Ash Nallawalla is a consultant enterprise SEO with a long background in large companies with complex websites. He is a published author of several books and thousands of magazine articles.
The major networking event of the conference was Pubcon, which was held in the Hofbrauhaus Las Vegas, at 4510 Paradise Rd, Las Vegas, NV 89169. It ran from 1:30 to 5:30 pm. Beer flowed freely in large, heavy steins and was tempered with snippets of sausages.
This was a great place to meet other attendees in the industry. Most of the corporate attendees had left, so that they could enjoy the whole weekend at home, leaving behind just the serious networkers. Almost everyone had time to chat and pose for photos with Matt Cutts.
The WebProNews Video crew was there and filmed some of my co-speakers – Bill Hunt and Bruce Clay. I took the opportunity to interview cameraman Roger Akers – a chat was more like it. He showed me the video camera he uses – it costs over $14,000. As you will see in his Matt Cutts video below, the directional microphone did a great job of cutting out the background roar.
Roger is also working on a feature film with another professional, but he could not reveal the plot. I wished him well on that venture. I mentioned that my son Keith is studying film-making at university, so I had more than a passing interest in his profession.
In the video interview, Matt Cutts repeated the points he made in the Search Engine Smackdown the previous day. Ranking isn’t “dead” per se, but it will be less important because of Universal Search and how using video, audio and other elements will help sites rank on the first page. More WebProNews Videos
Matt showed an HTC G1 phone running Google Android. It looks good but it’s too early to say if it will do better than the iPhone. Lots of people were lining up to be photographed with Matt, including myself. – Stephan Spencer from NetConcepts (left) was also there – not that he lined up for a photo but I asked Matt to pose with him.
More Pubcon photos at Flickr.
The keynote address was delivered by Satya Nadella of Microsoft Live Search.
E-Commerce and Shopping Cart Optimisation
Rob Snell, Ethan Giffin, Jimmy Duvall
moderator: Joe Laratro
Contextual Ad Program Vendor Roundtable
Microsoft Representative, Shuman Ghosemajumder, Derek Brinkman, Tony Wills
moderator: Heather Lloyd-Martin
Getting Rid of Duplicate Content Issues Once and For All
Rahul Lahiri (no show), Derrick Wheeler, Ben D’Angelo, Priyank Garg
moderator: Rand Fishkin
Ben D’Angelo from Google cited how they handle duplicate issues. They have many systems for de-duping URLs at various stages in the crawl/index pipeline. They cluster pages, then choose the best representative cluster. There are different filters for different types of duplication. Your site is not “penalised” – simply, a duplicate page will not rank high.
How can you avoid dupes?
For exact dupes – use a 301, such as in tracking URLs, www vs non-www situations.
Near duplicates – use noindex / robots.txt, such as in printable pages, PDFs, clones of other sites.
Country domains – a new language is not a dupe. Add unique country content. Use ccTLDs.
URL parameters – if data does not affect the substance of the displayed page, put it in a cookie.
How can you avoid duplication by another site?
If distributing articles, show the original, absolute URL in the content.
Syndicate content that is different to the version on your site
If you use others’ articles, manage your expectations
Scrapers and proxies won’t affect you too much, but if you are concerned
Deborah Wilcox, from Baker and Hostetler, gave a sobering account of the “Million Dollar Domain Case”. In this incident, the plaintiff was punchclock.com. They made software to record worker hours and to calculate payroll deductions.
The defendant was punch-clock.com, a Canadian company that sold into the US and made a similar product. It ranked higher in a search and the company ignored a C&D in 2001.
There was a Florida lawsuit in 2007. The defendant defaulted, so the judge ruled in favour of the plaintiff. In brief, the defendant had to transfer the domain name and pay over $1,000,000 in damages and corrective AdWords advertising for seven years!
CSS and HTML Coding Today
Ted Ulle, Marc Juneau, Bryan Gmyrek, Lachlan Hunt
moderator: Lawrence Coburn
Bryan Gmyrek gave examples of how you can work with datafeeds with the help of PHP, Perl and databases.
