"What was once malware designed to steal data from financial institutions has evolved into a social network threat," says John Weinschenk, CEO at Cybersecurity company Cenzic. "Bank account numbers and Facebook log-in credentials seem very different, but to hackers, they are equally as lucrative."

Once Ramnit joined forces with the leaked ZeuS source-code in May, the Seculert blog says it became a "Hybrid creature." That is, it took on ZeuS' financial-data investigative nature and gained access to financial institutions. As a result, it compromised online banking sessions and also attacked a few corporate networks. The Ramnit worm burrows through Facebook, spreading malware to the walls of thousands of innocent Facebook users.

"To combat these types of threats, consumers need to be vigilant about changing passwords often," says Weinschenk. "Avoid clicking on unknown links, and alert their friends to a potential malicious link they might have posted."

Facebook spam attacks like this are nothing new. A recent attack that was caused by a browser vulnerability filled users' walls with photos of the Biebs in compromising sexual situations. Not long after, football-loving spammers nailed the Facebook community forum.

Users should keep an eye on their Facebook profiles as social network worms continue spreading.

Facebook says it blocks 200 million malicious actions per day, which include messages that send users to malware. Even still, Facebook spam is growing faster than its user base.

Hundreds of chat logs were discovered by investigators between "Google" and the co-founder of a spam operation called "SpamIt," Dmitry Stupin. These logs, discovered on Stupin's computer by Russian investigators, gave a detailed look into how "Google" rans Cutwail and how he built the largest spam network on the planet.

Cutwail operates by using the botnet as an engine that it rents to a community of spam affiliates, according to research done by the University of California, Santa Barbara and Ruhr-University Bochum in Germany. Clients are provided with a Web interface in English and Russian that makes it easy to create spam.

Image: Worldwide spambots in December 2011 from M86 Security.

"Google" rose to fame with Cutwail by affiliating it with SpamIt. Cutwail at first spammed about stocks but found in 2007 that the conversion rate for those were low and switched to pharmacy-related spam. Later, "Google" and Stupin created a scheme to sell original equipment manufacturer software, such as pirated copies of Windows. This new scheme was dubbed "Warezcash." A meeting was arranged between "Google" and Stupin in which chat logs give "Google's" mobile phone number.

This is where "Google's" identity starts to unravel. The phone number, along with a previously known email address, was able to track Web site registration for multiple domains such as antirookit.ru and lancelotsoft.com. These domains were registered to a person named Dmitry S Nechvolod, who is presumed to be "Google."

Krebs notes that Dmitry S. Nechvolod is not necessarily the real name of "Google." It could be a fake or a redirection. Krebs does say there are strong connections based on payment information given by "Google" to SpamIt. Through a virtual currency called "WebMoney," the account that SpamIt sent money to "Google" was registered to a person named "Nechvolod Dmitry Sergeyvich."

Cutwail Evolves

The Cutwail botnet has morphed over the years. It started simple with stocks then pharmacy-related spam. It later moved to OEM software before sending phishing emails with malware attachments from the Zeus and SpyEye Trojans, according to Krebs. Airline tickets, Facebook notifications and other various schemes came later. Cutwait has more recently moved on to "ransomware" attacks in which a malicious hacker takes over a users' files and attempts to blackmail the recipient to get them back.

Cutwail is still alive and active. After the take down of the Rustock botnet, it was the time for Cutwail to shine. There is good news though in the global war on spam. 2011 saw some of the lowest levels of email-related spam in the last decade at 70% of all email volume in November 2011, according to Symantec (see above image). That is down from its peak of 90%. Part of the decrease is the increased efficiency of security researchers in identifying and taking down botnets. Spammers have also moved to social networks like Twitter, Facebook, Google+ and the comments of popular blogs.

Source: Intego

The sign-in page asks for users profile information, including the credit card information that is tied to an Apple ID account.

One of the first rules users should be aware of when checking for malware and spam in email is to hover over a suspicious URL with to see the location of the URL they are about to click. Tell tale signs of phishing, malware and malicious sites are when the URL does not appear to be headed to an official page from the company in question.

The phishers behind this attack have likely been sitting on it a while, waiting for when users received new Apple products during the holiday season. Malware makers are very sensitive when it comes to the timing of attacks. Zero day hacks are often stockpiled and unleashed when the impact will be optimal. Other malware and spam attacks are saved up for big news stories, such as what was seen during the Japan earthquake in 2011 or the death of Osama bin Laden. Spammers will then hit search engines with poisoned results and attempt to fill email inboxes with links to malicious sites. While the phishing attack aimed at Apple users was not a zero day attack, it is an example of phishers knowing when the best times are to launch an offensive.

Did you encounter an email similar to this last week? What other phishing attempts have been made against your inbox recently? Let us know in the comments.

Android is now far and away the leader is mobile malware. For-profit mobile malware has also grown significantly, with SMS-sending Trojans and other complex Trojans compromising smartphones. Rootkit malware that takes over the operating kernel of a computer or a smartphone is also becoming popular among malicious programmers. As McAfee notes, "The second quarter of the year was clearly a period of chaos, changes and new challenges."

Android mobile malware has become a persistent threat. Earlier in the year the press covered every new iteration of Android malware, starting with DroidDream and jumping every time a smartphone sneezed. Now, just as with PC malware, Android malware is a usual occurrence. Some of the top Android malware Trojans and viruses out there are derivates of DroidDream. That makes a lot of sense as malware is known to morph significantly when it is out in the wild as new programmers get their hands on it and change it to their specific needs (or, just enough to slip through security applications). Security programmers should look out for Android malware in the DroidKungFu family, the DrdDreamLite family and Tcent, which sends text messages to premium services.

For the first half of 2011, malware is at its highest rate ever. Though, if you just take the second quarter into account, it is a touch behind the pace of 2010. Overall this year malware is up 22%. McAfee's library of malware will reach 75 million entries by the end of the year.

One of the most common targets has been Adobe, which now outpaces Microsoft in attracting exploits. That is another knock to Adobe, which has been struggling in the market to create new products that actually run effectively on computers and mobile devices.

McAfee's report covers a sprawl of different types of malware, spam, phishing and social engineering, mobile viruses and malware, and botnets. Reading through the report, it is no wonder that the security companies should be beginning to question themselves and whether or not they can keep up with the flood of malicious activity on the Internet. On one hand, the popular refrain is always "exercise common sense and you will be secure", but motivated hackers have almost no trouble isolating people and companies if they really want to get their information.

The question has to be asked: Is the security industry failing us?

Wallace was released on $100,000 bail. In 2009 Facebook sued Wallace for his part in spam messages on Facebook and was awarded a $711 million settlement. Most recently, Wallace has been seen on Google Plus where the majority of his pictures and posts are from nightclubs. He currently lists his occupation as "nightclub business / poker" and Google Plus lists his current residence as Las Vegas.

Wallace started his reign as the self-styled Spam King in the mid-1990s when he formed a company called Cyber Promotions (Cyberpromo) that was one of the first companies on the Internet to be widely blacklisted for sending unsolicited emails. The company was dissolved shortly thereafter. In 2004 the Federal Trade Commission filed suit against Wallace alleging that his new company put spyware on users' computers and then offered to fix the problem for a fee. The FTC filed suit again in 2006 and ordered Wallace in his associates to pay more than $5 million in fees.

Wallace turned to social networks a year later and was sued by MySpace in 2007 for phishing and spamming by creating 11,000 or so profiles that attempted to push users to porn and gambling websites. A judge fined Wallace $230 million after he did not show for a court date in 2008.

Contacted on Google Plus and then on email, Wallace said "I can't comment on any of this at this exact moment but I will be asking my attorney if I can send out a general comment in the next day or so."

Wallace's first post on Google Plus came on July 11, about two weeks after the initial invite only rollout of the service. His first post was "I am allowed to use this service." Of which, the first comment was "for now lol jkjk."

Sanford goes by the name DJ MasterWeb and was a disc jockey in Rochester, New Hampshire during the early 2000s. He is also known as "Spamford."

Search engine poisoning is the most prevalent form of malware delivery on the Web, according to the security researchers at Blue Coat. In its 2011 Mid-Year Security Report Blue Coat outlined the biggest threats to Web security and the attack vectors that malware providers are using to infiltrate users' computers.

Search engine poisoning (SEP) makes up 40% of malware delivery vectors on the Web. The practice is when malware and spam attackers inundate search results with links to bait pages that will take users to malicious websites that will download malware to a computer. Spammers reach higher in search rankings by creating link farms that drive their poisoned pages further up search results. People want to be able to trust that what they search for in Google, Bing or Yahoo is safe to click on. Users are not conditioned to think that search results could be harmful to the health of their computers. The other leading attack vectors on the Web all pale in comparison to SEP, with malvertising, email, porn and social networking all 10% of malware delivery.

