Yahoo Pulse Blog – A Good Hosting Tool for Spammers

Yahoo has apparently found yet another way to assist spammers.

As if longstanding abuses of Yahoo Groups weren’t enough for the spammed masses to suffer though, their blog site, Yahoo Pulse, is now making life easier and more productive for spammers as well.

The latest emails being spewed throughout the Internet have long and convoluted Subject lines (in an attempt to evade spam filtering) that allude to online sales of medications, such as:

Subject:   extraordinary tablets tendered for superb way of life
Subject:   supplying exceptional capsule brands for lots of years
Subject:   web outlet tremendously suggested for pills purchases

Microsoft, itself a massive spam-enabler, is sending the vast majority of these emails (if not all of them) through hijacked Hotmail accounts abusing it’s mail servers. While the From addresses may or may not be legitimate Hotmail accounts:

From:     Boyd Owenby <boydowenbykac@hotmail.com>
From:     Stroum Elliff <estroumuel@hotmail.com>
From:     Elphonte Stutz <stutzelphoduec@hotmail.com>

The actual sending mails servers most certainly are Microsoft’s:

from col0-omc4-s15.col0.hotmail.com (65.55.34.217)
from col0-omc3-s9.col0.hotmail.com (65.55.34.147)
from snt0-omc1-s27.snt0.hotmail.com ([65.55.90.38])

The messages themselves, like the subject lines, promote the sales of online medications in the vaguest possible terms, and in each case link to a Yahoo Pulse blog that exists solely for the purpose of redirecting to the spammer’s e-commerce site:

We are truly concerned for our customers’ welfare. Every capsule product we market has underwent rigid quality check-ups. This assures you that the goods are secure to use. Our http://pulse.yahoo.com/_WDSMBZ3ZJOQV5GOL67KG3QZI6M/blog is staying put for your repurchases.

Another example:

We love your all-positive statements.

It moves us to give out more extraordinary capsule brands. Actually, recent products have already been launched at present. Upcoming orders can still be placed at the same http://pulse.yahoo.com/_65JOSV7Y3JLUVL2QZMIRLVF5AY/blog

If you visit the Yahoo Pulse group you’ll be presented with a large Spam Advertisement such as:

Yahoo Pulse Blog Spam
Click for Larger Image

The graphic on the blog is actually hosted externally by Microsoft’s LiveFileStore.com site, another longstanding tool used by spammers with little or no apparently enforcement from Microsoft. See any of these:

http://juo6oq.blu.livefilestore.com/y1pTiyyhX5poMwguBlzjrTB01XJYllphw9hvLb6
cTncoCw0JnT_9ne0ADieOtZpjppj0rWzKybnb4qHg_tRKgajdMLQQOiQeSl9/ya-b-new.gif

http://i7nkna.blu.livefilestore.com/y1peJIvvXKssIC9ERsE1pphVKwxitOpOkUX1eI1Xm4Y-TU9WPSiPTZ1qkqDW5LSWL12GwfMyrJBcSzec33heJj1EV5IClhviWb4/ya-b-new.gif

http://eqqlca.blu.livefilestore.com/y1pkzt-XfZANVA90sz6ShDbDvPkPN7c9kBNZ
eJk8rYO0eqb23X61oxp09ZT2oEJAE84nupqwNSrbVgBZUQK9QhDVU3Ko-yPK1RQ/ya-b-new.gif

Ultimately, these spams will eventually direct you to the spammer’s actual e-commerce site where you can order what may or may not be food coloring and chalk in tablet form.

To further remove themselves form the spam and to try and make filtering less effective, the initial links will typically redirect to the actual spam sites. For instance:

http://www.rxbest-day.net.cn/

redirects to:

http://www.networkrx365-top.com/

and

http://www.aaapharms.com.cn/

redirects to

http://www.networkrx-direct.com/

From the spammers perspective, all of this takes a bit of effort but is well worth it. By using free tools provided by Microsoft and Yahoo they can:

  1. Send spam through Microsoft
  2. Redirect the recipient to a Yahoo Pulse site
  3. Display a spam image advertisement courtesy of Microsoft

They can do all of this without cost and while using Microsoft and Yahoo to shield their own networks from spam filters.

Of course, this only works for the spammer because both Yahoo and Microsoft have lax, ineffective or non-existent review and enforcement of their systems to prevent these abuses.

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: , ,

Comments are closed.