Symantec World Cup Site Hit By Spam

A website designed by security firm Symantec to warn users about scams surrounding the FIFA World Cup 2010 has been hit by spammers, security news website The H Security has reported.

The 2010NetThreats website, designed to provide security news and advice about World Cup-related scams and other security risks, has been deluged by spam comments advertising links for everything from T-shirts to hotels, sport shoes and purses. The unsolicited links appear in comments under almost every security tip on the site.

The H Security states that the spamming was made possible because Symantec failed to implement any of the usual security mechanisms for the comments section of the site.

The website did not require users to register to post a comment on its public forum, or to complete a 'CAPTCHA' image verification question. Symantec also failed follow Google's advice by adding an attribute to the URLs posted in the comments, which would prevent the links from increasing the spam's relevance in search engines.

Symantec has since deleted all spam and has temporarily disabled the site's comment function.