This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Huge List of Domains Cloaking to Malware (5, 000+)

Previous message (by thread): [anti-abuse-wg] Huge List of Domains Cloaking to Malware (5, 000+)
Next message (by thread): [anti-abuse-wg] Huge List of Domains Cloaking to Malware (5, 000+)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ronald F. Guilmette rfg at tristatelogic.com
Tue Jan 12 07:24:32 CET 2021

In message <CAMPzqHa0T9PxyjbvA6AFZMOoVVMqipP1OXS8SNa+eY+KtUrQLA at mail.gmail.com>, 
steve payne <stevenp8844 at gmail.com> wrote:

>There is a huge amount of some type of fraud happening with .it, .pl, .xyz
>and other domains being registered (see links below).
>
>https://docs.google.com/document/d/159Sbik8CkO9WDbLjH_tqAhr-dkpODWS1kt4UULLLfk0/edit?usp=sharing
>
>https://docs.google.com/document/d/1z43WugqqgyVjNy6-IPgON118YaE0HxrgRMKbVwW42NM/edit?usp=sharing
>
>These links contain a list of over 5,000 domains that are currently
>spamming search engines with spun text and then cloaking users to malware
>that have the search engine referrer.

I'm confused.  How exactly does one "spam" a search engine?

And what is "spun text", exactly?

Regards,
rfg

P.S.  Please send me via private email the full list of suspicious URLs.
I may not be able to actually do anything with those, but I can at least
have a look.  (For some reason my browser is not allowing me to just cut
and paste from your google docs.)

Previous message (by thread): [anti-abuse-wg] Huge List of Domains Cloaking to Malware (5, 000+)
Next message (by thread): [anti-abuse-wg] Huge List of Domains Cloaking to Malware (5, 000+)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]