Hidden spam

The place for discussions and decisions about the forum
Post Reply
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Hidden spam

Post by Hagar Delest »

A new kind of spam again I think.

Look at the friends of OP on his tagged web page...
Or have I missed something by avoiding social networks???

Refers to http://forum.openoffice.org/en/forum/vi ... =7&t=60515 (link since deleted; floris v).
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
acknak
Moderator
Posts: 22756
Joined: Mon Oct 08, 2007 1:25 am
Location: USA:NJ:E3

Re: Hidden spam

Post by acknak »

Sorry, how is this spam?

Would it be appropriate to simply delete (or disable) the link and leave the post?
AOO4/LO5 • Linux • Fedora 23
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Re: Hidden spam

Post by Hagar Delest »

Have you checked Sterling's [1053] friends? -> http://tagged.com/friends.html?uid=5443165913
I agree that the profile does not seem unusual. But first the question seems rather too basic. Then the friends list. It rang a bell for me.
But we can revert the ban and monitor the reappearance of a live link.
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
RoryOF
Moderator
Posts: 34570
Joined: Sat Jan 31, 2009 9:30 pm
Location: Ireland

Re: Hidden spam

Post by RoryOF »

My fewer friends all seem to dress more conservatively!
Apache OpenOffice 4.1.15 on Xubuntu 22.04.4 LTS
User avatar
acknak
Moderator
Posts: 22756
Joined: Mon Oct 08, 2007 1:25 am
Location: USA:NJ:E3

Re: Hidden spam

Post by acknak »

Hagar Delest wrote:Have you checked Sterling's [1053] friends? ->...
Hmmm ... o ... k ....

I don't like the idea of trying to analyze what's on some page the user linked to (shoot, I don't even like to visit such pages), but I think I see your point. Good catch.

It seems like a good bet that anyone who makes a first post and adds a link that isn't directly related to the post (a document or screen shot, or something) is spamming.
AOO4/LO5 • Linux • Fedora 23
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Re: Hidden spam

Post by Hagar Delest »

acknak wrote:I don't like the idea of trying to analyze what's on some page the user linked to (shoot, I don't even like to visit such pages)
+1. And I often don't remove commercial links (in profile) when they are about small businesses or at least not definitively commercial oriented.
But this one could be linked to sex trade (including perhaps under-aged girls hidden in the list) so better take no risk at all.
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
floris v
Volunteer
Posts: 4408
Joined: Wed Nov 28, 2007 1:21 pm
Location: Netherlands

Re: Hidden spam

Post by floris v »

I thought we'd not accept external links in the signature of a new user, so why accept it in the body text of the message if it isn't related to the topic? But it could be innocent - there must be tonnes of people who collect pin up girls as friends. Delete the link, unban him, explain the situation and keep an eye on him.
OpenOffice 4.1.11 on Ubuntu; LibreOffice 6.4 on Linux Mint, LibreOffice 7.6.2.1 on Ubuntu
If your problem has been solved or your question has been answered, please edit the first post in this thread and add [Solved] to the title bar.
Nederlandstalig forum
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Re: Hidden spam

Post by Hagar Delest »

Of course, no external link accepted in the body text of not related to the subject. I've kept it (but disabled) to show the problem.
If you think that it can be a genuine pin-up collector, I let you unban and explain him and split the topic to separate this discussion.
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
floris v
Volunteer
Posts: 4408
Joined: Wed Nov 28, 2007 1:21 pm
Location: Netherlands

Re: Hidden spam

Post by floris v »

Okay.
OpenOffice 4.1.11 on Ubuntu; LibreOffice 6.4 on Linux Mint, LibreOffice 7.6.2.1 on Ubuntu
If your problem has been solved or your question has been answered, please edit the first post in this thread and add [Solved] to the title bar.
Nederlandstalig forum
User avatar
acknak
Moderator
Posts: 22756
Joined: Mon Oct 08, 2007 1:25 am
Location: USA:NJ:E3

Re: Hidden spam

Post by acknak »

Hagar Delest wrote:... If you think that it can be a genuine pin-up collector, ...
It's pure link spam. Let the poster complain/inquire if he wants some other action taken.
AOO4/LO5 • Linux • Fedora 23
User avatar
floris v
Volunteer
Posts: 4408
Joined: Wed Nov 28, 2007 1:21 pm
Location: Netherlands

