Google "I'm Feeling Lucky" Spam is Back

A while back I was blogging about how spammers were abusing Google‘s “I’m Feeling Lucky” search feature as part of their email spam campaigns (link). It’s now been some time since I received one of these emails with an “I’m Feeling Lucky” link inside it, today that has change.

When I went into my email today I noticed some emails that had not been tagged as spam, interesting I thought. When I looked at these emails the pattern immediately stood out to me, a Google search URL with &btn at the end of it.

Here is the email for those interested, and yes their are offering to enlarge my already large penis ;):

Rock your partner into extacy in bed with your upgraded device!
Click on first listing in google search results -> http://www.google.com/search?hl=en&q=dreamsizeslarge+satisfied&btnG

Now what different will you see, Google has taken measures to prevent the URL from automatically forwarding. So if you click on the link you will get search results, which is what should happen. The search query that is used in this case is dreamsizeslarge satisfied. Now looking at the email we can see that they now have to instruct the user to click the link.

So all in all Google has done a good job here.

Update – 22nd April 2008

Another phrase has come up now, back to the inurl for them by the looks:

inurl:dreamsizeslarge full

Update – 28th April 2008

Additional phrase:

inurl:toolargebutrue satisfied