I've originally posted some information about this person in Ann Elisabeth's wiki. Since he's still rampant, I just reviewed my observations to make sure they're consistent.
We're mostly seeing referrer spam for airline tickets, insurances (cars, boats), and ringtones. Interspersed are spams for seemingly unconnected things like spyware removal tools, various brands of cars (Honda, Ford, Chevrolet), cellphones, pharmacy products, loans, and other random topics (Hawaii, for example).
Certainly a mixed bag of things. So why do I think there's always the same person behind those spams?
Looking up the registrant information for all the spamvertized domains returns three names:
So Midel Birek and Gert Ledov share an email address, while Fred Sext and Gert Ledov live in the same city. And they all have "tgp" as the localpart of their email addresses. Conincidence?
All the spamvertized domains actually redirect to "search engine"-like pages - the sort you've never heard of before, like searchmeup.com and topsearch10.com. And all the URLs on those "search engines" contain aid=34671 - most likely an affiliate id and the actual reason for all that spam.
So, yes, I firmly believe behind these three (or how many) identities there is exactly one person. As to which of these names is his real one I have no idea - probably none of them. Maybe "tgp" are his real initials or maybe not ...
Room for further investigation is in how those "search engines" actually produce any sort of revenue that makes this whole spamming worthwhile. And a closer look at the hosting services involved may also be of interest (and a way to get at least some of his accounts terminated) ...
Comments (0)
Damn Spam!
http://spam.tinyweb.net/article.php/airline-ticket-spammer