Interactive Site Reviews : Focus on Organic
Byron White, Scott Hendison, Bruce Clay, Jessie Stricchiola
moderator: Dixon Jones
Podcasting and Podcast Optimisation
Glenn Gaudet, Jay Berkowitz, Cindy Turrietta, Tim Bourquin
moderator: Joe Laratro
Learning To Love Your Quality Score
Michael Stebbins, Jason Cooper, Mary Berk, Dan Sundgren
moderator: Brad Geddes
Linkfluence : How To Buy Links With Maximum Juice and Minimum Risk
Rand Fishkin, John Lessnau, Aaron Wall
moderator: Todd Malicoat
Mostly Viral Top Traffic Alternatives, or SEO on a Shoestring Budget
Brett Tabke, Marty Weintraub, Jessie Stricchiola, Gary Kirk
moderator: Carolyn Shelby
What Every Webmaster Should Know About Code Installation
Marc Juneau, Bryan Gmyrek, Ralf Schwoebel, Todd Keup
moderator: Jake Baillie
Interactive Site Reviews : Focus on E-Commerce
Rob Snell, Ethan Giffin, Bob Rains
moderator: Rob Snell
Top Secret Tools of The Trade
Todd Malicoat, Rand Fishkin, Jessie Stricchiola
moderator: Joe Laratro
Optimising Your Site for Contextual Ads
Matt Daimler, Jaan Janes, Aaron Wall
moderator: Jon Kelly
Optimising Your Site for Contextual Ads
Matt Daimler, Jaan Janes, Aaron Wall
moderator: Jon Kelly
Real-World Low-Risk, High-Reward Link Building Strategies
Eric Enge, Rebecca Kelley, Roger Montti, Greg Hartnett
moderator: Chris Tolles
Effective Domaining Strategies
Jeremy Wright, Jeff Libert, Jay Berkowitz, Victor Pitts
moderator: Michael Bonfils
Information Architecture : Design Mistakes You Can’t Afford to Make
Scott Fegette, Ted Ulle, Daniel Schulman
moderator: Heather Lloyd-Martin
Organic Site Reviews
Greg Boser, Todd Friesen, Jill Whalen
moderator: Tim Mayer
In-House SEO, PPC, and Campaigns
Jessica L Bowman, Allison Fabella, Ana Schultz, Jill Sampey, Dan Perry
moderator: Melanie Mitchell
Taking Your Analytics Data Beyond the Page View
Shuman Ghosemajumder, Geoff Mack, John Marshall
moderator: Joe Laratro
Geoff Mack from Alexa Internet introduced Alexa Research, a new competitive analysis tool in beta release. It shows your web competitors, their success and where they get traffic. You can see their visitor demographics, the upstream and downstream sites, the shared audience, the top URLs, and so on.
You can drill down quite deep and get down to a specific category, whether the site accepts ads, where the company is based, and more. Want to find sites that target a certain demographic, such as a Midddle Eastern female aged 55-64 and living in a certain country, who went to graduate school, and browses from work! If you are fussy, you only want to find a site that has a certain minimum pageviews, minimum monthly growth, etc. Alexa Research can do it.
Community Hacking – 96 Baiting Strategies You Can Employ
Todd Malicoat, Ian Ring, Bill Hartzer, Jane Copland
moderator: Andy Beal
Ian Ring had an intriguing title for his presentation, “Optimising Conversion using Genetics”
Equally as challenging was his assertion that your stylesheet can affect optimal user behaviour. CSS can determine how you display links. Ian introduced “Genetic Algorithms” where user behaviour, namely, clicks could be used to weed out poor CSS values and strengthen favourable ones.
In this ecosystem, survival of the fittest requires a measurement of fitness. This can be any measurable action, such as a click, a transaction, subscriptions, and so on.
Day Two of the Webmasterworld was keynoted by George Wright of Blendtec, better known for the viral video series Will It Blend?. George gave an entertaining presentation about how BlendTec achieved millions of visits (therefore, brand awareness) with a budget of only $50.
