Botnets Use WordPress in New Spam CampaignWritten by Sue Walsh on December 7, 2012
Spammers are using an old trick to get their newest spam campaign past blacklists and
spam filters. Experts have detected a new flood of spam messages that include a link to a page on what looks like a legit WordPress site but instead redirects to a spam site hawking a weight loss scam. So far the botnet responsible has sent out hundreds of millions of the messages with no end in sight.
The spammers do it by hacking into a poorly configured WordPress site and creating a page within it that has a redirect script embedded in it. When placed in an email message it looks like a legit link until it’s clicked on and the recipient ends up on a website advertising the Raspberry Ketone Diet (For the record Raspberry Ketone has shown absolutely zero effectiveness in clinical studies). The messages also include a stolen video from the Dr. Oz show, presumably as an attempt to convince the recipient that the diet and email are legit.
Experts say there are at least 250 different registered domains related to this campaign. The spammers are using the WordPress trick because the legit looking URLs it generates fool blacklists and spam filters, meaning their messages get into more inboxes. If your company runs a WordPress site, be sure it is locked down and secure. Disable your FTP login if it’s not needed, or if it is, change the password regularly. It should go without saying that buying products advertised via spam is a very very bad idea.