# Possible Hidden Spam Links?



## dioxide45 (Mar 18, 2015)

I was looking at some of the posts for a new registrant. In their post on the BBS, there are no visible links. However when you click on the users name and "Find more posts by user", the search results show a link to an external website in their posts. Any idea what is going on here? Why don't they show up in the actual post but do in the search results. I tried copy pasting thinking perhaps they formatted the text to match the background color, but that doesn't appear to be the case.


----------



## DeniseM (Mar 18, 2015)

Good catch!  He has been banned.


----------



## GrayFal (Mar 18, 2015)

dioxide45 said:


> I was looking at some of the posts for a new registrant. In their post on the BBS, there are no visible links. However when you click on the users name and "Find more posts by user", the search results show a link to an external website in their posts. Any idea what is going on here? Why don't they show up in the actual post but do in the search results. I tried copy pasting thinking perhaps they formatted the text to match the background color, but that doesn't appear to be the case.



That is definitely weird.


----------



## dioxide45 (Mar 18, 2015)

DeniseM said:


> Good catch!  He has been banned.



That is good, though not necessarily my intent. I understand why they are doing it, trying to increase their search engine rankings. However, I am curious as to the how. Is there some flaw in the vBulletin software that they are exploiting? It is odd that you can't see the link in their post, but you can when you search and view all the posts by that user.



GrayFal said:


> That is definitely weird.



It is weird indeed.


----------



## DeniseM (Mar 18, 2015)

I can't tell you exactly what it is, but it's a PNG image, and it's only 1x1 pixels.  I've seen these on TUG before - but I can't see them unless I click the edit button.


----------



## SMHarman (Mar 18, 2015)

1x1 transparent images are a tracking method. 
Constant contact and similar use them to flag who opened emails sent by their software.

This was in the footer of an email I got this morning. 

This email communication makes use of a "Clear Image" (gif) to track the results of the email campaign. If you wish to turn off this tracking for future emails, you can do so by turning off the images in the


----------



## dioxide45 (Mar 27, 2015)

I saw a couple more posts today from a PC that couldn't see the images, so there were just broken images. I suspect if the images were there, they would be invisible? Though those posts appear to have been deleted?


----------



## SueDonJ (Mar 28, 2015)

dioxide45 said:


> I saw a couple more posts today from a PC that couldn't see the images, so there were just broken images. I suspect if the images were there, they would be invisible? Though those posts appear to have been deleted?



If we're talking about the same ones, yesterday I banned a new poster and deleted his/her three posts with the same hidden link attached.  They were generic comments followed by the icon for a small blue box with a question mark in it; clicking "edit" brought up the web address for an obviously-spam site.  

I have no idea how it all works but I've seen this sort of thing on TUG before, and banned/deleted those the same way.


----------



## MichaelColey (Apr 1, 2015)

I've seen similar things (and much more) on a forum where I'm a moderator.  The spammers get pretty creative, hiding their spam.

Moderators get pretty good at spotting it, even when it's not "visible".


----------



## DeniseM (Apr 1, 2015)

The BEST action to take on a questionable post is to click on the red triangle and report it.  (Although the discussion here is also interesting and helpful.)

(Hi Michael - nice to see you back on TUG!   )


----------

