That is some tasty looking spam sushi, but not as good as this gem that was sparkling like a cubic zirconia in my inbox. The beauty was the letter was attached as a PDF and allegedly referred to a manufactured relative with my last name:

Dear Levine,
I will like to seek your help in a business proposal , which although is sensitive by nature and not what I should discuss with someone I don’t know and have not met using a medium such as this but I do not have a choice.

Well desperate times call for desperate spammers. After the warm personal greeting, how could I not read on?

I am Mr. Xxxxxx Xxxxx, personal account manager of late Dr. Norman Levine, who died of a cardiac arrest a few years ago leaving behind a large sum of money with a commercial bank in the Island of Seychelles which is a tax free zone, a place where plenty of rich people tend to hide away funds not ready to be used or invested, I am also the Client Service manager of the Kenyan branch. I will not mention the amount of money which runs into several millions in United States Dollars and name of bank presently until we have agreed to deal. I trust you will understand the need for such precautions.

Do I ever understand! Thoes precious millions from Uncle Dr Norman! But which Dr Norman Levine is it? The dermatologist form Tucson? The breast augmentation specialist from Oklahoma City (that sounds plausible)? The history prof from Maryland (doubtful). So many Norman Levines…

So far, valuable efforts has been made to get to his people but to no avail, as he had no known relatives more because he left his next of kin column in his account opening forms blank and he has no known relative. Due to this development the bank has been expecting someone to come forward as a close relative to claim the funds otherwise as the Seychelles national laws would have it, any dormant account for five years will be declared unclaimed and then paid into the government purse.

Oh that crazy forgetful Uncle Norman? How could he forget me, his favorite nephew? All those memorable days at the racetrack where I placed his bets? The velvet lounges in Atlantic City where I fetched his Old Fashions from the bar? The escorts I picked up for him (in sets of three) in Manhattan?

To avert this negative development my colleagues and I have decided to look for a reputable person to act as the next of kin to late Dr. Norman Levine so that the funds could be processed and released into his next of kin, which is where you come in. We shall make arrangements with a qualified and a reliable attorney to represent you locally to avoid any inconvenience of you coming down to claim the funds

Thanks for looking long and hard to find such a reputable person. As part of the inconvenience avoidance I bet you want some bank account numbers, eh? Yep, I just fell right off the turnip truck.

All legal documents to aid your claim for this fund and to prove your relationship with the deceased will be provided by us. Your help will be appreciated with 30% of the total sum which I would disclose in my next email Please accept my apologies, keep my confidence and disregard this letter if you do not appreciate this proposition I have offered you.

I wait anxiously for your response. Please also include your phone number in your response.

Woot! 30% of all those millions hidden in the Seychelles! What are the odds of this happening?

Oops, did I not keep the confidence by blogging this?

Drats, there goes another inheritance again, When will I learn?

I get about one of these a day. I guess there is a giant “SUCKER” sign pasted on the back of me on the internet. Do you think it is that hard to spot a machine generated body of text? C’mon, I did Mad Libs in the 1970s.

Dear [sucker's name],

I really appreciate your collection of information for teachers on the [sucker's blog name] website, [sucker's blog url]. I have also found your post “[last blog post]” very interesting. Yes, [sucker's blog name] is one of those sites I keep coming back to.

I’ll keep this short as I know you probably get a ton of email. I have developed a tool [insert name here] that I think your readers will find interesting. It is a useful thing to post on your page so you and your readers can [verb made into something web 2.0ish]. You can see a demo of it in action at [my crappo URL] and you can see it in action at sites like [obscure web site with familiar sounding name] and [another web site name, yeah they ignored my email but who's gonna check].

I’d ask that you insert an [ad, widget, big hunking ugly ass cpu crushing flash banner] onto your site and in return I can offer you [something I'll never deliver]. Or I’d be wiling to write a guest blog post at [sucker's blog name] – if you want to see my writing in action, look no farther than {obscure blog url here], [a blog url I own but registered under my cat's name], or [my mommy's blog url].

