Joe Wein
Fighting spam and scams
on the Internet

Home / Blog / About us
Spam
419/Nigeria
Online fraud
jwSpamSpy
Contact

Email Spam Filter:
jwSpamSpy
Try it for free!

Google
 

Link exchange offer spam

The growing importance of search engines has given rise to a new type of spam: Link exchange offer spam. If you own a site listed by search engines, sooner or later you will end up getting offers to trade links with largely unrelated sites you probably never heard of before.

The value of a website to its owner is based on how many vistors access its content. These days, unless you are a big brand name such as Yahoo, Microsoft or Google or anyone with a large non-internet presence, the stream of visitors to your site is largely determined by search engine results. Visitors consult Google or another service about certain keywords and whatever that search engine happens to come up with will be amongst the most frequently visited sites for those particular terms.

Users judge search engines by the relevance of the hits they present first. If a search engine wants to succeed (as Google did), it needs to be able to judge relevancy. One good way of doing so is by taking into account the human factor: How many other Internet users have linked to that page yet? The more links to a site and the "better" the ranking of those sites, the better the ranking of the linked site will be too. So to get good ranking, there are two ways:

  • You create a good site with interesting content that you maintain and update and people will link to you on their own.
  • You take a shortcut and ask others to trade links, whether your site is relevant to their vistors or not.

While link exchanges are nothing new, these days website owners often use harvesting software to extract contact email addresses from highly ranked pages found on Google or in web directories (DMOZ). They then spam those webmasters using bulk email software to offer link swaps. Here are some examples of such link swap offers.

The following example received on 11-June-2004 (left hand side) looks like a well-written letter, but I found it curious because it seemed almost too well written, better than what most people could come up with... A quick Google-search found a remarkably similar request for a link to a totally different website in some guestbook on the WWW, posted on 2-August-2003 by a totally different person. Compare for yourself:
Dear Webmaster,

My name is Irene Holm, and I'm one of the owners of Grateful Hippie. I wanted to let you know that I've just placed a link to taima.org.

You can find the link to your site here: http://links.gratefulhippie.com/hemp.htm

I've used this text to link to your site:
title line of homepage of contacted site

This is the description I've used for your site:
slight variation of title line

Let me know if you want to change the description of your site.

I really liked your site :) So, I thought why not add it?

At my site http://gratefulhippie.com we mostly sell incense and oils. But we wanted to have links to other products of interest to our visitors.

Anyway I would really appreciate it if you could give me a heads up if you move or change link locations, or if you post any new material that you think my visitors would be interested in.

A link back to my site would also be nice. :-) If you link back to me, I'll put your site at the top of its category and I'll mark it with a
special "TIP" image.

Again, awesome site!

Sincerely,

Chris & Irene Holm
gratefulhippie.com
Hello,

My name is Robert Dharmabudi, and I'm the owner of Bali Paintings Art Gallery. I wanted to let you know that I've just placed a link to jasonbeale.com.

Thanks for putting such a useful site on the Web! I would really appreciate it if you could give me a heads up if you move or change link locations, or if you post any new material that you think my visitors would be interested in. A link back to my site would also be nice. :-)

Bali Oil Paintings and Acrylic Fine Art Gallery - offers oil paintings and acrylic fine art including abstract, classical, wildlife and floral, people, and traditional themes.

Again, thank you very much for your great web site.

Sincerely,
Robert Dharmabudi

I found the identical passages too much of a coincidence and so I googled some more. I came across a page that provided the template for both of these, as well as instructions on how to proceed. Here is it:

http://www.svend.com/page-rank-explained.html:

So... now that you know a bit more about this... what can you do to get a better page rank (ie link popularity). Well, you could hire me to do it for you, but the cost would be surely higher than you would want to pay! :) - My suggestion is to write web masters & contact people at web sites that would be a good match for you, and send them an email something like this:

Hello owner/webmaster,

My name is _________, and I am the Internet marketing director of ________.

The importance of building solid link exchange partners can not be stressed enough these days, it is the key to higher page ranking on many top search engines! I wanted to let you know that I will be placing a link on
http://www.synthium.net/ to your site: www.svend.com

You can find the link to your site here:
http://www.yourdomain.com/links/

link text: Svend Design: web design, SEO - search engine optimization, logo design, graphic design, web hosting, ecommerce and shopping carts (an example)

Depending on your websites exact category I could place it elsewhere thats more appropriate for it.

