Uniqcount.net wants to give you a virus
I found this in the Comments Box this morning:
A new comment on the post #52 “Peter’s New Jobs and BrainHunter” is waiting for your approval
Author : Rob Palmer (IP: 220.127.116.11 , CPE-124-184-27-34.nsw.bigpond.net.au)
E-mail : email@example.com
URL : http://www.freelanceworkexchange.com
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=18.104.22.168
That sounds like a pretty neat system – great to be able to find jobs that aren’t being advertised on all the big job boards.
Well, it looks like a valid comment. The only hint that it might be spam is the domain name. Freelance Work Exchange sounds like they’re in the job board business. They might be trying to seed blogs by doing searches on Google and leaving comments. It’s a common practice, I do it myself sometimes.
Part of being a responsible blogger is checking comments are legitimate before giving them links.
The site has that “out of the box” professional look that screams it was autogenerated from a template, but that could also be poor web design.
Well, that doesn’t look friendly. They’re using an embedded WMF file to try and give visitors a virus. (This is why I don’t link to them)
The virus is originating from uniqcount.net (which is a text link to proffy209.com). This bears further investigation.
The comments are coming from the owner of Freelancee Work Exchange: Rob Palmer posting from Terrigal, Australia.
This has got me interested. Searching on freelanceworkexchange.com looks like they’re affiliated with the spammy careers.org. Careers.org looks professional, but you can tell it’s a splog from the recommended websites on the sidebar:
- Sarahtonin’s Wayward CD
- Behrle’s Global Travel Intl
I have no idea what uniqcount.net is, or why Freelance Work Exchange is linking to them. My guess is that it’s supposed to be some form of spyware / user tracking. I didn’t receive any other comments from Rob, so I’ll make the assumption that his intentions weren’t sploggy, but I’m throwing his comment in the Akismet filter just in case. Needless to say I don’t want to direct my readers to a site that is trying to infect them with a virus.