Google and security companies are in a giant game of whack-a-mole with the malware creators, said the head of Blue Coat's malware research team, Chris Larsen. The botnet networks that create malware are constantly shifting and their delivery mechanisms grow evermore sophisticated.

Yet, SEP attacks do not fundamentally change, they just evolve. As an example, Larsen points to the killing of Osama Bin Laden and the mass of searches that were created the day after the announcement was made to the world. The malware creators used their existing infrastructure, changed the signatures of the command-and-control servers and unleashed a mass of bait links onto the Web.

Malware attackers have come to recognize that users are more wary of clicking on suspicious links that promise something unbelievable or outrageous. So, the vector is shifting to image search. Images are much harder to guard against and have proven to be fertile soil for malware providers. It is harder for Google and the security companies to find the "link farm" that creates the poisoned search results in images.

Porn, Malvertising and Email Remain Strong

In the table above, "unrated" includes malvertising - the practice of poisoning ads on the Web that lead to "bait pages" in much the same way as SEP does. The Blue Coat report notes "people like to look at other people and human nature is unlikely to change." There have been spikes of up to 11,000 new porn sites a day, which makes the need for real-time Web defense systems tantamount. Yet, porn as a delivery vector has actually fallen in Blue Coat's rankings, falling behind email since the last report the company issued in February. Symantec reported last week that email spam was at one its lowest level since 2008 so it looks like the overall amount of malware on the Web may be decreasing.

Larsen cautions that might not be the case. Malware vectors are cyclical by nature. The changing nature of botnets make it difficult to determine exactly how much malware is being driven from what sources. Botnets are becoming more difficult to identify and are increasingly sharing (or simply overlapping) resources. On one hand, the more sophisticated the botnet, the harder it is to dismantle. Yet, Larsen thinks that the more complex botnets become, the more vulnerable they become.

The Changing of Botnets

"The network is constantly changing," Larsen said. "The bigger the attack surface, the more vulnerabilities are created in their own networks."

The Web is a large, complex place made up of many different standards and approaches. Hackers take advantage of this complexity by exploiting weaknesses in portals that are not secure. Larsen thinks that the more complex botnets become, the more portals are opened where security companies can worm into the networks and take them down.

Botnets are also beginning to share nodes on their networks. According to the report; "Many botnets are known to intersect and share their compromised nodes in a symbiotic relationship (which they do with more monetizable malware such as ransomware, pharmacy spam, scams and a variety of other exploits). The samples analyzed, sandboxed, researched and studied by Blue Coat Security Labs exhibit this characteristic."

In terms of malvertising, attackers are learning that patience pays. Malvertising networks will lay low within a legitimate ad network and develop clean reputations by passing multiple malware security sweeps. When the sleeping malvertising network awakes it will change the way it operates to deliver the users to a malware host. The next day the malvertising network will be gone, hiding somewhere else on the Internet.

In case you hadn't noticed, spam and phishing attacks through the social networks has been on the rise. Security company Symantec released a report yesterday detailing socially-engineered attacks to determine where they are coming from and what techniques malware criminals are using to lure victims into their traps.

One of the most interesting trends that Symantec has noticed is that social spam and phishing has been cyclical, moving from network to network (see above graph). For instance, attacks will focus on Facebook for a period of time before falling off, then focus on Twitter or YouTube before coming back to Facebook. In the cat-and-mouse game that is malware verse security, these trends make sense as exploits are closed on one network and found another.

The average lifespan of social spam is between 15 and 20 days, according to Symantec. Of that, Facebook sees the lion's share with 40% of all social network spam, compared with 37% for Twitter and 23% for YouTube. Yet, there are differences in how spam is relayed on Facebook than Twitter. Twitter tends to see large-scale spam attacks that are shutdown by the company relatively quickly, while Facebook sees multiple types of spam threads running through the ecosystem on a persistent basis, according to a recent conversation I had with Sophos security analyst and blogger Chester Wisniewski.

Facebook has been active in protecting its users from "clickjacking" schemes, forming partnerships with security companies like Web of Trust to help protect users. According to Symantec's trends graph, the company's efforts have been paying off. Facebook has been in a decline since late April.

One of the differences in social spam as compared to email spam is the type of message that social spam uses to lure in victims. The big topics are still prevalent - pharmaceuticals, gambling and adult/sex/dating - but spammers are using different types of link-bait on social networks. According to Symantec social spam links are often tied to "unread" messages or fake invites. For instance, a message from Twitter saying that you have three unread messages that you cannot see because your message folder is full. From personal experience, Twitter's DM folder is never "full" (this from a guy who had near 800 DMs in June and several thousand this year).

It is up to the user to protect their computer and exercise common sense with what they click on Internet. If not, your computer or your social network account may be part of the problem, not the solution.

A new report of security company Symantec says that global spam is at its lowest levels since 2008. The geographic center of spammed accounts has also shifted from Russia to Saudi Arabia. Worldwide spam is now down to one in every 1.37 emails. In the United States, spam accounts for 73.7% of all emails.

Spam levels are now the lowest they have been since McColo, a California-based ISP spam control center, was taken down in 2008. That is, in part, due to the shutdown of the spam-sending botnet Rustock in March 2011. Spam, phishing, viruses and other types of malware are all still major problems in the Internet ecosystem but it looks like progress is being made against the botnets and those that control them.

One of the most interesting trends to emerge from the June 2011 report is that pharmaceutical spam is declining yet the prefix "wiki" is increasing in spam messages. In some cases, the two have merged, such as the WikiPharmacy that spam messages are directing users to. Other major spam targets have been tax returns in India and fake aid to Japan after its catastrophic earthquake and tsunami in March. After pharmaceutical spam (which accounts for 40% of all spam messages), adult/sex/dating was the next highest category, with 19% of all messages.

The United States is also no longer a major generator of spam. Spam messages originating from the U.S. declined from 10.7% of all spam in 2010 to 2.8% in June 2011.

Spam may be at its lowest levels in three-plus years, but that does not mean it is dying out or is not a major problem. In June there were still 39.2 billion spam messages sent.

Phishing Evolves, Grows More Targeted

Email phishing is becoming more targeted. Spammers are now using tactics known as "spear phishing" and "whale phishing" designed specifically for a small set of users.

Our enterprise editor, David Strom, reports from Symantec's headquarters in Mountain View, Calif.

"The report shows that virus authors are getting better at micro-targeting: 75% of the malware has infected less than 50 or fewer individual PCs. One virus assembly kit called Harakit is distributed to an average of 1.6 users, meaning that it is used to deliver custom-built attacks that is targeted for a specific individual."

Examples such as Harakit might fit in with "whale phishing" where specific, high-ranking executives are targeted with phishing emails that have been dutifully researched by the phishers and are targeted to get into the executive's computer, which often has access to far more data than a mid-level employee.

South Africa is the most targeted location for phishing attacks with one in every 111.7 emails. The U.S. sees a phishing attempt in every 1,270 emails while Japan sees hardly any (in comparison) at all at with one in 11,179 emails.

Web-based malware is on the rise. MessageLabs identified an average of 5,415 sites each day harboring malware, adware and spyware, an increase of 70.8% from May 2011. That increases the chances of "drive-by" downloads where a user visits a site and becomes infected with malware.

According to multiple security firms, spammers using Facebook Events to promote their links have been highly successful in their efforts to dupe unsuspecting users thus far. According to a report from TrendMicro,"tens of thousands" of users had mistakenly registered for one spammer's event. Meanwhile, Sophos found an example where over 10 million Facebook users had been targeted, and over 165,000 had accepted.

TrendMicro's fraud analyst Paul Pajares says that spammers have turned to Facebook Events instead of posting their links to users' walls where they can "easily get lost in the News Feed."  These bogus events often have tantalizing, link-bait titles like "How to Find Out Who's Viewing Your Profile" or "Who Blocked You From His Friend List?"

For the record, Facebook doesn't allow you to track profile views or blocks, either through its own user interface and feature set or via third-party Facebook applications. Facebook even explains in its own online Help documentation that "blocking someone is completely confidential," and that no one will ever be notified that they've been blocked. It also does not permit third-party applications to track this information, either.

In addition, any application that claims it can show you who's been viewing your profile should be reported, Facebook says in a separate FAQ (frequently asked question) available here.

However, despite the ongoing issue of Event spam, Facebook has not updated its Help documentation to refer to both applications and events. The pages only mentions apps.

That said, any links promoting such activities should be avoided at all costs, no matter the source.

Facebook-Scale Spam is Very Successful

In the case of one event ("Who Blocked You..."), security researchers found that 10.3 million Facebook users were targeted and over 165,000 of that group had been duped into accepting the event invite.

Not all of these fake Facebook Events appeal to users' egos, however. Some just use the tried-and-tested social engineering technique which promotes something (a video, photo, etc.) you have to "see to believe." For example, one event reads "You will NEVER send a TEXT after seeing this VIDEO!" and the event's wall says "This is a horrific video!" followed by a link where the video can (supposedly) be viewed. At the time that Sophos uncovered this scam, over 13,000 users had "registered" to attend.

How the Scams Work

Once on an Event's page, users visiting the "More Info" section  are provided with instructions on how to find out the answer to the question the event promotes (e.g. who blocked you, who's viewing your profile, etc.) The final step, of course, is clicking the spammer's link.

This link is obfuscated using a URL-shortener like bit.ly, which takes a longer link and compresses it into a shorter one that redirects to the site in question. Bit.ly and other services like it grew in popularity thanks to Twitter, which limits the number of characters in its status update field to 140 characters. For Twitter users sharing news and other links with each other, these services are invaluable. However, for spammers, the shorteners can hide what would otherwise be questionable domain names and URLs from potential scam victims.

As a best practice, you should avoid any event invitations of a similar nature, even if you see a friend promoting them on their own Facebook Wall. The tricky, bogus events being used by these cyber criminals also automatically reshare the Event's link to victims' own Facebook pages. If you see something like this, you may want to inform your friend that they were a victim of a spammer.

Update: An earlier version of this article implied that the problem of Event spam was a new vector for Facebook spammers. However, this is not the case. As you can see here, spammers have been using events for months now. The examples cited by the security researchers, however, are new. Screenshots show spam events with dates in March, April and May 2011. Due to these particular events' success in duping users, the researchers felt it necessary to again highlight the problem.

Image Credits: Sophos; Trend Micro

On the Internet, many content farms are full of unoriginal content, often scraped from other sites, and republished under different headlines. The advent of easy self-publishing makes it incredibly simple for this process to be replicated in e-books.

There is Little Copyright Detection

While you do have to check a box when you publish an e-book that says you have permission to use the content, a check box is hardly an obstacle, and there are no other mechanisms in play that stop you from gathering (someone else's) content and repurposing and republishing it as your own.

Science fiction author John Scalzi complained about this last month when he found that a search for his name on Barnes & Noble unearthed a number of books that had been scraped together from various Wikipedia articles. In fact, these "shabby-looking books" actually ranked higher in B&N searches than many of his own novels did.

Publishing Made Easy

That's the point of self-publishing, of course - to remove as many of the barriers as possible that have stopped people from getting their material "in print," or at least in stores. You can go from content scraping to published e-book in less than 24 hours, with a time and monetary investment that means you don't even have to survive in the bookstore very long to be able to reap your payday.

Take, for example, the very prolific author Manuel Ortiz Braschi, who now has 3,379 titles for sale in the Kindle Store, on topics ranging from electric cigarettes to planning birthday parties to weight loss to weddings. Most of his titles sell for a dollar and have been rated one star by reviewers, many of whom comment on the typos and factual errors. "I thought there were some standards for Kindle books," writes one consumer. "I wish I knew how to get a refund."

Same Topic, Different Title

As Essex notes, one of the reasons that content farms have been so successful is that they've had multiple writers covering the same topic in different ways, all aimed at capturing different keyword searches. "Multiple writers," of course, doesn't actually mean different people. Just as long as you can tweak the name, tweak the content, tweak the title, you're good. The screenshot below suggests that this practice is alive and well in e-books.

Better Bang-for-your-buck Than AdWords?

Until Google's recent algorithm changes, many content farms ranked high in PageRank, and none of these changes have stopped content farms on e-books as they're sitting on the Amazon, Barnes & Noble or Apple domains. But not only is this new spammy content easy to find, it's also incredibly easy to monetize. Amazon takes a 30% cut from your self-published book, for example, but that still can net you roughly 70 cents for a 99 cent book - a much better pay-out than an average AdWords click. And although there are many disgruntled consumers, as the reviews of Manuel Ortiz Braschi's books demonstrate, people feel less inclined to make a big fuss, perhaps, because they're only out a buck.