When George was new at the company, he noticed piles of sawdust in their demo room and was told that the founder, Tom Dickson, liked to test new components by blending wood and that this was normal. George immediately saw the viral marketing potential and asked Tom for a marketing budget. Tom generously suggested $50, which turned out to be just right.
George bought a lab coat, some marbles, a McDonald’s Happy Meal, a rotisserie chicken, and so on. Each of them was blended by Tom and the video of each experiment was placed on YouTube with some Digg publicity. Some 75 such videos have been released, including some resulting from viewer suggestions.
This fantastic viral marketing campaign has resulted in:
65 million views on YouTube (34th most subscribed channel)
120 million views on the willitblend.com site
200,000 subscribers
700% increase in retail product sales and a pull-through effect on B2B product lines
Great brand awareness, including a mention in US Congress
BlendTec has no need to spend money on traditional advertising. In fact, a radio station in New Mexico pays them to make blend videos, then shows them on local TV as commercials for their blend of music – this must be the only marketing department that generates revenue!
Analytics Vendors and Package Implementation
Brett Crosby, Richard Zwicky, Jamie Smith
moderator: Melanie Mitchell
Local and Mobile Search
Shailesh Bhat, Alex Porter, Chris Zaharias, Gregory Markel
moderator: Andy Beal
Brand Management
Brian Combs, Lauren Vaccarello, Tony Wright, Jessica L Bowman
moderator: Joe Laratro
Brian Combs is an SVP and Chief Futurist at Apogee Search. His message was that reputation is best protected before a problem occurs. It gets harder once the mud starts flying. Precautions you can take include:
Monitoring online conversations
Using consistent language
Create and propagate several websites for your company.
If the problem has arisen, then you should engage with the aggrieved person in a professional, non-defensive manner. Learn to recognise trolls and avoid them.
Set up multiple sites for products, perhaps a microsite for a problem that has gained widespread attention and encourage traffic to it (rather than your main site). Encourage positive articles on third-party sites. This does not mean pay-to-blog posts, editing Wikipedia, Googlebombing or other deceptive tactics!
Webhosting Industry Overview
Aaron Phillips, Ben Fisher, Amy Armitage, (Curtis) R. Curtis
moderator: Aaron Shear
Real-World Winning Tactics for Content Creation
Rupali Shah, Robin Liss, Ted Ulle
moderator: Derrick Wheeler
Interactive Site Reviews: Focus – Social Media
Brent Csutoras, Tamar Weinberg, Bill Hartzer, Michael Gray
moderator: Todd Malicoat
SEO Design and Organic Site Structure
Mark Jackson, Lyndsay Walker Blahut, Aaron Wall, Alan K’necht
moderator: Todd Friesen
How SMBs Can Use PR Campaigns To Grow Traffic
Lisa Buyer, Robin Liss, Greg Jarboe, Jiyan Wei
moderator: Michael McDonald
Competitive Intelligence : Know Thy Competitor Well
Jake Baillie, Andy Beal, Larry Mersman, William Atchison
moderator: Bruce Clay
Andy Beal described a lot of useful websites that you can leverage to spy on your competitors:
Ground-Up SEO Content Development as Pure Business Strategy
Heather Lloyd-Martin, Matt Tuens
moderator: Gillian Muessig
Interactive Site Reviews: Focus on Brand and Social Reputation Management
Brian Combs, Tony Wright, Geoff Livingston, Bill Hartzer
moderator: Alex Bennert
SEO and Big Search
Melanie Mitchell, Dave Roth, Maile Ohye, Derrick Wheeler
moderator: Joseph Morin
Alternative Discovery and SEO – Feeds, PDFs, and Blog SEO
Rick Klau, Stephan Spencer, George Aspland, Greg Jarboe
moderator: Joe Laratro
George Aspland talked about optimising PDFs to facilitate alternative discovery. For example, some PDFs consist of scanned documents and we know that search engines can’t read images. Their representation in a SERP can also get screwy. In the US government site shown, each page in the document showed up in the snippet as Page 1, Page 2, etc.
