Blog

Websense Security Labs has been constantly monitoring the recent spammer tactics that use Google services for spamming purposes. Through the last two months we have seen increases in these services being utilized, the collected data is from our Threatseeker detection capabilities within a combination of our On Demand Services  (ODS) service and our web classification.

In these spammer tactics, which first started during Christmas last year, Google Page Creator and Blogger services are widely used with spammer registered accounts, directing the user to the actual spam domain. Note: Both services have also been used in the past to host malicious code. (eg: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=522)

Screenshot 1

Screenshot 2

On the majority of occasions, these registered accounts use JavaScript code, redirecting the user to the actual spam domain as shown:

Java Script used to redirect to actual spam domain:

The actual spam domains:

Websense Security Labs sees this as a trend where such spammer tactics are traditionally dominant with high levels of impact to now, prevailing under the radar with high profile and high volume attacks on time to time basis. Websense on-demand and security customers are protected from this attacks.