The Latest in IT Security

Some Changes in Continuing .PW Spam


A month ago, we advised people to consider blocking the .PW top level domain (TLD). There is still a lot of spam happening there, but there have been some changes recently. In particular, there are more "normal" TLDs mixed in with the .PW ones.

However, even though the TLD may be normal — like .com — the domain name itself won't necessarily be…

In following one interesting .PW domain last week (, I found a whole nest of spammers inhabiting a dozen IP addresses in the block. Of the top domains they'd used in the preceding days, this was the only .PW one. The highest traffic domains actually looked pretty reasonable: and

A bit further down the list, the spammers got more creative with their domains. My favorites were and

All of these domains tend to lead to "unsubscribe" pages, that look like this:

screenshot of Unsubscribe page

Note that I had just gone to the plain domain URL here, not the unsubscribefinal.php page, and I certainly didn't put in an e-mail address or any other sort of ID code in the process. In other words, I'm extremely sceptical that this page does any sort of unsubscribing, since they display it by default — there's no way they could have actually unsubscribed me. Oh, I'm sure I'll never see any more spam from, but that would be true whether or not I actually tried to unsubscribe — it's just that the spammers aren't going to use that domain ever again.

As a final note of interest, in poking around in our logs a bit more, I was able to find a URL to the image file that was used in the spam from

a look at the spam image (bed bug defense)

There's something richly ironic about one group of blood-sucking parasites (spammers) trying to sell you a defense against another group of blood-sucking parasites (bed bugs). Where's the professional courtesy?


Leave a reply


TUESDAY, MAY 18, 2021

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments