Massive comment spam attack coming?
This site gets a ton of comment spam on a daily basis, but fortunately Movable Type Version 3.2's built in security features completely block about 95% of it and allow me to moderate the rest. Lately, I've gotten several messages a day that seem tobe harmless and pointless:
I've managed to save up roughly $88847 in my bank account, but I'm not sure if I should buy a house or not. Do you think the market is stable or do you think that home prices will decrease by a lot?
The comments have no links and the commenters have
real names (Courtney Gidts most of the time) and email addresses. There's none of the usual poker or sexual enhancement keywords in the content area. They don't get blocked because there appears to be no reason to block them. But I'm getting (almost) the same messages 10 times a day and they have nothing to do with this website so they're clearly spam. But if there's nothing in it for the spammer, then what's the point?
My theory? These seemingly pointless comments are part of a first wave of some massive comment spam attack coming in the near future. They're poking and prodding and testing for vulnerabilities. They're also, by posting these seemingly innocuous comments, getting their email address into weblog systems as an approved commenter. Blog software applications often give previously approved commenters the ability to post future comments without going through the approval process. All these blogs out there are letting these comments sit on their sites and they're leaving themselves vulnerable for whenever the second wave of the attack hits.