The first heading in the document may get picked up as the “title tag” of the search result, so pay attention to it. Better still, use the Document Title of the PDF to advantage. If you use Microsoft Word to create the PDF, you need to select File/Properties to find the dialog box. If you left it blank, the document title might read “Microsoft Word”, which isn’t very click-worthy.
Hyperlinks in the PDF should be enabled and have good anchor text. The PDF itself should be linked from an already indexed page.
You should invest in a copy of the full Adobe Acrobat so that you can edit the PDF that was created by some simple program or Office 2007.
(Curtis) R. Curtis, Jake Baillie, Jordan Kasteler, Scott Hendison
moderator: Jake Baillie
Scott Hendison from SearchCommander gave some practical checklists to use before buying hosting. By asking such questions, you can save yourself a lot of bother later on.
What Apache software is in use?
What control panel is offered?
What, if any, mods are installed?
How are mods used and used, e.g. via .htaccess? php.ini? http:conf?
Is shell access available?
Speed and performance?
Effective Action-Based Copywriting
Brian Clark (regrettably unable to attend), Heather Lloyd-Martin, Jill Whalen
moderator: Carolyn Shelby
Interactive Site Reviews: Focus on Organic
Andy Langton, Stoney deGeyter, Robert Charlton, Brant Bukowsky
moderator: Michael Bonfils
International and European Site Optimisation
Michael Bonfils, Andy Atkins-Krueger, Ralf Schwoebel, Frank Watson
moderator: Dixon Jones
Local Search Optimisation
David Klein, Joe Laratro, William Leake, Justin Sanger
moderator: Larry Mersman
Conversation and Word-of-Mouth Marketing
Todd Parsons, Louise Rijk, Ben Fisher
moderator: Mark Jackson
How To Move Your Website Without Chaos
Jake Baillie, Andy Langton, Guillaume Bouchard, Ralf Schwoebel
moderator: Jake Baillie
Interactive Site Reviews: Focus on Links
Rae Hoffman, Roger Montti, Rebecca Kelley
moderator: Rae Hoffman
Increase Your Post-Click Conversion Performance
Glenn Alsup, Philippe Lang, Alex Porter
moderator: Alex Bennert
The Secret Life of On-Site Search Exposed!
Laura Dansbury, Marc Cull, William Leake
moderator: Jessica L Bowman
Five Bloggers and a Microphone – What’s The Worst That Can Happen?
Andy Beal, Lee Odden, Michael McDonald, Barry Schwartz, Jane Copland
moderator: Ken Jurina
Web Services and Cloud Computing
Mike Culver, Microsoft Representative, Jeff Hardy, Kevin Gough
moderator: Jake Baillie
26 Steps Revisited – 2008
Brett Tabke
moderator: Brett Tabke
Interactive Site Reviews: Focus on Organic
Brian Clark, Heather Lloyd-Martin, Jill Whalen, Jeremiah Andrick
This is my fourth Webmasterworld conference and the second one (for me) in Las Vegas. I went to Orlando 2004 and New Orleans 2005. The 2007 event feels as though it was almost yesterday, so here I am once again. Note: I will update this post with more details and images when I get home. (If someone has a better photograph of me, please send it to me) Photographs at Flickr.
Agenda
Brett Tabke opened proceedings and made the observation that only one third of the sessions could be described as pure SEO. The rest covered affiliate marketing, PPC, social media, and so on.
Shawn Rorick from Cirque du Soleil delivered the keynote address, which covered the changing nature of the Internet, particularly how the Internet was better exploited by Barack Obama than John McCain. He introduced a new phrase, “Halo Media”, which means that users decide when/how/where they will consume media.
Top-Shelf Organic SEO
Bruce Clay, Bill Hunt, Ash Nallawalla, Jill Whalen
moderator: Mark Jackson
Bill Hunt from Global Strategies International spoke about Keyword Relevance via Prominence. Keywords should be placed in prominent parts of each page, such as the Title, Heading and so on.
After making pages relevant, you need quality backlinks from equally relevant sites and the anchor text needs to be keyword-rich.
Ash Nallawalla from Sensis focussed on Content, using the experience of the Yellow Pages® (Australia) site as an example. As with all advertising-based sites, Sensis needs people to look at advertiser content, namely their Yellow Pages listings. A business profile page has relatively little content compared to a regular website, so getting it to rank is not easy. Adding text to each advertiser’s page can’t be accomplished quickly.
Ash outlined several content-based strategies that deliver value to the reader and they can choose to proceed to the listings or not. One trial that has worked well is a home improvement magazine that gets over 700 visits a day, just six weeks since its launch.
Jessica L Bowman, Scott Polk, Aaron Shear, Tony Adam, Alex Schultz
moderator: Lou Ragg
Tony Adam from Yahoo spoke about the practical aspects of being an in-house SEO. He gave practical tips such as:
Knowing who are the stakeholders in your company.
Getting to know your colleagues, their personality types and who can help your agenda.
Knowing what projects are under way and whether you can add SEO value to them.
Ideally, the SEO should be plugged into the company’s strategy map and have several opportunities to contribute. SEO training should be arranged for the entire organisation – obviously tailored to the audience. SEO knowledge can also be imparted through the internal communication channels.
Most important, show your passion for SEO and get colleagues enthused!
Navigating The Complex World of PPC Engines
Christine Churchill, Microsoft Representative, Andrew Beckman
moderator: Melanie Mitchell
The main takeaway for me from Alexander Barbara was that social media sites such as Digg, StumbleUpon, Hugg, Twitter, etc is that their traffic quality varies and they do not convert as well as targeted traffic would. If your business appeals to this audience then it might suit you.
Earning Big Bucks With Social Media Traffic
Vanessa Fox, Michael Gray, Alexander Barbara
moderator: Rand Fishkin
Balancing Income Channels Between Affiliates and Ads
Jim Banks, Jon Kelly, Adam Jewell
moderator: Joe Laratro
Video Search Engine Optimisation
Mark Robertson, Edward Kim, Gregory Markel, Grant Crowell
moderator: Robin Liss
Interactive Site Reviews: Open Call
Kate Morris, Wil Reynolds, Craig Paddock, Guillaume Bouchard
moderator: Gord Hotchkiss
Universal and Personal Search – This Changes Everything
Brian Combs, Greg Boser, Amanda Watlington
moderator: Jake Baillie
Keyword Research, Selection and Optimisation
Ken Jurina, Larry Mersman, Wil Reynolds, Stoney deGeyter
moderator: Christine Churchill
Social Media : The Big Sexy Buzz
Guillaume Bouchard, Kent Schoen, Brian Carter, Warren Whitlock
moderator: Roger B. Dooley
Affiliate Based PPC Issues and Options
Adam Jewell, David Naffziger
moderator: Jon Kelly
Video Engines – New Kids Rocking The Web
Cuong Do, Chase Norlin, Henry Hall, Stephen Baker
moderator: Brett Tabke
Interactive Site Reviews: Focus on Video
Grant Crowell, Gregory Markel, Michael McDonald, Mark Robertson
moderator: Chris Winfield
Organic Keyword Research and Selection
Eric Papczun, Seth Wilde, Craig Paddock, Carolyn Shelby
moderator: Mark Jackson
Landing Page Optimisation
Brad Geddes, Lily Chiu, Kate Morris
moderator: Christine Churchill
Is Social Media & Search a Love Story or a War Story?
David Wallace, Chris Winfield, Liana Evans, Bill Hartzer
moderator: Lawrence Coburn
Your Relationship With The Affiliate Manager
Bob Rains, Shawn Collins, Brook Schaaf, Beth Kirsch
moderator: Lisa Riolo
Video and Multimedia Advertising – Show Me The Money!
Mort Greenberg, Angela Lauria, Bob Bahramipour
moderator: Joseph Morin
Interactive Site Reviews: Focus on Affiliates
Adam Jewell, David Rivero, Elisabeth Archambault
moderator: Jill Whalen
Discover Techniques Used by Enterprise-Level SEOs/SEMs
Marshall D. Simmonds, Bill Hunt, Ash Nallawalla, Scott Polk
moderator: Joe Laratro
Ash Nallawalla from Sensis gave an insight into the corporate SEO’s challenges. Essentially, things happen at a slower pace as corporations become larger.
The website can have millions of pages, so keyword selection is limited to a handful of key terms
There is greater emphasis on site architecture and strategy
Changes can be slow to implement and costly
Many stakeholders have to be consulted
As a bonus, it is easier to get unsolicited links
Web platforms are chosen for many reasons, but seldom SEO.
Web design and site architecture practices might not have taken SEO into account.
The web pages might not contain a lot of text.
Others might not link if you require them to link only in certain ways.
Duplicate content can occur when multinational companies copy the same pages from the parent site, or when content is licensed from a third-party specialist provider.
Ash then presented a case study of the Australian Yellow Pages website where IT resources were limited owing to other competing projects and how good SEO value was extracted. Sometimes the corporate SEO must make do.
Marcelo Silva, General Manager, Outrider Australia
Jonathan Sinton, Strategy Director, Research International
Yury Shar, Director, Hotels Combined
Jim Stewart, Director, StewArtMedia.biz
Nathan Stewart, CEO, Alkemi
Chris Thomas, General Manager, Reseo.com
Lesley White, Head of Digital, Network PR
Susan Zabeti, Director, GroupM Search Australia
My presentation covered the challenges of corporate SEOs. The slide pack should be online at the SER website soon, but in brief I mentioned that large sites have many stakeholders and seemingly “obvious” SEO tactics cannot be executed in a short time-span. Here are my photographs from the event on Flickr.
I got one of those daily unsolicited emails from Indian outsourcing wannabes to my training business address. Of course, it was from a Gmail address from someone called “Leon Dawson” at a company called PR4 Links. My training business is hardly likely to need link outsourcing services, but spammers don’t really care about that.
I am not sure if that came from the company that calls itself PR4 Links Consultants, as they live one postcode away from the spammer. Nevertheless, I should connect the two with one another as the website certainly could do with some more PR love to get it to PR4. Sad to say, it’s only getting a no-follow from this page. 🙁
Google, Microsoft and Yahoo all serve cookies that help (them) to serve you ads that match your search behaviour. This might be OK for some, but it gets annoying when you see irrelevant ads because someone else used your PC. For instance, I often buy stuff from Amazon for others and their website assumes I only buy for myself. So I get prompts about knitted toys, strange music and Harry Potter. You can opt out of Google, Microsoft and Yahoo advertising to some extent.
Opting Out of Google
Google’s home page (the Simple search, not Advanced) has a “Privacy” link at the bottom. Click it. You will be taken to the Privacy Policies page, where you will see a list of Google services. Click Advertising, which will lead you to a page explaining how you can opt out of the Google Content Network. You can also click the image above, as it is linked to the opt-out button. You cannot avoid seeing Google AdWords on Google Search unless you use a third-party ad blocking tool.
Opting Out of the Network Advertising Initiative (NAI) Member Ad Networks
The Google page helpfully links to this organisation, which has a convenient link to the NAI Opt Out Tool, which lets you out of seeing targeted ads. Remember, you will see ads, but not ones the ad servers thinks are relevant to you. I am not sure whether it is better to see random ads or targeted ones. You can choose to opt out of any or all of the following ad networks:
The opt-out process places an “opt-out” cookie on your computer. This opt-out cookie tells the ad network not to collect your non-personally identifiable information in order to tailor their campaigns for your. If you delete, block or otherwise restrict cookies, or if you use a different computer or web browser, or you format your hard drive, you will need to renew your opt-out choices from that PC or browser. The NAI tool serves third-party cookies to achieve its objective and a browser set to High or Medium privacy setting won’t cooperate with the tool.
