Russia Rising (in My Inbox)

The number of Russian-language spams (or at least Cyrillic font) I get has risen dramatically, lately. For a while, I got a lot of Chinese and Korean spams, but now, the Russian stuff reigns supreme, at a bit over 5% of the total.

I’m not sure what this signifies. On the one hand, obviously, a lot of spam still comes from developed countries; a decent chunk of it comes from otherwise legitimate businesses here in the United States with broken unsubscribe forms. On the other hand, tremendous quantities originate from hijacked (or spam-dedicated) servers in underdeveloped countries. See this real-time map of spammer IPs (don’t you love Google Maps?) for a global breakdown of spam detected by SpamShield. I think what it means is this: Russia’s economic incentives and Russian technological infrastructure are finally coming of age; people finally have both the ability and the incentives to sell me garbage, in their language.

On the one hand, the economic development implied is a good thing. On the other, it also means my daily spam total is at or above the 1,000 mark for the sixth month running (it’s actually well over 1,100, but who’s counting?).

WRECK (WordPress Regular Expression Comment Killer)

IMPORTANT: The plugin described below has not been updated or tested in many years. Use at your own risk.

In my ongoing battle against comment spam, I have finally decided to write myself a WordPress plugin as an additional layer of defense. It’s called WRECK (WordPress Regular Expression Comment Killer).

WRECK (WordPress Regular Expression Comment Killer) is an extremely simple plugin for marking comments as spam if they match certain regular expressions.

Current Version: 1.0
Release Date: 7/6/2008

INSTALLATION: Just download and copy wreck.php to your plugins folder (wordpress/wp-content/plugins), then activate it in the plugins section of your WordPress blog.

LICENSE: This plugin is open-source (GNU General Public License), but I would appreciate it if you let me know of any modifications you find helpful.

SUPPORT: No formal support is provided, but I will take a look at any requests/suggestions/complaints you send me through my contact form.

NOTES: This plugin is very simple to use, but BE CAREFUL! It uses regular expressions to filter comments, so a badly written regular expression may block legitimate comments.

By default, only one type of comment is blocked: a comment containing only two lines, the first of which is bolded, with an ellipsis (“…”) on each line. The author gets a lot of comment spam like this, which is the reason he wrote this plugin.

If you find this plugin useful, please let me know here. Please also let me know if you discover any useful rules or make any other modifications.


Favorite Spam of the Day

I love this person, because he or she is incompetent in the most amusing way. One would hope that such blazing incompetence renders such people inept in their efforts to harm others, though for every con there is probably a gullible enough mark out there…

Subject: 2007 Fiscal Activity – $2839,49 Refund
From: “[email protected]”<service>
To: [my address]

After the last annual calculations of your fiscal activity we have
determined that you are eligible to receive a tax refund of $2839,49.
Please submit the tax refund request and allow us 3-9 days in order to
process it.

A refund can be delayed for a variety of reasons.
For example submitting invalid records or applying after the deadline.

To access your tax refund, please click here

Best Regards,
Tax Refund Deparment
Internal Revenue Service

© Copyright 2008, Internal Revenue Service U.S.A. All rights reserved.

If you’re going to try to commit fraud, doing so as a fake IRS site is not the smartest thing ever. If you still want to try that, at least get local conventions regarding numbers right.

P.S. The actual URL linked to happened to be a DynDNS address; in other words, the guy was running the site on his own computer somewhere, probably a laptop or desktop he owns, and has, no doubt already been shut down (the server is offline as I type this) and is quite possibly on his way to an indictment. Idiot.

%d bloggers like this: