Plan B – Tackling Malware and Internet Spam

Hot-links, Malware, Copyright Infringement and More:

This is not the post that I scheduled to write this morning.  That was Plan A – I should be posting a lovely halloween chocolate giveaway!   This post is all because a fellow blogger – Scottish Mum, posted her own succinct findings on how she discovered that photos of her kids had been hot-linked to undesirable sites.

She included the commands that we could all use to check our sites.  And curiosity got the better of me, I went off to discover if my site had any of those nasty hot-links.

Perhaps I shouldn’t have done so because the result was I spent almost the entire day yesterday removing images which will now have to be renamed and reloaded.  So far around 150 images in a file.  Of course not all hot-links are malicious, some were from fellow bloggers and I’ve left those in place.  But, there were plenty of apparently innocuous links which ultimately could damage my site.

Just Some of my hotlinked images

For example, one which claims to be a picture pinning site is actually a way to promote picture theft.  If you find your thumbnail  images there and click on any of them it will try to get you to install their own picture cropping software.  I left before I saw whether or not my own image ever appeared as more than a thumbnail – I suspect not, but frankly I don’t want to take the risk of installing some unknown software which probably contains malware on my PC.

Another redirected straight to a very dubious site (from my photo of some indian spices!)

Then there was the one that claimed to be selling my photo and wanted me to click to download my own picture.  I DID click on that and thankfully my PC virus alerts kicked in!


Site with Malware

Why does it matter?

  • Firstly, Google Image Seach is increasingly popular.  Do you really want people to find  that your photos install malware on their PC.
  • Secondly, if someone clicks on an image that looks like yours (and some of these sites DO credit back to your own site with a text link), but instead of going back to your site actually ends up with a trojan, it is YOUR site’s reputation that will be damaged.
  • Thirdly, some people believe that third party hotlinks from sites with a negative reputation will affect your own indexing and ranking with Google.
  • Finally It’s perfectly possible that your image of your kids, yummy chocolate cake or holiday snap will end up being ranked for the hotlink site rather than for your own site.

I found 17 domains that were linking back to my site without permission and with some kind of download of malware or redirect.  They were NOT called by names that would have made me suspicious – some of them appeared to be doing me a favour by linking.  And yes, in the short term I might lose links which make my site look as if it is doing well.  But just as buying links can damage your blog, so can this type of linking.

What to do?

  • I’ve temporarily removed the images.  To do that, I’ve had to search through the media file on my blog.  Deleting the image from the blog post does not delete the image URL, it will still be there and would still be linked to my domain. Some of them repopulated almost instantly – they appear to have image scrapers that replace images which have been removed with new ones.
  • My techie friend has installed a few lines of code to block the sites from accessing London-Unattached at all.  We are hoping that will work.  If you host with a third party, ask them if they have a way to block malware sites.
  • I’ve reported most of the domains directly to Google.  I have no idea if that will have any result at all but I live in hope.
  • I’m planning on checking back regularly – at the moment I am rather neurotically looking every few hours (yeah, I know, I won’t see anything…but it makes me feel better!)

If you do decide to check your own site and find links which look harmless using the search method that Scottish Mum provided, please be careful if you want to check them yourself. Make sure your firewall, spyware and virus protection is up to date and activate any pop-up blocker you have BEFORE you start.

And think around the domains and what they are offering.  If a site is claiming to offer a download of your image, is that really something you’d want?  unless you’ve authorised it yourself (e.g. to FLICKR or similar) you are unlikely to get any credit or payment for it.  Is there any justification for what appears to be a  job search site to have a  large bank of hot-linked food, travel and lifestyle pictures?  And, while Pinterest is a legitimate way for your images to be linked back to your site to send you traffic, a site that says it is providing images to pin but then encourages users to download them isn’t going to send you any traffic.  All is not quite what it seems in the World Wide Web.

With Lots of Blog Love










If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.


    • says

      it is just that though, a bit of housework. I’m hoping mine is sorted in the short term and if google does do it’s job properly some of the malware sites will go…but who knows!

Leave a Reply

Your email address will not be published. Required fields are marked *