We should not be surprised by this factoid, but check out hxxp://www.google.com/sitemap.xml (replace xx with tt). It is 4 MB in size. If you thought that it would be a sitemap index file consisting of thousands of sitemaps, you’d be mistaken.
The file is 142,111 lines long, which means there are 35,527 URL entries in it. What are the interesting pages?
http://www.google.com/a/help/intl/en/admins/overview.html looks interesting, but try loading it in your browser and you are taken to http://www.google.com/a/help/intl/en/index.html
http://www.google.com/a/cpanel/domain doesn’t load, but you end up at http://www.google.com/a/cpanel/domain/new. Weird.
http://www.google.com/a/interest leads to http://www.google.com/a/cpanel/interest, which happens to be a 404. Will Google get penalised? Will it lose PR? [I am just parodying forum newbies, relax.]
There are plenty of pages relating to ads – AdWords and AdSense, which is to be expected. The usual corporate pages, April Fool gags, zeitgeist, etc.
Numerous foreign-language versions of its content for its overseas markets.
Numerous university searches, such as http://www.google.com/univ/calpoly – where is Gopher these days?
Only the home page has a priority of 1.0; the rest are all 0.5.
Google also has a robots.txt file, but it doesn’t reference this sitemap.
Yes, a pretty small site, if you took out the non-English content. All fits in a single sitemap.xml file.
More on the theme of stupid or lazy spammers – I often wonder about the spam that is not geo-targeted. I get dire “warnings” allegedly from banks I have never heard of, such as Abbey Bank. Is it run by some monks? I have never sold anything on eBay, but I am often the recipient of “complaints” against me.
Usually the reason for such spam is phishing, where silly little me is supposed to panic and log into what looks like eBay or my bank. I imagine that after supplying my password or PIN, I would get to an error page and I would give up wondering what that was all about. Then some criminal collects all these passwords and drains their owners’ accounts.
Some of these emails carry an attachment that you are supposed to open, thereby infecting your PC with a virus or Trojan. Here is what one contained:
From: Merrill Cormier US Airways [weh@brascabos.com.br]
Attachment: eTicket#1721.zip (133B)
#######################################################################
Panda Antivirus 2007 warning:
The file eTicket#1721.zip [eTicket#1721.exe] was infected by the W32/Nuwar.XR.worm virus and has been disinfected.
#######################################################################
Good day,
Thank you for using our new service “Buy airplane ticket Online” on our website.
Your account has been created:
Your login: blah@<my domain>
Your password: passLI6W
Your credit card has been charged for $459.30.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Kind regards,
Merrill Cormier
US Airways
I know that I don’t fly US Airways and wouldn’t even open the email, but I was in the mood to check the current crop. I suspect that the spammer has never bought an airline ticket online and has no clue what a real confirmation email looks like. Perhaps he is a hapless soul in South Ossetia or Beijing.
The next suspicious item was the attachment – no meaningful document can be 133 bytes, even when zipped. Real world attachments of this kind tend to be PDFs, which don’t shrink much when zipped, so they are sent uncompressed. Had I been a novice user, Panda Antivirus 2007 would have saved me, as the text above confirms.
The attached infection W32/Nuwar@MM is an email spam worm – McAfee has a long and interesting description of its purpose and behaviour at http://vil.nai.com/vil/content/v_140835.htm. The zip file contains an executable file – this assumes the user will double-click it after opening the zip file. This file installs a tiny mail SMTP server on the infected PC. It finds email addresses on this PC and then sends spam to all of them, (which makes it a worm).
Novice users who know other novice users unwittingly help to propagate this nasty worm, as they recognise the apparent sender’s name.
I use Microsoft Outlook 2007 and I viewed the email’s “Options”, which contain the following lines:
Return-path: <abc@brascabos.com.br>
Envelope-to: <my email address>
Delivery-date: Wed, 30 Jul 2008 15:04:15 +0000
Received: from [83.218.133.218] (helo=83-218-133-218.spitfireuk.net)
by .com with esmtp (Exim 4.69)
(envelope-from <abc@brascabos.com.br>)
id 1KODCR-0000nZ-QL
for <my email address>; Wed, 30 Jul 2008 15:04:15 +0000
Received: from [83.218.133.218] by mx.brascabos.com.br; Wed, 30 Jul 2008 15:02:36 +0000
From: “Merrill Cormier” US Airways
To: <my email address>
Subject: E-ticket #4919898619
Date: Wed, 30 Jul 2008 15:02:36 +0000
Message-ID: <01c8f255$4d1dce00$da85da53@abc>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary=”—-=_NextPart_000_000E_01C8F255.4D1DCE00″
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2663
Importance: Normal
X-Spam-Status: No, score=1.1
X-Spam-Score: 11
X-Spam-Bar: +
X-Spam-Flag: NO
The email contents don’t contain the spammy words you see in the “Nigerian” spam emails, so the anti-spam checker at my server was fooled into giving it a low spam score and it got into my Inbox instead of the Outlook Junk E-mail folder.
The Brazilian email address (anonymised here) is probably harvested from a customer of Spitfire ADSL, a UK ISP, which has been allocated the IP address block 83.218.130.0 – 83.218.133.255. Only the ISP would know which of its customers was using that IP address at that time and sent me that email. Even so, we won’t know if the ISP’s customer was the one who passed on the worm or their PC was infected into being a proxy server for yet another infected PC.
I also received a similar disinfected spam email made to look from JetBlue Airways, wherever they might be. Same contents, same worm.
Nothing new here – just a deeper look at the day’s spam.
We all get spam. I get over 200 a day after some more emails are filtered out by spam removal tools at the servers. I rarely open them unless something about its size or subject wording catches my eye. This one did:
This is an enquiry e-mail via http://<one of my sites> from:
Michelle <michelle@keywordspy.com>
I found this great adwords tool KeywordSpy.com . I’m using it and it has really improved my profits. It offers Free trials. – http://www.keywordspy.com/
“Michelle” or whatever his name is (spammers are always male) must be incredibly lazy or incredibly clever. Why on earth would anyone use Keyword Spy when Axandra IBP does a far better job among a host of other great features? I intend to review it soon and have used it since version 8.
Let’s spread some link love to other recipients of the same or similar email:
Blackhat World is a fascinating forum full of discussions supposedly about the black hat side of SEO. It turns out to be more about sharing cracked versions of scripts and programs, backdoors to ebooks without paying for them, links to spam tools, and so on.
You can post links to ebooks, as long as you don’t post the links of products authored by BHW members. I became aware of tools that help spamming, such as GYC Automator, which lets you create “as many Craigslist accounts and also create and manage corresponding Gmail and Yahoo! email accounts.” The marketing literature gushes, “Key to good business is good marketing and for good marketing you have to utilize Craigslist at its maximum. To do so you must post as many as 500 or more ads per day and use at least 500 active email accounts to be able to make this happen. It is difficult and time taking process to create and manage such number of accounts manually, it will keep you busy in creating email accounts and hardly you will get time to post ads.” Poor Craigslist sysadmins – they must have their work cut out for them.
Another hot topic is cookie stuffing, a way to drop, say, your Amazon affiliate cookie on your visitors, so that if they visit Amazon and buy, you get your commission. You may have seen companies that sell you “traffic” to any website of your choice. These are not real human visitors but browsers that open a tiny window on people’s PCs but they never realise they “visited” your site. You can get software to generate such visits – pretty pointless for making money, but they can help to inflate your visitor count for sites such as YouTube or Alexa rankings. If you stuff cookies, you will need this kind of junk traffic, otherwise your affiliate clicks will equal the number of buyers and you’ll be kicked out by the affiliate network.
I also learnt that Alexa’s search crawler does not look at robots.txt, so it knows all pages of a website, including the “thank you” pages that have a link to a purchased file. There is an entire thread full of Google, Yahoo and Alexa search terms that could lead to “free” downloads.