Remember when Dropbox was breached over the summer and users received spam to their Dropbox email addresses? On Thursday another breach apparently sent even more spam to many of those same addresses.

The user emails are used specifically for the cloud storage service and the breach is rumored to have begun two day ago.

Several Dropbox users say the spam they are receiving appears to be coming from fake PayPal email addresses.

While it appears that the addresses could have been obtained by Dropbox itself, the company has not confirmed the type of breach experienced. Concerns are being raised over the potential breach of customer passwords and user files.

At this time Dropbox says it believes the email addresses were obtained over the summer and that a new breach has not been discovered at this time. read more

Commenting is often an important part of being visible on the internet. Doesn’t matter if you’re trying to build a popular blog or a profitable online business, you still need to find a way to get people back to your site or blog.

There are many techniques to do that, some work better for bloggers, and some for online business owners. Even though the goals are different, commenting can boost your popularity and expertise in general if you do it often enough.

However, only because you’re doing something often doesn’t make you good at it. And when it comes to commenting, there’s one important thing everyone should focus on … that is not looking like a spammer.

This may sound obvious to you. I mean, you’re probably not a spammer and you only submit comments when you actually have something to say, so you might think that this post doesn’t concern you. However, are you 100% sure? read more

Despite the fact that blog platforms like Blogger and WordPress are moving away from CAPTCHA’s (aka those silly puzzles that verify whether you’re human), it looks like one company is trying to make CAPTCHA’s cool again by helping bloggers profit off of every word typed.

ADSCAPTCHA’s™ innovative Pay Per Type™ platform creates profits from CAPTCHA technology. Instead of paying for CAPTCHAs, website owners and developers can make money from every ADSCAPTCHA™ that is typed in full. That’s 280,000,000 opportunities – and counting – every day. [...]

The ADSCAPTCHA™ model links advertisers, website owners and web developers so that everyone benefits. Website owners & developers get high-level internet security and a share of advertising revenues. Advertisers gain the most powerful marketing tool available today, customized to their targeted audience and budget. The ADSCAPTCHA™ experience for the user is more fun and more meaningful than standard CAPTCHAs, which means it is a powerful opportunity to “capture” the target audience.  (ADSCAPTCHA.com)

Although ADSCAPTCHA is not the first to envision merging word puzzles with ads (as Confident Technologies is also attempting to do this), they probably will not be the last which means that bloggers will soon be arguing whether CAPTCHA’s are still relevant (now that there is money on the table).

Since there seems to be a loyal fan base devoted to CAPTCHA’s (note: I use to be one until I encountered Akismet by WordPress), here are a few reasons why bloggers should (and should not) use CAPTCHA ads for their blogs. read more

With Apple’s new iTunes-based social network Ping skyrocketing past 1 million users in its first two days, it was perhaps inevitable that it come strongly across the radar of hackers, spammers, and scammers. In fact, it took less than 24 hours for the first wave to spam to appear. Now the same problems that have long plagued other popular networks like Facebook and Twitter have taken root in Ping.

The million dollar question is: how effectively, and quickly, can Apple not only eradicate existing spam, but prevent future spam from occurring?

According to eSecurity Planet, Bradley Anstis of M86 Security suggests Apple could begin by effectively disabling links in comments, since comments are the offending medium. “It would be too much to manage comment approvals, but implementing some form of automation to strip out links from comments is a good starting point,” he said. read more

With nefarious spam on the rise throughout the blogosphere (both human and inhuman), it looks like Posterous has finally given users the ability to moderate comments upon their blogs.

If you want to prevent comments from appearing on your site without your approval on your Posterous blog — now you can. You’ll get an email whenever a comment gets posted to your blog, and it’ll be up to you whether that comment gets approved or rejected. You can turn this setting on for each of your sites individually.

You can either approve or reject the comment directly on the post, or go to your Manage page and click Moderate now. (Official Posterous Blog) read more

With human flavored spam on the rise, Ning is launching 3 weapons to help members fight the good fight and keep those “enhancement” products off of their respective forums and blogs.

While Ning is sadly adopting the use of CAPTCHA’s (a tool that no longer works thanks to nefarious spam bots and human spammers), as well as email verification (which can land in the spam folder), their “Twilight quizzes” may help thwart spammers (whether virtual or in the flesh). read more

While bloggers may have won the war against spam bots via plugins like Akismet, WP-SpamFree and Sabre (not to mention a whole list of Movabletype plugins), it looks like these evil “promotional” companies have switched tactics by hiring desperate humans to promote their silly products (via Read Write Web).

(Official Akismet Blog) Human-posted spam has been on the rise for some time. Low-paid workers are hired by “SEO” firms to post comments on blogs and forums, advertising their clients’ web sites (typically small local businesses). The workers generally operate out of internet cafes and universities, particularly in India, South-East Asia, and Turkey. The quality of comments varies, with the best written spam usually coming from SE Asia. There are now sophisticated marketplaces set up specifically for hiring manual workers to do this kind of spam.

When it comes thwarting spammers, human spam is the most difficult to block, due to the fact that half the time their comments will be on topic. read more

Since some days a rather nasty hack has been going round in the WordPress community. I actually noticed it myself not that long when I googled for ‘Chris Pearson‘ and what I saw in the results was… shall we say ‘interesting’?

Prozac, Levitra, Lexapro? Had Chris sold the ‘Best Damn Blog on the Planet’, AKA Pearsonified? I went to check out Chris’ blog but no. No Prozac, Levitra or anything else of suspicious nature to be found there. Just your regular well-tuned Pearson content. I even looked in the source code and a quick search for known brands ended empty. I left again, having long forgotten already why I googled Chris in the first place.

Now it seems though that this hack is making the rounds and becoming more and more popular. Leland Fiegel from Themelab first reported about it on first reported about it on the Themelab blog, more than a month ago already. Afterwards the issue was covered over at the WP Tavern forums but no solution has been found so far. Even the WordPress Lead Developer, Mark Jaquith, is left clueless and hopes to solve the issue ASAP. read more

In a ruling that’s more about a point of principle than money, a California judge has ordered “Spam King” Sanford Wallace to pay Facebook $711m in damages for the reams of spam messages sent via the service.

What made these messages particularly insidious is that they were sent from hacked accounts, attaching a superficial level of trust because they appeared to come from friends.

Wallace and his associates were also banned from accessing Facebook, though given how devious spammers and hackers can be, this would seem to be a difficult ruling to enforce. read more

Google have acquired reCAPTCHA, the CAPTCHA spam stopping service that gives you a visual presentation of words scanned out of public domained books. You know the kind, that nasty image where you have to struggle to read the letters you have to input in a field to validate that you aren’t a spam bot. I like reCAPTCHA and use them when CAPTCHA functionality is needed, a necessary evil sometimes, but no universal solution nonetheless.

Maybe Google can make it work even better? After all, they have a huge amount of content to pull from thanks to Google Books, maybe that can help? Personally I doubt it, Google hints to why they are in fact buying reCAPTCHA in the announcement post (bold added by yours truly):

So we’ll be applying the technology within Google not only to increase fraud and spam protection for Google products but also to improve our books and newspaper scanning process.

That being said, I remain slightly optimistic that Google can make reCAPTCHA a better solution when a CAPTCHA is needed.