Comment Phishing

I noticed today comment spammers are getting craftier. Some of the comments I approved I now believe to be comment spam. Perhaps they are probing to later deliver the real deal?

They use the name of people who legitimately commented. Because the scammer cannot see the real email commenter’s address, they use a different one but nothing drastically obvious as spam.

The IPs are 74.63.104.125 and 74.63.104.121. The legitimate comments have different IPs. These IPs belong to FDCServers, who provide colocation and dedicated servers. I’m tempted to send a message to the abuse email address for the company.

For now I’ve renamed the spam comments as ” (Fake)” and removed the web site. I’ll have to be more vigilant.

Leave a Reply

%d bloggers like this: