Additional goodies from the blog spammers

An interesting thing about running a web application, it’s that people never cease to surprise you. I have already discussed the behavior of the scammers within PeopleWords. Now, I am encountering a new kind of annoying people: the blog spammers.

Given that has no blog, there is no reason for blog spammers to get interested in Peoplewords, right?

Wrong, PeopleWords has no blog, but blog spammers don’t care. What blog spammers are detecting is the link toward an XML feed.

<link rel="alternate" type="application/atom+xml" title="PeopleWords, JobBot" href="AlertAtomFeed.aspx" />

This XML feed is not carrying blog posts, but PeopleWords translations jobs. As a side effect, the zombie army[*] commanded by spammers considers that any website providing an XML feed is a blog and therefore they try to fill up all the available forms with various crappy contents.

On PeopleWords, the only freely available form accessible without user registration is actually the user login form. As a consequence, I get a dozen blog spamming attempts everyday generating errors that are caught in the server logs.

[*] The PeopleWords server logs indicate that the blog spam attempts are coming from a large number of different IPs. This would indicate that the blog spammers are using a large amount of regular (but infested) machines over the internet.