Let me know what you would like for a description of your site. Your site is a useful and favorable resource on the Web! I would really appreciate it if you could give me a heads up if you move or change link locations, or if you post any new material that you think my visitors would be
interested in.

A link back to my site would also be nice. :-) If you link back to me, I'll place your site up fast and accurately for its category.

Here is our linking data:

<a href="http://www.his-domain" target="_blank">Vancouver Web Design, Web
Site Designer, Vancouver Internet Marketing</a><br>
-Synthium Design Studio, a Vancouver Web Design firm. We create professional
web sites, graphics, logos, Ecommerce solutions. Internet marketing experts!

Thanks in advance

Sincerely,

Your Name Here
Company Name.

Something like that... If you make it a part of your week to do this often, you will start to build a good page rank for your web site which will go hand in hand with search engine optimization.

You will find plenty of hits looking for people who have followed this advice:
https://www.google.com/search?q=%22heads+up+if+you+move+or+change+link+locations%22&lr=&ie=UTF-8&filter=0

The following two spams are more conventional and quite typical. The product being advertised had no connection whatsoever to the site being asked for a link exchange:

krakow-hotels.net:

Return-Path: <peter@krakow-hotels.net>
Received: from relay.inway.cz ([212.24.128.3]) by #####.#####.net
          (Post.Office MTA v3.5.3 release 223 ID# 0-58414U4500L450S0V35)
          with ESMTP id net for <myemailaddress>;
          Tue, 30 Mar 2004 09:25:22 -0800
Received: from localhost (localhost [127.0.0.1])
          by relay.inway.cz (Postfix) with ESMTP id 42FA6A5CD5
          for <myemailaddress>; Tue, 30 Mar 2004 19:27:42 +0200 (CEST)
Received: from jan2 (unknown [213.151.94.198])
          by relay.inway.cz (Postfix) with SMTP id E0F56A5D11
          for <myemailaddress>; Tue, 30 Mar 2004 19:27:41 +0200 (CEST)
From: "Peter Chagai" <peter@krakow-hotels.net>
To: <myemailaddress>
Subject: Jamaica gleaner
Date: Tue, 30 Mar 2004 19:27:37 +0200
Message-ID: <GGEOKEPNICIEHHHAOGCAKEMKDNAA.peter@krakow-hotels.net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Importance: Normal

Hello,

We offer accommodation services and I thought you might be interested 
in link exchange. We provide several travel-related sites, one of them is

http://www.prague-hotel.co.uk

Due to the possible harming nature of too many reciprocal links we 
suggest non reciprocal links. You can link to us from your site and we
will link back from another of our sites.


I look forward to hearing from you soon.

Best Regards,
Peter
peter@krakow-hotels.net
http://www.krakow-hotels.net

changing-winds.com:

Return-Path: <partnership@sbc-global.net>
Received: from tera ([208.191.0.239]) by our.mail.server
          (Post.Office MTA v3.5.3 release 223 ID# 0-58414U4500L450S0V35)
          with ESMTP id net for <ourmailbox>;
          Sat, 6 Mar 2004 19:19:39 -0800
Received: from home8 ([66.141.73.123]) by tera
 with Microsoft SMTPSVC(5.0.2195.6713);
	 Sat, 6 Mar 2004 21:21:57 -0600
To: ourmailbox
From: partnership@sbc-global.net
Date: Sat, 6 Mar 2004 21:21:29 -0600
Subject: Changing Winds Partnership
Return-Path: partnership@sbc-global.net
Message-ID: <TERAX47sFoai8XKPl5G00000ab0@tera>
X-OriginalArrivalTime: 07 Mar 2004 03:21:57.0437 (UTC) FILETIME=[58C3A6D0:01C403F3]

Hello,

Would you be interested in exchanging links between our sites?

I noticed that your site is the type of quality web-site containing travel related 
information or consumer services that we would be interested in linking to.

If you are interested, please reply to this email and I will be happy to discuss 
our link exchange requirements.

Wishing you a great day and hope to hear from you soon.