I’ll make it as easy as possible to work together so we can both achieve mutual [random buzzword]. You just sit back and watch the [allusion to wealth] roll in. Let me know when we can start to achieve [another buzzword] together!

Sincerely,

Billy Bob Spammer

There is no originality in spam, none at all.

Created by morons for suckers.

THIS MESSAGE IS FROM OUR TECHNICAL SUPPORT TEAM This message is sent automatically by the computer. If you are receiving this message it means that your email address has been queued for deactivation; this was as a result of a continuous error script (code:505)received from this email address. To resolve this problem you must reset your email address. In order to reset this email address, you must reply to this e-mail by providing us the following Information for confirmation.

Current Email User Name : { }
Current Email Password : { }
Re-confirm Password: { }

Note: Providing a wrong information or ignoring this message will resolve to the deactivation of This Email Address

The user of This Email Address is Laughing His Ass off– really, if you are going to phish me, damnit, use some interesting bait that does not insult my intelligence! Because I am certainly going to panic, rush off and send my password to OUR TECHNICAL SUPPORT TEAM because of those scary 505 errors.

I bet you went to a cheap DIY U to learn these skills.

I mean c’mon, if you are going to the effort to run bots to spam and phish me, at least try to be convincing! The CogDog judge gives this a -1 for effort and a 0 for originality. How many hours were sent crafting:

To: undisclosed recipients;
Subject: our Email ID has been awarded 1,000,000.00 GBP in the TOBACCO PROMO send your

Names…
Country…
Age…

The most disturbing thing is that even this indecipherable, obviously a phony email will still probably fool some percentage of the receivers of the message. That is really sad,

I am not a happy pup.

The volume of blog comment spam coming into my quiet little dog house is has reached DEFCON 4 on the scale of annoyance.

So I am taking action against one company, Ubiquity Server Solutions which coddles spammers (see the updates and comments below- I cannot stand by this initial accusation; and they, in fact, have taken action). I have twice reported offending IP addresses they host that are sending spam to abuse@biquityservers.com, sending pertinent information: And below, I invite you to join me and ban them from your sites.

I am getting large volumes of blog comment spam originating from servers
on your network.

Please let me know when you have canceled these persons accounts.

---------- Forwarded message ----------
From: WordPress <wordpress@cogdogblog.com>
Date: Sun, Mar 14, 2010 at 4:30 PM
Subject: [CogDogBlog] Please moderate: "More Than Notes is Evernote"
To: cogdogblog@gmail.com

A new comment on the post #4253 "More Than Notes is Evernote" is waiting
for your approval
http://cogdogblog.com/2009/10/01/evernote/

Author : acbaldwin (IP: 64.120.31.41 , 64.120.31.41.ubiquityservers.com)
E-mail : raymondisking@hotmail.com
URL    : BLOG SPAM URL REMOVED FOR WEb PUBLISHING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=64.120.31.41
Comment:
I’m looking for  quality and good websites to help me learn

A new comment on the post #4723 "There's Gotta Be a Better Way To Search
a WordPress Blog" is waiting for your approval
http://cogdogblog.com/2010/03/10/search-wp-blog/

Author : Lana Montejo (IP: 173.234.52.247 ,
173.234.52.247.rdns.ubiquityservers.com)
E-mail : Mermelstein223@gmail.com
URL    : BLOG SPAM URL REMOVED FOR WEB PUBLISHING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.52.247
Comment:
You wouldnt believe how long ive been looking  for something like this.
Through 10 pages of Google results and couldnt find anything. One search
on Bing. There was this.... Really have to start using it more often!

The response I get is:

Alan,
We have sent our customer a complaint.  Thanks!
All the best,

Allen Jenkins
Ubiquity Hosting Support

Ticket Details
===================
Ticket ID: BES-740526
Department: Abuse
Priority: Medium
Status: Closed

Hold on a minute, Allen Jenkins- this ticket is not closed at all since you have not done crap to stop spam. “We have sent our customer a complaint?” WTF is that really going to do?

Yes… since this message I have a raft of new blog comment spam coming to me from Ubiquity Servers

----------------------------------------------
A new comment on the post #4723 "There's Gotta Be a Better Way To Search a
WordPress Blog" is waiting for your approval
http://cogdogblog.com/2010/03/10/search-wp-blog/

Author : Bill Jenkins (IP: 173.234.11.216 ,
173.234.11.216.rdns.ubiquityservers.com)
E-mail : Hilyer@yahoo.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.11.216
Comment:
I'm going to bookmark this blogg on Dilicious to get more views for you.

----------------------------------------------
A new comment on the post #4661 "A Lot (= what I don't know)" is waiting for
your approval
http://cogdogblog.com/2010/02/06/what-i-dont-know/

Author : Blake Vanputten (IP: 173.234.38.5 ,
173.234.38.5.rdns.ubiquityservers.com)
E-mail : Mangaoang@gmail.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.38.5
Comment:
Headlines generated by Tiger Woods

----------------------------------------------
A new comment on the post #4505 "Flattery By Spam Will Get You... " is
waiting for your approval
http://cogdogblog.com/2009/12/22/flattery-by-spam/

Author : Angelo Dallmeyer (IP: 173.234.92.211 ,
173.234.92.211.rdns.ubiquityservers.com)
E-mail : Molla@gmail.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.92.211
Comment:
Arthritis in canines can be a major issue that many people never even think
of in senior dogs.

----------------------------------------------
A new comment on the post #4767 "Stomped by Lawyers" is waiting for your
approval
http://cogdogblog.com/2010/03/23/stomped-by-lawyers/

Author : Terrance Obrzut (IP: 173.234.49.198 ,
173.234.49.198.rdns.ubiquityservers.com)
E-mail : Darrisaw@gmail.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.49.198
Comment:
This unique article makes me understand that many of us have to take alot
more care of ourself and every other.

----------------------------------------------
A new comment on the post #4767 "Stomped by Lawyers" is waiting for your
approval
http://cogdogblog.com/2010/03/23/stomped-by-lawyers/
Author : Marylouise Kingston (IP: 173.234.19.177 ,
173.234.19.177.rdns.ubiquityservers.com)
E-mail : Worm@ymail.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.19.177
Comment:
[…] <a href="http://cogdogblog.com/2009/10/01/evernote"
rel="nofollow">http://cogdogblog.com/2009/10/01/evernote</a> -
More Than Notes is Evernote - CogDogBlog              ... But everyone
needs a vacation, and everyone should buy a timeshare so they can guarantee
that vacation. ...read more at BLOG SPAM URL REMOVED FOR WEB POSTING [...]
                         
                         
----------------------------------------------
A new comment on the post #4767 "Stomped by Lawyers" is waiting for your
approval
http://cogdogblog.com/2010/03/23/stomped-by-lawyers/

Author : Andrew A. Sailer (IP: 173.234.46.243 ,
173.234.46.243.rdns.ubiquityservers.com)
E-mail : memory@1gbpc2700.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.46.243
Comment:
There are a lot of people who do not pay any attention to RAM when they buy
their laptops. They may be ignorant or perhaps plain negligent on this. But
when the laptop works slowly or perhaps conks off in the middle of important
tasks, they wonder as to what happened suddenly.

----------------------------------------------
A new comment on the post #4694 "Best. Motley. Postcard. Evah." is waiting
for your approval
http://cogdogblog.com/2010/02/26/best-motley-postcard-evah/

Author : Charley Koor (IP: 173.234.11.13 ,
173.234.11.13.rdns.ubiquityservers.com)
E-mail : Reimann@yahoo.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=173.234.11.13
Comment:
I think you can do no wrong making things easier for your readers, and I
think this is achieved through preview and subscription functionalities.

----------------------------------------------
A new comment on the post #4479 "Filtered: "Hey kids, get off of that
website, what are you trying to do..."" is waiting for your approval
http://cogdogblog.com/2009/12/17/filtered/

Author : hot blonde jokes (IP: 64.120.31.128 ,
64.120.31.128.ubiquityservers.com)
E-mail : marinewife0528@yahoo.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=64.120.31.128
Comment:
Hi, i've been come to your site and it seem really good. I'm making a family
home page and struggling to make it look great.  How hard was it to build
your site?  Could someone like me, with no experience do this? I always wanna
to make something like that. Just for your info your site seem broken when I
browse using IE 7.

----------------------------------------------
A new comment on the post #4505 "Flattery By Spam Will Get You... " is
waiting for your approval
http://cogdogblog.com/2009/12/22/flattery-by-spam/

Author : Asuncion Ferentz (IP: 69.147.240.102 ,
69.147.240.102.rdns.ubiquityservers.com)
E-mail : Letchaw178@gmail.com
URL    : BLOG SPAM URL REMOVED FOR WEB POSTING
Whois  : http://ws.arin.net/cgi-bin/whois.pl?queryinput=69.147.240.102
Comment:
Too good dude! I liked it!!

It seems to me that Ubiquity Server Solutions provides solutions for spammers who are flooding innocent blog owners with crap. So here is step one that I am doing, and I will ask others with self hosted blogs to do.

Block them from your site, deny access by editing your .htaccess file, and insert at the top:

order allow,deny
deny from ubiquityservers.com
allow from all

This simply says block all incoming network traffic that originates from ubiquityservers.com and then allow everyone else in.

I dont believe it will do much, but maybe somehow, this can get to someone at the company, say, oh, let’s look this up..

Corey Northcutt
201 W. Olive, Suite 2b
Bloomington, Illinois 61701 United States
corey@ubiquityservers.com

Corey, can you tell me why servers you host at your company are inserting blog spam links to porn sites in my site?

I’m waiting, Corey… and I am not very happy

cc licensed flickr photo shared by tey_zent

Again, my woeful cry at the moon, is to Google– Google who for years has provided the incentive to blog spammers by creating the elusive page rank, the raison d’etre for people who have no interest in your blog to blast it with crap just to insert their unwanted URLs in your page.

Google, you have done nothing to stop this. Nothing.

Sure you “do not evil” but you provide the reason for thousands of spammers to do something that feels maybe just one notch below evil to hundreds of thousands of innocent blog owners.

UPDATE Sun, Mar 28, 2010 at 10:13 PM

Look how Ubiquity Server Solutions is taking “action”!

Hi,
This has been sent to the customer.
All the best,

Allen Jenkins
Ubiquity Hosting Support

Ticket Details
===================
Ticket ID: BES-740526
Department: Abuse
Priority: Medium
Status: On Hold

Yeah, this will have a big effect. So far, since imposing the domain block, no spam being generated by Ubiquity Server Hosted Spam Roaches has breeched the wall.

UPDATE (March 31, 2010): I can tell my blog readership must be low (Hi Mom!) as no one pointed out my faulty htaccess logic- blocking ubiquityservers.com wont work as those are not the source domains.I parsed the list of offenders (including a new one this morning), as I need to block by IPs.

(IP: 173.234.11.216 , 173.234.11.216.rdns.ubiquityservers.com)
(IP: 173.234.38.5 , 173.234.38.5.rdns.ubiquityservers.com)
(IP: 173.234.92.211 , 173.234.92.211.rdns.ubiquityservers.com)
(IP: 173.234.49.198 , 173.234.49.198.rdns.ubiquityservers.com)
(IP: 173.234.19.177 , 173.234.19.177.rdns.ubiquityservers.com)
(IP: 173.234.46.243 , 173.234.46.243.rdns.ubiquityservers.com)
(IP: 173.234.11.13 , 173.234.11.13.rdns.ubiquityservers.com)
(IP: 69.147.240.102 , 69.147.240.102.rdns.ubiquityservers.com)
(IP: 173.208.124.23 , 173.208.124.23.rdns.ubiquityservers.com)

It looks like Ubiquity Servers runs a whole fleet of spams in a pen under the 173.234 block, so my new htaccess is listing:

order allow,deny
deny from 173.234.
deny from 69.147.240.102
deny from 173.208.124.23
allow from all

I will also send Allen Jenkins a message with every spam I get.

Also, many of these domains are listed under the name of NOBIS-TECH, which is the holding company for Ubiquity Servers, perhaps they are the Mother Roach?

Nobis Technology Group, L.L.C.
201 West Olive Street
Suite 2B
Bloomington, Illinois 61701

I’m thinking an old fashioned letter may be in their future.

UPDATE March 31, 2010 The tech folks at Ubiquity Servers are asking for log files that show this activity. That was easy (kudos to BBEdit’s feature of “process lines containing” that allows me to rip these from 6 Mb log files.

The activity is readily clear.

If these blog comments were legit, like someone sitting at their computer typing in my comment box, the IP address recorded for the transaction would indicate the IP address of their machine through an ISP.

However, all of these comments are linked to a server sitting on the Ubiquity Servers network, and more so, if you look at the pattern, the logs show a GET access for one of my blog posts (e.g. someone, or in this case, something) accessing a blog post.. followed by, in less than 5 seconds a POST to my comments script.

I dont think anyone reads and writes that quickly. I was going to add it it here, but the log files actually bear the URLs of the intended spam insertions, instead, I have uploaded the log file data I sent to the Ubiquity Servers abuse line.

UPDATE June 20, 2010 I have to say this has been a fascinating experience (follow the comment threads below); and am going to have to modify my initial assertions that Ubiquity Servers are “coddling” spammers; that as written more out of emotion than knowledge.

In fact, since I sent them my log data, I have seen no more spam from their clients (or as it appears, their clients’ clients’ clients’ clients’ clients.

That said, the spam keeps coming, through every crack, orifice, over the top, under the bottom. Until the creator of the financial incentive of link insertion is willing to
put their brains behind a solution (likely not since it is their gravy train), all of us have to spend time dealing with the slime of blog spammers– and its not just blogs, it is any web site that has a form field someone can insert content.

Dear CogDogBlog Spammers,

Thank you for your loyalty over the last 7 years, your patronage was never wavered, and your activity has continued to grow over the years. Your work is a tribute to perseverance in your discipline, and I am sure your clients, the various pill retailers, online gambling parlors, body enhancement providers all have prospered greatly because of your sheer genius.

But I have been stingy in keeping your daily, hourly, often Russian, flow of wisdom to myself. Until now, I have vigorously kept a chain link fence around this blog with various anti-spam plugins, but I wanted to let you know that the guard dog has been chained and you shall sometimes be let in the yard…

… well, that is, after I edit your stupid-ass comment’s URL and email address. I thus leave your poetic comments to be available to all of the readers here who have been missing out the pleasure I have been hoarding myself by moderating your steady torrent of activity.

with sheer love and affection,
CogDog

Your website came up in my research and I’m taken by what you have composed on this topic. I am presently extending my research and thus cannot contribute further, yet, I have bookmarked your web site and will be returning to keep up with any incoming updates. Just love it and thanks for admitting my remark.

Wow, that is so generic for you to say that sentence you wrote as a sentence. But I am so saddened your research is so daunting that you cannot return. Maybe I will be returning to the lovey site you linked with those un-usual pictures of… well, never mind.

Amazing article this is. It gets a thumbs up from me.

Thanks for the thumb. It too is amazing. I’ve never see one shaped like a ———

Simply true! I read it twice. While I am not as accomplished on this issue, I concur with your conclusions because they make sense. Gives Thanks and goodluck to you.

As I concur with your concurring since it really says nothing.

Hi,just thought you’d be interested to know that I have added you to my bookmarks because of your uppercase blog layout (LOL). But seriously I think your website has one of the cleanest design I’ve came across. It really helps reading your blog a lot easier.i just love it [link removed]

Hi, if you like my blog for its design, than let me set up some <blink> tags for you.

We just couldnt leave your website before saying that we really enjoyed the quality information you offer to your visitors… Will be back often to check up on new stuff you post!

Does that I have to provide dinner for we and set up the guest room?

i`m your permanent reader now

Good, I am so tired of those temporary readers, they just come and go.

Thanks for taking the time to discuss this, I feel strongly about it and love learning more on this topic. If possible, as you gain expertise, would you mind updating your blog with more information? It is extremely helpful for me.

I will certainly be discussing a lot more of this, right after I finish talking about that. I have longer term plans to blog about those. And yes, I do mind updating my blog with information! If I do that, I would be in danger of getting a damned EduBlog award.

Considerably, the post is in reality the best on this worthw hile topic. I fit in with your conclusions and will thirstily look forward to your approaching updates. Saying thanks will not just be enough, for the phenomenal clarity in your writing. I will right away grab your rss feed to stay informed of any updates. De lightful work and much success in your business efforts!

So how do those conclusions fit? I think this comment ios really the most phenomenal on this topic. I thirstily look forward to your approaching comments.

Thanks for giving such a terrific website. this weblog was not just informative but also very inventive too. There normally are very few professionals who can think to create not so easy content that creatively. Keep posting !!

Damn, I must have made a mistake again. My mission statement is to be un-informative and un-inventive. I really wish I could create more creations creatively in a creative manner.

I know this is really boring and you are skipping to the next comment, but I just wanted to throw you a big thanks – you cleared up some things for me!

You are so right. Yawn………….

This is such a great resource that you are providing and you give it away for free. I enjoy seeing websites that understand the value of providing a prime resource for free. I truly loved reading your post. Thanks!

Free? free? FREE! Did you miss the payment slot? Sigh. I need money.

I could go on, but the inaneness of blog comment spam is a blessing because it stands out so obviously to be the crap it is.

Spammers are morons. Let’s keep it that way.

I have had a hair tearing hacked WordPress blog experience here over the last 2 days. I don’t know why, but it really knocked my knees out, and I am reeling to figure out why this has gotten to me on an emotional level. That even sounds silly seeing those words.

But I am not rolling over. Yet.

It all surface, like many things, in the act of doing something else. I left a comment Sunday on someone’s blog about something rather inconsequential, and got an email later asking me if I knew my blog was riddles with spam links.

Sure enough, I looked at the source code, and at the bottom, written with CSS to hide the display (but not hide from google) was a long list of every variation of PPC (pill/porn/casino) link one could imagine, maybe 120 of them.

It’s kind of like discovering someone you did not invite snuck in a window and shat all over your basement. Just for the kicks.

I had some ideas where to look, cause it happened before when I had my template files set with writable permissions (lazy so I could edit in WP), and sure enough, I could see in my header.php template file a PHP include statement (calling in code from elsewhere on my site) and then another line calling a function I knew did not belong. I got rid of those quickly.

I noted the date of when this was changed (9/1/2009) when also I recalled a big spike, way above my normal, in blog views. Here I thought it was something I wrote, when it was really someone launching blog spam form my site.

The path that it was reading its source from was bizarre, because it was added inside the wp-includes/js/jquery directory– another directory was added here and inside were PHP files that had code hidden by base64_encoding (it takes normal looking code, and renders it as a long string of random looking numbers/letters; PHP can actually execute this code that looks like gibberish by an eval() statement).

And there was another directory with something like 14 Mb of small text files, each one a few paragraphs of jumbled sentences and HREF links- it looked like the random stuff you get in spam blog posts. Jeez, this meant that someone was using my site to launch spam at others.

It was easy to see that this did not belong by comparing to the download archive of the latest WP.

I made sure there were no other things festering in my templates. I decided to delete all of the WP code files, and re-install them.

I was relieved when this was done, and my site no longer included secret spam.

But it returned a few hours later. Damn!

I started to suspect the WP-Super-Cache plugin (from a twitter tip); it was a writable cache directory and might be a place to hide malicious code. I got rid of that, reloaded the entire WP code, and it was clean again.

I also exported my database to see if anything awry was in there, and did a whole bunch of searches on things that could indicate spam. Nothing.

I switched my template, and the crap was still there, suggesting the cause was somehow being written into the core Wp code (because the spam appeared after the closing <html> tag- and if the template was not adding anything, it seemed like it would have to be the WP code or a compromised plugin- but because it went away when I replaced thee WP code, my hunch is that something was being backdoored to modify WP itself (I am guessing wildly).

I read a lot of blog posts like Old WordPress Versions Under Attack which was not seemingly the case, no hacked permalinks… (although it was 9/1 when I upgraded from WP 2.8.3 to 2.8.4).

This was really getting to me, as I was feeling powerless as someone remotely was taking over my blog. I got rather down about this, and honestly contemplated closing up the site, or maybe moving it to WordPress.com

Not yet. Another twitter link I got was Top 5 WordPress Security Tips You Most Likely Don’t Follow, and while I agree that some of them are just things to obscure things with a thin film, I employed most of the suggestions, including changing my FTP, database, and WP passwords (I only have one account and it ain’t “admin”).

So far, over the last 30 hours, the site has not been re-infected, yet I am still lacking a real indication of what happened. The malicious code I did find does not look like what was modifying my own blog.

And I am not about to feel any sense of victory here.

I admit, that there are a lot of hackers, including the one who peed on my site, are a lot more technically savvy than me in these areas, I’d rather focus on silly pictures and snarky prose.I know that. But this whole experience did rock my own confidence a lot (maybe bring it to a real level) and has left a nasty taste in my mouth.

Still, there is a large gaping silhouette of s shadowy powerful figure who is at the heart of this.

It is a dark hole with the shape of Google.

Google has built a successful, sprawling empire based on the elusive gold coin of the realm, link rank. Google provides the incentive that drives shady businesses to hire the 6 legged critters that crawl around and in try to inject unwanted links to the pill/porn business into the sites of innocent bystanders.

And Google continues, in my eyes, to do absolutely nothing to help out the independent hosted blogger who spends inordinate amount of time battling spam or just giving up.

Oh yeah, “no follow” was really effective. Yep. Google with all their super human brain power cant figure out a way to dis-incentivize “people” who game link rank by blasting links in every open web form on the net.

And no one holds their brightly colored logo to the fire for this.

Except me.

Google- I blame you for the last two days of hell trying to oust a spam hacker form my site, and I have every reason to believe I cannot rest at all.

Google- I lift my leg on you.

I had a friend was a big dot com player
back in the bubble
He could throw that IPO by you
Make you look like a fool boy
Saw him the other night at this coffee bar
I was walking in, he was walking out
We went back inside sat down had a few lattes
but all he kept talking about was

Glory days well they’ll pass you by
Glory days in the flash of Scoble’s eye
Glory days, glory days

It was not that long ago there was this new digital technology that came out that felt like it was going to revolutionize the way we connect and communicate. It was first in the hands of the geeks that invented it, and a few of their friends, and as it spread, slowly at first, then with downhill speed acceleration, it seemed like it would keep that civility and respect that was there at the start.

But alas, it was not to be..

It began to be used by business- often in innovative ways, but at the same time, it got darker. People, in their human nature, began to exploit the trust that has inherent at first, and infiltrated it with tricks to gull you into doing something you did not want, aiming to pry a few micro payments from you. The old guard moved on to other things, and people eventually grew into a state of fear, fatigue, and mistrust.

Some held on to the “Glory Days”.

And that, my blog friends, was …. email.

The scourge of many of our existence, with spam, phishing, filters, entire industries devoted to assist you to reach some nirvana of emptiness.

And so it is one of the most prophetic sayings of this current digital age, the Shirkyism that “social software is stuff that gets spammed.”

