I’ve previously mentioned that spammers try to sneak in their links by posting comments under another user’s name. Such a sneaky way of trying to get their links in. But, it didn’t fool me!

Unfortunately, there may be more to the story. It appears as though there may be an exploit in the Show Top Commentators plugin.

In my top commentators, David of MarketingDeviant.com is number 5. I noticed today that a spammer tried to post a comment using the name of “David.” It didn’t get approved, as it was busted by Akismet. But, even though it was unapproved, it appeared to usurp the real David’s spot in my sidebar. Thus, if you clicked on David’s name, you were taken to this spammer’s site and not MarketingDeviant.com.

I suspect is that Show Top Commentators grabs the most recent URL posted by a commentator. As the real David hasn’t been around in a while, the fake David grabbed his spot, even though the fake David’s comment was unapproved!

I can’t be sure if that’s the case until, and if, it happens again.

In order to get the real David’s link back in the spot, I had to delete the spam comment.

So, if you’re using the Show Top Commentators plugin, you might want to check your list of commentators to make sure some spammers haven’t snuck in using this possible exploit. And, if you do catch any, let me know so that maybe we can figure out if this is an actual exploit or just a fluke.

I tend to think it may be an exploit known to spammers, and that may be the real ulterior motive behind their using known commentators names to try to sneak in.

Popularity: 3% [?]

This entry was posted on Wednesday, April 9th, 2008 at 1:19 pm and is filed under Blogging. You can follow any responses to this entry through the RSS 2.0 feed.
Del.icio.us | Digg It | Googlize this post! | reddit | Stumble it! | Technorati
You can leave a response, or trackback from your own site.