macfansforum harvesting data from MR?

Discussion in 'Site and Forum Feedback' started by nagromme, Dec 8, 2013.

  1. nagromme macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #1
    I posted what looks like a phishing scam ("clones" of MR, TouchArcade etc. as subdomains of macfansforum) here:
    http://forums.macrumors.com/showthread.php?p=18476109

    But it also may be an issue MR wants to look into, in case they can somehow stop the scammers getting the data. So I'm mentioning it here.

    It occurred to me that it might be some kind of SEO effort legitimately owned by MR--different domain pointing to the same stuff? (I know that has sometimes been a tactic site owners attempt to boost Google rankings.) However, when you try to log into the clone-forums you can't, so my guess is "phishing."

    If it's legitimate and secure and owned by MR, please delete this thread and the linked one! And just be aware, then, of the login issue. If login doesn't work, then it's probably best to stop Google indexing that site.

    (This came up because Google is indexing a bunch of macfansforum stuff, and sometimes I find the clone instead of the real content here. Easy to click and not know--even the URL looks good at first glance!)
     
  2. arn macrumors god

    arn

    Staff Member

    Joined:
    Apr 9, 2001
    #2
    it's not ours. But I don't actually think it's a phishing scam -- more of a content scraper / SEO play.

    They don't actually scrape the site, but are proxying it. So they are sending a hit and rewriting it (and caching it) before displaying it on their own url. I blocked the proxy ip, but they could easily change it. Let me know if you see other sites like this.

    Looks like they only have 38,000 pages indexed in google, compared to our 4.8 million. So hopefully too many people weren't tricked over there.

    arn
     
  3. nagromme thread starter macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #3
    Good to know. It's hit or miss when I search for stuff--most of the results are indeed MR.

    But here's the risk to users: they have a login field, which looks like the real thing--but they receive your MR username and password when you attempt to log in.

    Not sure what their ultimate scam is--maybe they ignore the passwords they receive and have some other goal. As you say, phishing might not be the plan!

    Outside of MR's control in any case! Thanks for the IP block--might help for a while!
     

Share This Page