Interesting spam/phish technique: Look for subdomains with CNAMEs or SPF records that point to abandoned domains that you can then register…and effectively take control of the subdomain or SPF.

They haven’t seen any cases where it’s been used to host a phishing site at, say, an msn.com subdomain, but they’ve seen thousands of cases where it’s been used to pass email verification checks.

The article describing “SubdoMailing” gives a detailed example of a spam that made use of an msn.com subdomain that was used for a sweepstakes way back in in 2001, with a CNAME pointing to the long-abandoned domain name for the contest, but the subdomain was never actually deleted.

Lesson: check your DNS for any dangling references to outside domains that might not exist anymore!

Eventbrite has worked well for buying tickets to events I’ve attended…

But over the last few months I keep getting spam for events that are not only not remotely interesting, they aren’t anywhere NEAR me. Sorry, but I’m not hopping on a plane for a pub crawl on the other side of the continent or a 2-hour “gong bath experience” on the other side of the planet.

At first I thought they were bogus. But everything pointed to Eventbrite’s servers. I’ve been blocking the campaigns in Eventbrite as I get them, but at this point my account settings show 10 organizations I’ve blocked, even though I’ve theoretically unsubscribed from “all Eventbrite newsletters and updates for attendees.”

Of course searching online is useless, because (1) everything’s about how organizers can keep their messages from landing in spam folders, and (2) searching online in 2023 is more or less useless anyway. It’s the end result of years of SEO trying to get into the first page (now with generative AI to flood the zone with even more bullshit!) combined with Google and Bing giving up on trying to give relevant results when what they really care about is ad impressions — and no, DuckDuckGo results aren’t much better.

I haven’t bought tickets to an event that uses Eventbrite since 2019 (for obvious reasons). I’m thinking at this point I should just cancel my account [Update: I did], and the next time I want to go somewhere that uses them for tickets, I can open a new one. With a different address.

We don’t have personal jet packs or flying cars, but we do have spam advertising remote-controlled robot birds that we can buy from shady online retailers to entertain our cats.

“My cat is obssessed with this pigeon-shaped drone” and so on…

I’m not opposed to relevant guest posts on a topic-based blog, but when it’s obvious that they didn’t even look at the site and are just robo-spamming blogs that maybe matched a keyword or something…?

I mean, stuff like this:

“I read your article https://speedforce.org/2017/11/crisis-earth-x-conclusion-review/. Your readers might be interested in checking out our resources on machine learning and AI.”

Really?

I can’t imagine enough people would bite for them to get their link-backs and up their page rank, but then spam has always been a scattershot approach.

@mrennen@mastodon.social suggested that even if the technique isn’t effective anymore, spammers might be selling the “service” of getting linkbacks to gullible sites that want the exposure.

Could be. There always has been a strong overlap between spammers and scammers.