Reading an article on the Business-Standard today out of India reminded me that as a blog owner, I must remain vigilant against malicious threats to my community. The article discusses how blog commenting systems are becoming a great place for spammers and malicious users to publish links via the URL field which takes end users to sites where they download supposed codecs which turn out to be trojans.
Blog comments, instant message spam and malicious text ads are leading drivers to send users to these fake codec websites. Shantanu Ghosh, vice-president, India Product Operations, Symantec noted that attackers often use blog comment fields to post such links. Quite often, these comments have some catchy phrases to entice visitors to click on the link. By one estimate, about one in five blogs are spam blogs.
As the owner of your blog, it is up to you to make sure that no malicious links get past your eyes and end up on the blog where your community could be at risk. Be careful though clicking on the URL links that commenter’s have in order to check out their legitimacy as you are putting yourself at risk. Here are some tips. Don’t open those URL’s in Internet Explorer because most bad scripts have been written with IE in mind. Secondly, use a FireFox extension called NoScript which disables any sort of scripting from taking place on the website. Overall, keep a keen lookout for anything suspicious and if you don’t feel safe clicking on a link, simply de-link the comment author before it’s published.