Re: Hidden spam

Post by floris v »

This is the text of my PM to him:
floris v wrote:Hi,
Your question about cross referencing contained a link to a social website page with lots of suspicious pictures in the Friends section, so that most of the moderators thought is was a very clever kind of spamming. I'm inclined to think that they're right but wanted to give you the benefit of the doubt.
Please note that we were bombed by spammers some months ago, that's why we have a moderation queue now. To avoid spam we don't accept unrelated external links in the message body or signature, so I deleted it and restored the rest of your post.
If you post such a link again, we will show no mercy, you will be banned permanently then.

floris v
OpenOffice 4.1.11 on Ubuntu; LibreOffice 6.4 on Linux Mint, LibreOffice 7.6.2.1 on Ubuntu
If your problem has been solved or your question has been answered, please edit the first post in this thread and add [Solved] to the title bar.
Nederlandstalig forum
User avatar
floris v
Volunteer
Posts: 4408
Joined: Wed Nov 28, 2007 1:21 pm
Location: Netherlands

Re: Hidden spam

Post by floris v »

Received no reply.
OpenOffice 4.1.11 on Ubuntu; LibreOffice 6.4 on Linux Mint, LibreOffice 7.6.2.1 on Ubuntu
If your problem has been solved or your question has been answered, please edit the first post in this thread and add [Solved] to the title bar.
Nederlandstalig forum
User avatar
Hagar Delest
Moderator
Posts: 32594
Joined: Sun Oct 07, 2007 9:07 pm
Location: France

Re: Hidden spam

Post by Hagar Delest »

For the record, he has posted again: Why I can't open a file using Openoffice.org?
I've removed the link (same as before).
LibreOffice 7.6.2.1 on Xubuntu 23.10 and 7.6.4.1 portable on Windows 10
User avatar
acknak
Moderator
Posts: 22756
Joined: Mon Oct 08, 2007 1:25 am
Location: USA:NJ:E3

Re: Hidden spam

Post by acknak »

Is there such a thing as malware that inserts spam links "on the sly"?
AOO4/LO5 • Linux • Fedora 23
User avatar
keme
Volunteer
Posts: 3691
Joined: Wed Nov 28, 2007 10:27 am
Location: Egersund, Norway

Re: Hidden spam

Post by keme »

acknak wrote:Is there such a thing as malware that inserts spam links "on the sly"?
Yes.

I have seen quite a few computers recently, where the web browser seemed to have an ad plugin (invisible in the plugin list) which mimicked the style of any web page. It placed hovering, transparent frames over the page, with text in the style of the underlying website, and containing spam links. Can't recall what it was called, but I have removed a few instances using either Malwarebytes Anti-malware or Spybot Search&Destroy.

Definitely "on the sly" :(
Apache OO 4.1.12 and LibreOffice 7.5, mostly on Ms Windows 10
User avatar
acknak
Moderator
Posts: 22756
Joined: Mon Oct 08, 2007 1:25 am
Location: USA:NJ:E3

Re: Hidden spam

Post by acknak »

Yikes! And they want to make html even more powerful/interactive?

I was thinking of something that might insert spam links in the user's posts, making the poster a spammer without necessarily being aware of it.

Such a thing would make quite a mess for us, contaminating legitimate posts with spam links.
AOO4/LO5 • Linux • Fedora 23
User avatar
keme
Volunteer
Posts: 3691
Joined: Wed Nov 28, 2007 10:27 am
Location: Egersund, Norway

Re: Hidden spam

Post by keme »

As long as the editor is what it is, tag view, no wysiwyg with hidden properties, I don't see any serious threat in that direction. More likely with rich text editors, I guess.

Also, those browser hijacks I mentioned have only occurred on students' computers. Those are students who seem to do a lot of downloading and don't care much about network security (lots of other crap on their computers, multiple "useful" browser toolbars installed, at least one bittorrent client active, open shares, disabled active AV protection, the works...). I have not identified the source, but I suspect that it is not a threat towards people with even the slightest focus on computer security.
Apache OO 4.1.12 and LibreOffice 7.5, mostly on Ms Windows 10
Post Reply