For his part, Essex lists a number of measures that will help combat content farms on e-book platforms, including the integration of plagiarism detectors and investigations of those who publish more than 50 or so e-books. Until then, it's buyer-beware with self-published texts, it seems, much like it's been searcher-beware with low-quality websites.

(via Teleread)

Google has been under increasing pressure in recent months to improve its search results. From accusations of SEO gaming by big sites to a search results page dominated by the likes of Demand Media and other content farms, the search engine has repeatedly heard the cry that it was becoming less and less relevant. Most recently, the company launched an extension to allow users to block results from certain domains.

Today, Google announced that it had made a "big algorithmic improvement" that, unlike other changes, could be noticeable to its users.

Many of the changes we make are so subtle that very few people notice them. But in the last day or so we launched a pretty big algorithmic improvement to our ranking--a change that noticeably impacts 11.8% of our queries--and we wanted to let people know what's going on. This update is designed to reduce rankings for low-quality sites--sites which are low-value add for users, copy content from other websites or sites that are just not very useful. At the same time, it will provide better rankings for high-quality sites--sites with original content and information such as research, in-depth reports, thoughtful analysis and so on.

We can't make a major improvement without affecting rankings for many sites. It has to be that some sites will go up and some will go down. Google depends on the high-quality content created by wonderful websites around the world, and we do have a responsibility to encourage a healthy web ecosystem. Therefore, it is important for high-quality sites to be rewarded, and that's exactly what this change does.

While the changes may have been made without input from the extension, Google notes that "this algorithmic change addresses 84% of them, which is strong independent confirmation of the user benefits."

The changes will take place initially in the U.S. and roll out in other locations over time.

Yesterday, Google released a Chrome browser extension that lets users block certain websites from showing up in their Google search results. That way, if you never want to see an eHow article again, you don't have to. Kynetx, a company that offers developers a single platform for building extensions for multiple browsers, saw the announcement and immediately offered $500 to the first person that could create an extension "with the same functionality for all 3 browsers and all 3 major search engines."

Less than a day later, the company has announced a winner and released the extensions.

We think this is a very useful tool, we run into spam results way too often. The only problem is that this extension works only in Google Chrome on Google. Kynetx makes it brain-dead simple to build an extension for Chrome, Firefox and IE that will annotate search results on Google, Yahoo and Bing.

Kynetx works by providing an AppBuilder tool and a rule-based language to create browser extensions that operate similarly to GreaseMonkey.

The extensions, which are available for Internet Explorer, Chrome and Firefox, function nearly identically to the one put out by Google yesterday. When you get a page of search results, if you don't want to see a certain domain any more, you simply click the "block" link next to that result. At the end of your search results, it will tell you if something has been blocked and you can click to see the blocked results (the highlighted entries in the screenshot below).

The big difference, of course, is that these extensions work with the top three most used browsers as well as the top three search engines. If you block something on one browser, it automatically synchronizes and keeps that domain blocked in other browsers too. The same goes for search engines. If you block something in Bing, it will be blocked in both Yahoo and Google.

Ed Orcutt, a developer based in Highland, Utah won the $500 prize by getting there first. This is the second time around for Orcutt, who also won another Kynetx contest by creating HoverMe, an extension that helps Twitter and Facebook users discover where their friends hang out on the social Web.

All of the extensions are now available at PersonalBlock.com.

Are you tired of eHow articles dominating your Google searches? Sick of that same site showing up every time you search for something? Had enough with Yahoo Answers and the inane, unending drivel it seems to drum up from the dregs of the Internet?

The Google Web search team has launched a Chrome browser extension today that will likely become your best friend then. The extension lets you block search results from showing up, meaning you never have to trudge through the murky depths of content farms again.

Google recently addressed the issue, with principal engineer Matt Cutts writing that attention has shifted to this content showing up in search results and that, while "English-language spam in Google's results is less than half what it was five years ago", Google "can and should do better." This, it seems, one step in that direction.

Cutts introduced the extension today on the Google Chrome Blog explaining the greater context of the tool:

We've been exploring different algorithms to detect content farms, which are sites with shallow or low-quality content. One of the signals we're exploring is explicit feedback from users. To that end, today we're launching an early, experimental Chrome extension so people can block sites from their web search results. If installed, the extension also sends blocked site information to Google, and we will study the resulting feedback and explore using it as a potential ranking signal for our search results.

