3475284847_377416d47c_b While most of the time I simply skip / delete any malicious content encountered, from time to time I do some quick investigation on items which peak my interest. For example the following comment was posted on a friends blog:

You make a good point, and it is one I often make about encryption. There are just too many standards out there for any smooth communication to occur. I think there are some companies who are getting it right with their approach to malware, but many malware just can’t seem to get their fundamentals down.

I didn’t remove the links, since they point to complete benign sites (sophos.com and kaspersky.com). Mike’s profile is private, but a quick search shows many other spammy comments. Unfortunately there doesn’t seem to be a way to report individual Blogger users as spammers, just actual blogs.

BTW. the same comment spam seems to have hit at least one other security blog. From the screenshot it seems that the spammer also uses the Blogger name MikeFrizzi, which seems to be linked to a real person, but then again, it is quite easy to create realistically looking “shadow identities” for people by scraping other websites.

This is as much as a quick search revealed and I would like to leave you with the following thoughts:

  • Do comment moderation, at least retroactively if not proactively (small plug: I do moderate comments, but for the ones I approve the username links are without the nofollow tag – as per the u comment, i follow “ethos”)
  • There is very little certainty on the Internet. Just because someone claims to be somebody (like the MikeFrizzi profile), it doesn’t mean he actually is that person.
  • Also, the link between spam and the actual company being promoted is hard to prove. I don’t think that Sophos or Kaspersky were spamming here directly, but I do think it’s possible that some remotely connected company (ie. something along the lines of “a company hired by the outsourced marketing department”) did in fact employ such dubious (and useless, since in Blogger all the links in comments are “nofollow’ed”) techniques.
  • Or, it may be, that some blackhats want to give the impression that these companies are spamming to erode their credibility…

Update: Sophos confirmed that it was a run-amok “marketing” company hired by them who posted the spam.

Picture taken from madmarv00’s photostream with permission.