Security administrators remind bloggers: Watch out for spam

University Park, Pa. -- Cialis, Viagra and Prozac all may have useful purposes, but how much relevance do links to the suspicious third-party vendors selling the pills have on Penn State blogs? Little or none. Yet, according to security experts at Information Technology Services (ITS), searches of blogs and wikis in the Penn State domain often can generate thousands of references to such products.

"It's an unfortunate truth, but popular blogs or wikis can often encourage unsolicited advertisements from spammers because the sites' owners do not check for such abuse," explained Kathleen Kimball, senior director of ITS Security Operations and Services. "Bloggers sometimes don't realize that spammers may have discovered and used blogs that users have left unattended."

Most commonly, advertisers will saturate an uncontrolled blog with hundreds of illegible links that feature useless information or products, according to Kimball. But sometimes what might have begun with these seemingly cavalier advertisements -- such as "learning the top 50 best moves in poker" -- could quickly escalate into an onslaught of postings from an illegal source or for an unwanted product, such as pornography. Furthermore, these unsanctioned postings frequently occur without the knowledge of the owner.

Due to increasing concerns, ITS staff members are issuing a reminder that under Penn State Policy blogs or wikis are prohibited from posting commercial links that are unrelated to the operations of the University. They also recommend that individuals who create Web sites that allow visitors to contribute content (via blogs or other electronic bulletins), continually monitor their sites for unsolicited commercial advertisements. "Staying current and updated on the blog and instituting some guidelines that allow the site to remain 'open,' but protected from unsolicited commercial activity, are important examples of how moderators or owners should exercise editorial control," Kimball suggested.

For more information on blogs or wikis, ITS encourages students, faculty and staff to visit http://tlt.its.psu.edu/suggestions/blogwiki/blog.html online. Information on Penn State's computing policies and guidelines can be found at the ITS Security Operations and Services Web site at http://sos.its.psu.edu/ online.

Last Updated March 19, 2009