With a curious wonder then, turning this around, is stuff that doesn’t get spammed not social software? Or just not yet social enough but eventually it will?

So fast forward the email history to twitter.

Did you really think it would to not get exploited? fouled? pissed in?

Let me tell you about some of the great new “people” I met on twitter yesterday.

Yesterday, I was dashing off updates on some small coding projects and wrote:

Also whipped up quick web tool to reformat some content copied from Wikispaces blog. Hard to explain why. #LoveGrep

My mistake, apparently is using the key, unhashtagged word “reformat”. This is a trigger that means people can spam reply you. Like this “person”:

Hmmmm, was I tweeting about reformatting the PC I hardly use? Kim, darling, I was reformatting text.

But “she” looks so cute and innocent. Clever. “KimChi82″ does that sounds like something else besides a gal named Kim? Check her out:

She looks… so…. innocent, sweet. Doesn’t she looks like the kind of person who would artfully create this web site of beauty? (note I am not making any links to it)

But that is a real photo, and somewhere out there is a real young women who is represented online as “KImChi82″?

She has been awfully active, with over 2500 updates, obviously so busy updating on her daily activity, that poor, sweet KimChi82 has no time to follow people.

It is so sad.

Yeah, right.

And today comes more another “friendly” replies, all from such cute icon-ified “women”

Am guessing now my twitter handle has been posted to some “list” so twitter bots can spray links at me.

Of course, if I only used the web client, I’d only see messages from people in my network. But it is important to me to follow my replies, because they include messages from people outside my followers who message me.

And I could be blocking these femspambots, but what;s that going to really do? That is retroactive.

But here is the kicker.

I am not complaining about this. I am not demanding that TWITTER STOP this. I do not expect it.

You know why?

Because this is stuff that gets spammed.

And this is a lesson I really don’t think many people like or appreciate or feel like acknowledging. The digital space we partly inhabit is an ecosystem, a yin yang. You cannot have the benefits, the greatness that comes from the openness that is at its core without allowing for the unwanted, the anti-good, the spam, the crap. You cannot wall it off, or you lose the openness.

Sorry.

FOL.

So with that, me and KimChi82 are headed to Vegas this weekend to hook up with BeyonceBeaut547 and LudmilaAce167 at a Conference for Windows Registry Software, but we’re really looking for martini action down at the Ice Bar at Red Square

Good gravy, if you are going to send me spam-mail, at least make it a worthy effort? This one “Your Tax Refund” from supposedly the “Canada Revenue Agency” makes those Kenyan inheritances and dutch lottos seem legit. I really expected more from Canadian Spam, and I am way disappointed in this attempt.

After the last anual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $475.20

From 2009, we process refunds through your VISA / Mastercard Please fill the form below and e-mail it to canadarevenueagency@minister.com or simply reply it from this curent e-mail !

First Name:
Last Name:
Address:
City:
Province:
Postal Code:
Home Phone Number:
Mother’s Maiden Name:
Date of Birth:
Social Insurance Number:
Credit/Debit Card Number:
Expiration date [ MM/YYYY ] :
Card Verification Code:
Card Signature/ATM PIN:
Bank Name:

We are asking for your personal information to ensure we access the correct account, enabling us to provide the tax return. Internal Revenue Code Section 6105 allows us to request your Social Insurance Number, Credit/Debit Card number, Expiration Date, Cvv Code ( located on the back of your card ) and ATM PIN CODE for use in maintaining and accessing tax return information.
If you do not enter complete and valid information we cannot provide tax return.

Worm Regards,
Canada Revenue Agency

Oh, you so had me, at “Worm Regards”!

I am ready to send you my credit card number, PIN, security code, mother’s maiden name just cause you threw the name of a US IRS code at me! How convincing!

C’mon Canada, you better step up your spam, the Nigerians are laughing there arses off at you.

An amazing side result of this post is discovering how often a certain previous US President is tagged as “idiot” in flickr. And they scoff at the wisdom of crowds!