Spammers Abusing Verisign Site Search

It appears as though those wonderful spammers who brought use the Google “I’m feeling lucky” url abuse, have now found a new site to abuse, Verisign. Basically what the spammers are now doing is using the site search feature on Verisign‘s website to mask their urls. All they have to do is place their address at the end of “http://search.verisign.com/cs.html?url=http://www.spamsite.com/” and it is enough to mask their site. I don’t think it will be long before the phishers pick up on this one.

I’ve also noticed that some casino site is now using the Google “I’m feeling lucky” abuse with the search phrase “"million megabet from casino online" Magic Jackpot!

My previous post about the Google abuse has been updated to reflect the new phrase.

UPDATE
Verisign have now blocked this re-direct, anyone trying to use it will now be redirected to http://search.verisign.com a Verisign site search. Thank You Versign for taking positive action.

2 thoughts on “Spammers Abusing Verisign Site Search

  1. Gary Krall

    Hi: I am a technical director at Verisign and I happened upon your post and passed it onto our inbouse web-team. I have been advised that we have implemented a change which fixes the problem as far as we can tell – instead of getting a redirect to the spammer’s site, it gives a redirect to search.verisign.com (although it might appear to be a spam for VeriSign to those people who don’t read very carefully).

    If there is an alternate action the script should take, please let me know to the email address in the post.

    Again thank you for bringing this to our attention.

    Gary.

    Reply

Leave a Reply

Your email address will not be published.

CommentLuv badge