BlogPress SEO is in Defence Mode

Looks like Joost is getting to the BlogPress SEO folks. In the latest blog post by BlogPress SEO’s creator, we receive this nugget of comedy:

Why don’t big guys like BlogPress SEO?

I would come up with a very small and sweet explanation on why big Sites and Big guys don’t like BlogPress SEO?

The simple reason – they are scared!

Explanation: How many times it has happened with you write an original article and a site which has copied your article ranks on top of your site on Google? Well this is the power of backlinks and site authority. So its just a matter or backlinks – trust me. Now if you can over come that you can easily beat the **** out of Google’s algorithm… -Saurabh Nagar

Well, he couldn’t be talking about me, I don’t consider myself to be part of the supposed “big Sites and Big guys”. I do know why Joost does not like this plugin, and I agree with his justification. Let’s just say I am not trembling with fear of this plugin. Likewise, I’m sure Joost is not scared. I have no reason to be afraid of a plugin that will get you blacklisted from Google’s index and hands your blog over to Saurabh on a silver platter.

Due to the actions of the BlogPress SEO team, I can never, and will never recommend that plugin. It is malware, written by people who clearly have malicious intents. Their lack of explanation or admitting to writing the backdoor demonstrates this. Instead, they spin, spin, spin more than a politician.

Continue reading

BlogPress SEO is at it Again

The fine folks that brought you BlogPress SEO are offering subscriptions for their product, or something along those lines. They are charging $97.00 a month for a single site subscription, and $597.00 a month for a 100 domain subscription. So now they are charging you and installing a backdoor in your site. But wait, there’s more. Who ever updated the page neglected to remove the download link or API key generator.

Continue reading

BlogPress SEO Aftermath?

While I was catching some much needed rest after WordCamp MSP, Joost de Valk did something cleaver. He setup a BlogPress SEO plugin on The initial release consists of just a readme.txt and a php file with only the plugin comment header, no actual code. Since he set this release as 2.0, all users of the malicious 1.1 and 1.2 versions will receive “Plugin update is available” notices.

Continue reading

BlogPress SEO is Malware

As with most scamming attempts, it all started with an email—which I ignored when I received it on Wednesday. It made claims of terrific SEO improvements using backlinks—yeah right. I do not use SEO enhancement plugins (other than Google XML sitemaps), and never plan on doing so. Anyways, the sender’s name as Saurabh, and his message was as follows:

Hello, My name is Saurabh, and I am here to offer you a unique wordpress plugin which will get you 100’s of backlinks like crazy. The plugin is 100% free and I can also offer installation help. Why backlinks are important for getting traffic. This is how the plugin works Thanks

Continue reading

TCF Bank Account Phishing Redux

Last Tuesday, October 19th, another mass email went out to University of Minnesota students attempting to trick gullible students into giving up their TCF bank online login credentials. This is the second of such I have received in the past two months. This time the message was about the same, pointing to a different compromised site. As before, I am posting the message for the world to see.

Dear TCF Bank Customer,

We have noticed unusual activity in some of our customers accounts and 3rd-party access to Online Banking. Because our customers security is our main priority, we request you to verify your account and confirm you are the owner. Validating your account will require about 3 minutes of your time.

To access the activation form click on the following link:

Click here to access your account

Once you have verified and confirmed your account, you can continue using our services as usual.

Elizabeth G. Hayes,
Security Executive,
TCF Bank.

Do people actually fall for this? While it is not verbatim of the previous attempt, it is very similar (to the point anti spam filters should have blocked it). By the time I actually read the email, the compromised site was already cleaned up. There has been an improvement since the last mass phishing attempt, the “U” now provides spam assassin for the central email accounts, you just have to enable it.

And, just a side thought here, why do we still allow BCC to exist in its current form? If we automatically trashed all BCCs from an external network (or not from our address book/contacts list, or from a pre approved sender list), spam like this would have one less avenue to reach our inboxes.

-John Havlik

[end of transmission, stay tuned]