I look today at my statistics,  trying to discover some strange URLs (maybe an attack, I recommend You to do it) or tracking Referrer of my visitors in order to see who is back linking me, or where someone is talking about me.

I found 201 referrer coming from a famous hardcore movie site, 201? this is not a hazard. Going there for the sake of truth (;-)) I found that they are offering free porn images, video and I immediately thought about

The famous "Free porn CAPTCHA Attack"

 My site is powered by Joomla, and I have developed a CAPTCHA framework. A Capctha is a generated image containing some scrambled text, the idea is to require a human being to read it and so it  prevent spammers from automatically generating million of comments, emails accounts,...

One way to crack CAPTCHA  is to offer a free porn site which requires that the user  key in the solution to a captcha -- which has been inlined from my site for example -- before he can gain access. Free porn images or video attract a lot of users around the clock and in many countries.

Solutions to block spammers: for a time
  1. Check HTTP Referrer when the user post his key, and avoid sites address containing sex, hardcore, ...  based on a dictionary -> the only drawback is that it is trivial to fake the HTTP Referrer,
  2. Inserting a supplementary text into the generated CAPTCHA image: "Do not enter text if the site is not waltercedric.com", this is done in one of my securityimages Plugin: Freecap but NOT in core 1.1 or HnCaptcha 1.0.
    I will have to extends plugins which are not protected soon
It can also be a tentative of HTTP Referrer Spam

Firstly, the spammer creates a simple script that searches sites just like search engine bots do, but the only difference is that these scripts send a referrer header with their own site's address.
Why to do this you may ask? My sites has its statistics page indexed by a number of search engines. This means that if the spammer can get his site listed in the stats page, then it will give this referrer’s site higher ranking in search engines too. This also allows that more search engines will crawl the link back to their site.

Solutions: Avoid publishing Your statistics page.
  1. I disable the links stats in the top menu of joomla, so I am sorry but nobody will be able to see it in real time. 
  2. I add to the file robot.txt (root folder of your site) disallow stats in order to prevent further re-indexing of previous search engine.
  3. I  add a file .htaccess to disallow new processing of that file so you I will need to enter a password to see that page.
comments powered by Disqus

You might like also

I also get caught in the Spam infographics business
TechCrunch has an interesting article “the Truth about infographics” Turns out that those info graphics that are so popular these days are part of an incredibly sophisticated keyword-spamming operation! Which is convenient, because, honestly, we are all kind of getting a little tired of them. Technically, just add a rel="nofollow" to the href link provided (I change the link for Google Revenues Streams infographic) So that for sure my last info graphics published. But this one is really interesting. …
3180 Days ago
Next frontier Bank Scammers are now using Viadeo, LinkedIn and XING
Scam Money Transfers - Banks, Bank Managers They now create wrong account, with wrong titles and references just to cheat users. Then they send this kind of letter to users FROM; DR. BENJAMIN DEBRAH Hello Cédric Walter, I am DR. BENJAMIN DEBRAH a citizen of GHANA .I have in my bank the existence of a big amount of money that belongs to a customer, Mr. Daniel Walter and who happen to have the same surname as yours .The fund is …
3190 Days ago
Hosts file protection
The hosts file is a computer file used by an operating system to map hostnames to IP addresses. This method is one of several methods used by an operating system to locate network nodes on a computer network. Spybot Search and Destroy is using this technique when you click on immunize button behind the scene. Found at http://someonewhocares.org/hosts/ Use this file to prevent your computer from connecting to selected internet hosts. This is an easy and effective way to protect …
3522 Days ago
Comment lutter contre le spam?
Definition: On défnit le spam comme étant l'envoi non solicité de mails à des centaines, des milliers ou des millions d'utilisateurs au hasard. Ces messages propose des biens matériels, des services financiers, des fichiers importants et même de la pornographie. Les technologies internet étant en perpétuelle évolution, le spam évolue en même temps. On a même vu des spammeurs attaquer des forums de discussions en y postant des messages sans rapport avec les sujets.Cette page va être constamment mise à …
5376 Days ago