The American rapper known as Cardi B has been tweeting lots of apologies of late, but it might be time for her web development team to recognize some of their own mistakes in light of news reports that spammers targeted her website.
Users hoping to see images of Cardi B when perusing the photos section of her website were instead met with spammed images as nefarious actors loaded random pictures that depicted not Cardi B but soccer games and other unrelated images.
According to Malwarebytes, the singer’s website was littered with “a peculiar blast of messed up spam text all over the page.” Add to the text spams the array of click throughs to fraudulent videos that were clogging up her website’s homepage, which led to fake movie streams and a soccer match involving Stoke City and Wigan Athletic.
“While the rogue pages in question seem to have been taken down, simply searching for the Cardi B website in Google reveals the damage done to the site’s search results. Spammy results...can take a long time to filter out of search engines, and it isn’t great to have things like that sitting at the top of the searches alongside legitimate results.”
The site allowed people to sign up as registered users and post comments, a feature that eventually attracted spammers who used this to send and insert spam all over the site, Malwarebytes said.
Since the news broke on Twitter, site administrators have been actively engaged in clean up. Existing users are still able to access the login page, but new sign-ups have been disabled.
“Social features for users of your site are great, but those services need to be balanced with tight moderation and a limit on where said features can take you—even if it is Stoke City versus Wigan Athletic,” said Malwarebytes.