The extension, available for download now, inserts a link below search results for you to block that particular domain.

From that point forward, whenever content is blocked, it well alert you at the bottom of the page. With a click, you'll be able to see what domains were blocked and given the choice to unblock them. The extension is available in English, French, German, Italian, Portuguese, Russian, Spanish and Turkish.

Search startup Blekko is betting that web users want to search without seeing results from companies that are pumping out low-quality content just for the ad revenue. But is one person's low quality content another person's more-accessible reading material? Today Blekko released a list of the top 20 domains that its users have clicked the "SPAM" button on in their search results. Content from those sites will never show up in a Blekko search again, the company says. What do you think of this list?

The list is:
ehow.com
experts-exchange.com
naymz.com
activehotels.com
robtex.com
encyclopedia.com
fixya.com
chacha.com
123people.com
download3k.com
petitionspot.com
thefreedictionary.com
networkedblogs.com
buzzillions.com
shopwiki.com
wowxos.com
answerbag.com
allexperts.com
freewebs.com
copygator.com

Want to see what search results from those domains look like? You can't do it using Blekko anymore, but here's a Google Custom Search Engine that searches inside just those domains alone.

Are These Spam Domains? Maybe Not

A lot of these domains are pretty obnoxious, but that's just my opinion. Other peoples' opinions are different. People complain about Demand Media's eHow, for example, but the site also has one of the most popular free iPhone apps in the iTunes store. The content is directly useful, highly readable and easy to navigate.

Picture the dystopia in the movie Back to the Future II, where Biff ends up a powerful media mogul and the world is awash in insipid, screeching, 24-hour infomercials. That's kind of where we live, folks, and our brains have turned a little softer than some of us might like as a result.

Where else are you going to learn about basic things in this world? On Wikipedia? Have you read a Wikipedia entry lately? They trend wonky, over-detailed from the top and according to a New York Times report yesterday, written almost entirely by men.

The content on the domains above may seem like spam to the egg-headed geniuses behind Blekko, and the highly discerning early customers of that site, but I don't think they always look like spam to the rest of the people on the web.

Fixya is another domain that's on that list that I guarantee loads of everyday people are thankful for, not calling for banishment of. The site is littered with advertisements and poor writing. News flash: so is the rest of the world. That might offend the sensibilities of enough sophisticated Blekko users to click that Spam button on the Blekko site, but we'll see who wins long-term - Blekko or the content farms.

I use Blekko every day. But I don't use it for "spam control." The determination of whether something is spam or not is really about context. I use Blekko for other types of context filtering. The ability to set up custom lists of domains not to exclude, but to limit a search to, is what's most useful for me about Blekko.

I use the site to limit my searches and see what tech bloggers have written about a subject, or what tech industry analysts have, or bloggers who cover developments in the Middle East, or venture capitalists.

I understand that most people don't want to perform searches limited to contexts as sophisticated as that, perhaps. But those same masses of users who don't want to do anything too sophisticated are also likely to want some easy-to-read tutorial content like what you find on eHow. Is Blekko intending to serve just people who are interested in creating their own topical collections, or are they aimed at mainstream users? Do mainstream users really dislike these sites that Blekko is now banishing? I'm not so sure they do.

Banishing "content farms" may make sense in the minds of the people behind Blekko, but I'm not sure it's the best idea for everyone.

Last October, Facebook filed three lawsuits in a federal court in San Jose, California alleging that three individuals were "attempting to trick people on Facebook into signing up for mobile subscriptions and sending spam to their friends."

According to an update on Facebook's Security Blog, the decision came this week, kicking the offender off the site and awarding Facebook with more than $360 million in damages.

This week, a federal court awarded Facebook $360,500,000 in statutory damages and issued a permanent injunction kicking a known spammer, Philip Porembski, off Facebook for good. We're pleased with the win, which is just another result in an ongoing enforcement effort.

According to security firm Sophos, Porembski "was alleged to have obtained the login details of at least 116,000 Facebook users, and sent more than 7.2 million spam messages to victims' online friends."

Sophos reports that Facebook received more than 8,000 user complaints in relation to Porembski's efforts, with 4,500 deactivating their accounts as a result.