Feb 14, 2011 16:04 GMT  ·  By

Security researchers from GFI Software warn that an increasignly large number of .edu websites are being abused to push adult spam because of their poor security and lack of oversight.

Christopher Boyd a senior security researcher at GFI notes that a lot of .edu forums are being flooded with this sort of spam.

Searching for adult-oriented terms in the .edu domain space on Google reveals entire pages of results, most of which are on discussion boards.

"Most of this seems to have kicked in since around the 4th or 5th of February, and there doesn’t seem to be much in the way of spam control or preventative measures going on right now so please be careful if looking around your University forums, official or otherwise," Mr. Boyd says.

He stresses that website owners need to take control of the situation immediately otherwise they risk loosing their audience if they keep endangering it and forcing it to surf through tens of spam threads just to locate one legit discussion.

However, it's not only forums that have been abused. Among the search results one can also find what appear to be compromised websites.

Most of them are installations of popular content management solutions that have been left unpatched for a long time and known vulnerabilities are now being exploited by spammers.

Unfortunately, the same security holes can be leveraged to create malicious doorway pages that are part of malware distribution and black hat SEO attacks.

Furthermore, the fact that .edu websites have a higher level of trust associated with them because they are maintained by educational institutions does not help the situation at all.

A similar trend is also being observed for governmental websites, which are boldly being abused by spammers and other crybercriminals not just in US, but at international level.