Steve

http://www.changing-winds.com


international-money-transfers.com
This link exchange spam was somewhat unusual, in that the spammers posed as university students doing a project:

DATE: 2 February 2005
SUBJECT: www.joewein.de/sw/spam-fraud-paypal.htm (Link Request For 
Study Project)
FROM: Richard and Suzanna BSC Rhodes University

To whom it may concern

We are a group of students from Rhodes University who have set up a 
forum to talk about payment services on the internet. Our forum will be 
a place for users to post remarks, praise or yell at the various 
services they have used as well as to recommend these services to other 
users.

Your site has been identified as recommending your users to use Western 
Union as a payment option. Would you be willing to direct your users to 
us using the following banner?

http://www.international-money-transfers.com/images/payments-banner-wu.gif

and from your site.

(alternativly a text link would suffice:

TITLE: International Money Transfers Forum
DESCRIPTION: Talk about International Money Transfers and Wire Transfer 
Services.
LINK: 
http://international-money-transfers.com/wire-transfer-service/index.php

This will be a place for them to voice their opinion on the Western 
Union Service.

In return you are free to post in our partner forum a short or a long 
blurb about your business. You are even welcome to refer your customers 
to this page to post their praises about your excellent service!

Your help would be greatly appreciated in our study.

Regards

Richard and Suzanna
BSC students
info@international-money-transfers.com

This message was not sent to the email address listed on my contact page but to an address I mention somewhere on my website that no human would find. Only an address harvesting spider would come across it. Automated address harvesting of websites is a US federal felony under the CAN SPAM ACT of 2003.

If you look at the page on my site mentioned, it talks about how Western Union is used in online fraud. It doesn't seem like whoever sent this email had personally visited the site. More likely they had done an automated Google search for the highest ranking sites mentioning Western Union and then spidered those sites for contact infomration. By getting high-ranking sites mentioning this term to link to the spammers' brand new site (created 2005-01-28, about two weeks ago), they are hoping to get a high ranking for themselves for this term.

The domain doesn't look like a university project. It's registered to a company on the British Virgin Island, not to anyone called "Richard" or "Suzanna".

Here are message headers:

Received: from [66.232.22.11] (helo=mail.whsecure.net)
	by mxeu9.kundenserver.de with ESMTP (Nemesis),
	id 0MKt64-1Cyn0R13TE-0001k5; Wed, 09 Feb 2005 09:15:27 +0100
Received: (qmail 4227 invoked by uid 399); 9 Feb 2005 08:15:25 -0000
Received: from unknown (HELO BENNIE-HILL) (217.44.179.38)
  by mail.whsecure.net with SMTP; 9 Feb 2005 08:15:25 -0000
From: "Richard" <info@international-money-transfers.com>
Subject: Please Link to our Money Transfer Talk Forum
To: "Spamtrap" <spamtrap@domain>
Date: Wed, 9 Feb 2005 08:15:25 +0000
Message-ID: <0MKt64-1Cyn0R13TE-0001k5@mxeu9.kundenserver.de>

Registrar Name....: Register.com
Registrar Whois...: whois.register.com
Registrar Homepage: http://www.register.com

Domain Name: international-money-transfers.com

   Created on..............: 28 Jan 2005 15:13:00
   Expires on..............: 28 Jan 2007 15:13:00

Administrative Info:
   Five Beans Limited
   Brendan Nash
   24 De Castro Street,Wickhams Cay,
   Road Town, Tortola, TO BVI
   IO
   Phone: +246.447786195350
   Fax..: +442079003407
   Email: brendan@southeaster.com

Billing Info:
   Five Beans Limited
   Brendan Nash
   24 De Castro Street,Wickhams Cay,
   Road Town, Tortola, TO BVI
   IO
   Phone: +246.447786195350
   Fax..: +442079003407
   Email: brendan@southeaster.com

Technical Info:
   Five Beans Limited
   Brendan Nash
   24 De Castro Street,Wickhams Cay,
   Road Town, Tortola, TO BVI
   IO
   Phone: +246.447786195350
   Fax..: +442079003407
   Email: brendan@southeaster.com

