Who on earth would be trying to promote EC-Council University via comment spam on my website?

Who on earth would be trying to promote EC-Council University via comment spam on my website?

Who on earth would be trying to promote EC-Council University via comment spam on my website?

When you run a blog, one of the things you find yourself having to deal with is comment spam.

Sometimes it will be people trying to promote a service that will let you cheat at writing essays…

Comment spam 1

…or advertise an online pharmacy…

Comment spam 2

…or good old-fashioned porn.

Comment spam 3

You expect to have unwanted comments like this submitted to your blog, and a good anti-spam plugin (I use Akismet) automatically filters them, meaning you don’t have to waste hours each day marking them individually as spam.

But some spam does sometimes get through. Take this, for instance:

EC-Council comment spam

What’s unusual about this piece of comment spam, is that it’s not shilling dodgy medications, an essay-writing service, or foot fetish videos, but a website from EC-Council, a “legitimate” cybersecurity organisation.

Yes, someone has gone to the effort of finding a blog post where I wrote about how I was speaking at an event in Helsinki, and used that as an excuse to promote one of EC-Council’s own services: the so-called EC-Council University.

EC-Council University claims to be “a premier institution of higher learning that specializes in cybersecurity technologies, enabling its graduates to obtain advanced cyber skillsets.” Don’t be fooled by its slick marketing video (I won’t link to it here, why should I give them the traffic?) showing off what is presented as the university campus. EC-Council University is entirely online.

EmailSign up to our newsletter
Security news, advice, and tips.

EC-Council itself runs a Certified Ethical Hacker programme, so you would expect it to behave ethically – right? It can’t possibly have paid someone to boost its SEO rankings by posting spam on cybersecurity blogs… can it?

Sadly, EC-Council hasn’t covered itself in glory in the past with accusations of sexism, “shady practices”, and plagiarism, as well as rather embarrassingly spreading the Angler ransomware and having its website defaced with an image of Edward Snowden’s passport.

Defaced website

I can’t tell you not to seek ethical hacking certification from EC-Council. But I can suggest that if you are looking for an online university to boost your cybersecurity career, you don’t settle for an outfit that has proven itself to be of questionable ethics and utterly clueless.

I told EC-Council about the comment spam left promoting their website yesterday. It hasn’t responded.

Maybe I should wait until a reply is submitted via the comments section below… presumably with a link to one of its websites.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published.