As I used to work for a fairly large university, I was perusing results for .edu sites the other day when I started running across a fair amount of similar-looking pharmaceutical spam. You can see a pretty huge sample of it by using the following dork:
site:*.edu (intitle:viagra||intitle:cialis)I contacted a few universities to let them know but after receiving no responses, I figured I'd just throw this one out there.
It's incredibly difficult to police a university-sized network. To make matters worse (for admins), sites in the .edu top level domain are common targets because of their size, crappy student-created webapps, and the google juice that a big .edu can bring to a link farm. Because of this, it's really not uncommon for this kind of thing to happen. Scripts scanning for web vulnerabilities can infect huge swaths of a network in one swoop.
Targeted google dorks seem like an ideal way for edu admins to stay on top of this kind of thing, especially because the googlebot will probably know about it far before you do. A simple google alert can be set up for your domain (such as site:*.msu.edu), and the results will literally just be sent to you. No need to make this difficult, guys.