Registrant Info:
   Five Beans Limited
   Brendan Nash
   24 De Castro Street,Wickhams Cay,
   Road Town, Tortola, TO BVI
   IO
   Phone: +246.447786195350
   Fax..: +442079003407
   Email: brendan@southeaster.com

Status: Locked

Domain servers in listed order:

    ns1.bigbighosting.com
    ns2.bigbighosting.com


Link exchange spam from "fraudwatchernetwork.com"

The following link exchange spam is from what claims to be an anti-fraud site. However, it's mostly a catcher site for search engines in order to sell ads. Some of sites listed on the "fake rolex" page of this supposedly anti-fraud site are sites selling counterfeit goods. Text on site has been directly lifted from other sites that document online scams. Email address webmaster@joewein.de is not listed as a valid contact address on our contact page. This person never bothered to visit our website, he probably produced this spam using only software.

From: "Webmaster fraudwatchernetwork.com" <webmaster@fraudwatchernetwork.com>
To: <webmaster@joewein.de>
Sent: Wednesday, 20 July, 2005 17:25
Subject: Link exchange request

Hello,
I have found your website joewein.de by searching Google for "fake rolex". I think our websites has a similar theme, so I have already added your link to my website.

You can find your link here:
http://www.fraudwatchernetwork.com/news/fake-rolex.html

Your link: https://www.joewein.net/spam/spam-replica-watches.htm
Your link title: Spam: Replica Watches

I would like you to add our link to your website too.
Our link: http://www.fraudwatchernetwork.com/news/fake-rolex.html
Our link title: Fraudwatchernetwork.com | Fake Rolex
Description: Internet Fraud, Mail Fraud, Credit Card Fraud, Phishing, Phone Fraud

You can approve and modify your listing anytime by clicking link below:
http://www.fraudwatchernetwork.com/approve.php?key=0aa89d0803
If you will not approve your listing in 10 days, link will be automatically removed.


Why it is important to exchange links?
- more links will increase your website popularity
- more links will increase your PageRank
- The more links you have - the more your website is important to search engines
- The more your website is important to search engines - the more visitors you get
- More visitors increase your sales and your website will become more popular

Why it is important to exchange links with us?
- Our website has similar theme like yours
- Our website gets more that 3000 visitors every day (your website may receive some free visitors from our website too)
- Our website has quality content
- Our website is hosted on dedicated IP
- Our website has a lot incoming links from other similar themed domains

I wish you the best with your project and believe this link exchange can be useful for our websites by seeking better search engine ranking. If you have any questions, do not hesitate, contact me.

Jeff P.
webmaster@fraudwatchernetwork.com


These two link exchange spams, one to us, the other to a mailing list, were obviously fabricated using the same cookie-cutter spamtool. See this blog for more information about teh company behind this link exchange spam.

Leida Christain (links@bustem.com)

From: "Leida Christain" <links@bustem.com>
To: <joewein@pobox.com>
Sent: Monday, May 07, 2007 15:24
Subject: Wanna Swap Links

Hi,H
I've been working extremely hard on my friend's website bustem.com and if you like what we've done, a link from https://joewein.net/spam/index.htm would be greatly appreciated. If you are interested in a link exchange please send us:
1.) the URL of where our link is on your site
2.) where on our site you would like your link placed.
Here's the HTML code for the link:
Learn all about <a href="http://www.bustem.com/viruses-spam.html">viruses & spam</a> at bustem.com.
Thank you we greatly appreciate the help! If you have any questions please let me know!

Respectfully,
Leida Christain

I apologize if this message was sent, in error, to the wrong person.

Dine City (links@dinecity.com)

From: Dine City <links@dinecity.com>
To: gnome-announce-list gnome org
Subject: A little website help?
Date: Tue, 29 Aug 2006 02:31:52 -0500

Hi,

I've been working extremely hard on my friend's website dinecity.com and if you like what we've done, a link from http://mail.gnome.org/archives/metacity-devel-list/2006-July/msg00020.html would be greatly appreciated. If you are interested in a link exchange please send us the URL of where our link is on your site.

Here's the HTML code for the link:

Learn the ins and outs of <a href="">Dining</a> on the town with dinecity.com

Thank you we greatly appreciate the help! If you have any questions please let me know!

Respectfully,

Tim Anderson