Fight spamblogs, sites and malicious code

A few days ago I encountered a few links that led to sites distributing malicious code. Luckily my Firefox is protected with NoScript , a cool and versatile firefox plugin to simply disable javascript, or parts of it.

Besides protecting oneself, one could decide to report the misbehaves. It’s quite an easy and fun process, which I will explain now.

If the site tries to install malicious code, we may report it to Google. Google tries to protect it’s users from malicious sites, by removing their links from the search results. To do this, Google provides an easy form where we can write down the websites URL.

If you want to go a step further, you could try to ask the service provider to take down the site. This is the most rewarding part. Malicious sites are often hosted in so called shared environments, on a server hosting many different sites. The company maintaining these servers will most definitely not appreciate that one of his clients is abusing the service by distributing malware or spam. A simple mail will get his attention and swift action.

To contact him, we need his e-mail. Almost every service provider maintains a so called “abuse” address where you can report abuse. To find that address, you first need to discover what server the malicious site is running on. You can do that by pinging the address, or to query a whois database. Domaintools is a good whois server to start. Fill in the domain of the offending site, and it will give you the IP address of the server (yellow rectangle in picture 1). Click on the little W (Whois) besides the IP address. Another page opens (picture 2) giving you all the information about the server running the malicious site. Find the abuse address (yellow rectangle) or any address that could lead to the server admin.

If you have all that, launch your mail client and report the offending website. Include IP number of the server(s), the domain name, the full URL address to the offending website, a brief explanation of what’s going on and of course your friendly thanks. Always be polite.. The ISP is your friend.

If lucky next hour or day the offending site will be offline. 😛

Leave a Comment