are debating the use of the canonical tag. I say if I'm on http://www.example.com/page.html but my site has moved to http://www.BetterExample.com

@Rivera981

Posted in: #DuplicateContent #Seo

2 Comments

: HTTPS security issue I want to learn if my ISP or any Firewall or anybody else can see the links I browse which has ssl support ? for exemple: when I browse google using secure search (https://google.com)

@Rivera981

Posted in: #Https

1 Comments

: Apache: How can I force the browser to reload CSS files? How to force the user's web browser to reload CSS files with Apache Server? I updated my website's CSS file but some users are still

@Rivera981

Posted in: #Apache #Cache

2 Comments

: TXT vs SPF record for Google servers SPF record, either or both? According to Google’s documentation, https://support.google.com/a/bin/answer.py?hl=en&answer=178723 It clearly says Create a TXT

@Rivera981

Posted in: #Dns

4 Comments

Login to post a comment!

2 Comments

Sorted by latest first Latest Oldest Best

@Jessie594

Ok here is a very good possibility which you can test out. Since it's a coupon domain they are potentially cookie stuffing your visitors using the hot linked image.

How it works is they hot link to an image on their server. And within their own .htaccess rule they create a redirect so when that image is loaded it redirects to an affiliate link, your visitors get cookied because when the image loads it's actually loading an affiliate page.

To test this clear all your cookies then visit the forum thread with the images then check to see what cookies may have been stuffed into your browser.

10% popularity Vote Up Vote Down

@Kristi941

They do this because they can go back later on when the thread is forgotten about (e.g. less likely to be moderated) and switch the image with a spam advertisement. Doing it doesn't require anything more then switching out images on their end so even if you delete the account as long as the post remains they will be successful and with virtually no work on their part.

10% popularity Vote Up Vote Down

Feed

: Forum Spam Question. Why are Chinese hackers posting tiny images on my forum My forum is getting attacked by spammers with Chinese IP's. Replies are created to discussion topics, always short

More posts by @Rivera981

: Canonical link to the home page A friend and I are debating the use of the canonical tag. I say if I'm on http://www.example.com/page.html but my site has moved to http://www.BetterExample.com

: HTTPS security issue I want to learn if my ISP or any Firewall or anybody else can see the links I browse which has ssl support ? for exemple: when I browse google using secure search (https://google.com)

: Apache: How can I force the browser to reload CSS files? How to force the user's web browser to reload CSS files with Apache Server? I updated my website's CSS file but some users are still

: TXT vs SPF record for Google servers SPF record, either or both? According to Google’s documentation, https://support.google.com/a/bin/answer.py?hl=en&answer=178723 It clearly says Create a TXT

Login to post a comment!

2 Comments

Back to top | Use Dark Theme