We’ve been seeing a fair amount of these lately — what appears to be one spam gang using google, ebay and other “normal” looking domains as spam links in unsolicited email.
Example URLs:
alwaysbrighttimes.com
bestcallson.com
childshine.com
chocolatemoneyonline.com
chooseguide.com
cliffsnotesap.com
ebaydirectmarketing.com
ebayphonestore.com
etherealticket.com
exclusivecollar.com
freegoogleworld.com
getgoogleonline.com
goodeasymoney.com
googlemapit.com
greatsonoran.com
hatefulcap.com
humorousskate.com
insidetheiris.com
kiddemand.com
messageorder.com
rezvhome.com
rezvnation.com
smartworldradio.com
superbigsky.com
supergooglesearch.com
supernoteson.com
tenneseeworld.com
thankfulrule.com
theperfectbook.com
uninterestedlist.com
yournotecards.com
The patterns are always junkcname.domain name.junktext.
For example, jrvds.getgoogleonline. com/gcbswsy/hwnvsw:
All are used as a redirect to get you to a spam site.
You can comfortably blacklist these domains to reduce spam traffic.
Alex Eckelberry