A spam comment makes it through my comment spam defences

Well, it had to happen – a comment spam made it through my defences and onto the site this morning. Having said that, I never thought the site would be spam-free for four whole weeks when I turned off my comment spam plugins.

The spam, which was on the site this morning, looked innocuous enough. The text of the comment was

I came to your site accidentially, but found it very good to read. Thanks.

The comment was from someone calling themselves elephant with the email address norman@chick.com. The domain being pointed to by the comment was 11say.com and the comment was left with a User Agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1).

Something about the comment didn’t seem right so I did a bit of digging. I checked out the site and at a first cursory glance, it appears to be a legitimate site but looking a little more closely, you will notice the text is nonsense and below the copyright notice there are a load of links.

So I did a bit more research on the comment (address lookup, whois info, traceroute, etc.) and forwarded my findings to SpamHuntress. She subsequently wrote a comprehensive post on it.

Searches on Google and MSN Search for the term “I came to your site accidentially,” (including the inverted commas and note the misspelling of accidentally) show that those responsible for this spam have been busy and are also using a variety of aliases and many other domains all pointing to the same spam site.

They are also using the comment text

I have learned about this at school today!


Hey Jon did’t know you are reading this too :0. Greets

so if you see any of these comments on your site, delete them.