How Spaces.Live.com encourages spamming

We analyzed the spam presented in the post called Colorful Spam twist for bypassing Spamfilters and ended the post with the information that the target page is hosted on the spaces.live.com. Of course, as we always do in such cases, we wanted to report several URLs to the Abuse team at live.com. We searched on the page and
In the footer of each page hosted there, there are some options and one of them is “Report abuse” – http://support.live.com/default.aspx?productKey=wlspacesabuse .
However, once we tried to report the URLs hosting the meds advertisements, we started to feel that Live.com tries to do everything as complicated as possible for the reporter. So, the first thing which hit us that we had to provide full identification information and a valid email address.

livecom1

I can’t understand why would Live.com need this information, since I only want to report something.
The most frustrating thing on this part of the page is the fact that I have to write the email address or the member ID associated with the blog I want to report. Hello, Microsoft, are you kidding ? How could I possibly know this? I think that only the spammer knows it.
The next thing would be the URL we want to report. This is also pretty ugly because I have to report one URL at the time. So, who has nothing to do can fill the entire form for each URL he wants to report. Of course nobody would report more than one URL once.
livecom2

But this is nothing compared to the “Type of Abuse”. It seems that Live.com is only interested in “Child Abuse image”, “Nudity”, “Harassment or threat”, “Copyright violation”, “Profanity” and … “Other”. No Spam category, so I can only go with “Other” …

typeofabuse

The next step is “Location of Abuse” where I can choose one of the “Blog Images”, “Notes”, “Photo Tag”, “About me”, “Web activities”, “Comments”. I have no idea what to choose here because I want to report the entire post. I chose “Blog Images” because there is also an image with the meds advertised.

We have to paste here the exact URL of the blog entry. No problem …

livecom3

Conclusion:

Microsoft, which is behind Live.com prove that they have absolutely no idea how to investigate and bring down fraud blogs like these, used to advertise fake meds.
Moreover, they do not have an easy way, in a form of a button somewhere in a corner, to report the blog to an Abuse Team (as Google’s Blogspot.com has) but they ask all kind of useless information.
Live.com doesn’t actually want to receive such “easy” reports from the users. To make sure that they do not receive such reports they are making the report process so complicated that it is impossible to report something.

And, just for the record, I did submit it in the end. Let’s see what happens next.
livecom4


© Copyright 2009 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch