2753 Spam Comments in Two Weeks

The Heavily Spammed Article

Three spambots tried to leave 2753 spam comments on a single article in two weeks. I’m pleased to say none were succesful – all blocked by Drupal CAPTCHA. The article receiving this unwanted attention is about the use of website backlinks “Backlinks for Results“. I would take an educated guess at the subject matter of these spammers’ efforts – Black Hat SEO services!

That adds to the tally of around fifty other spam comments blocked most days of the week… I for one am very thankful for CAPTCHA challenges. These annoying, much hated image and text field challenges save a lot of time, and time is money…

Spambots are an evil of the net today, there’s no getting away from them, and the better a site performs in Google SERP, and the more visitors a site gets, the more spammers, both bots and human, will try to leave backlinks in rubbish comments hoping for that elusive “followed” backlink or just the traffic from readers clicks.

Read the rest of this entry →

-26.109812 27.891908

Image Hotlinking

Image Hotlink in Spam E-mail

Some “kind person” decided to generate lots of traffic to one of my websites yesterday, and used an image hosted on the website server in a spam e-mail, resulting in over 500 hits on the image file in four hours. After redirecting and blocking hotlinks to images there were another 600 hits on the hotlink redirect notification page Broken Image Links for a total of more than 1100 hits in twenty-four hours, and then changed to display a copy of the image on the right.

Hits from the spam mail reached a peak between 1:45 pm and 2:15 pm this afternoon (March 27) with more than 1400 hits before stabilisng at around 100 /hour. The peak probably co-incided with workers checking their mail after lunch.

Read the rest of this entry →

-26.109812 27.891908

Fix this Message – Fake Warning

Another Spam Scam – Fix this Message

“If you are the owner of the site, you can fix this message by publishing…” is appearing all over blog comment forms. The spammer would have the blogger believe there is an error message somewhere on the site, and publishing the contents of the comment will some-how fix the supposed problem…

Mysteriously fix the Error Message

Publish the comment and the problem with the site is gone! Wow – as easy as that. No checking code files or testing plugins, all your problems are solved if you are the owner of the site…  Publish the comment and you can fix this message. So simple.

Of course this is a spammer trying to get the link to some trash site published, hoping to attract click-throughs to the site, hoping to sell some rubbish product like cheap black-market Viagra or install malware on the visitor’s computer, steal personal information such as your banking details. Are we really that naïve – I don’t think so.

Read the rest of this entry →

-26.109812 27.891908

Honeypot Your Blog

Honeypot Trap for WordPress.com and Blogger

Project Honeypot is a Spammer, Hacker and  Mail Harvester monitoring service intended to find and list IP addresses used by people with malicious intentions. Project Honeypot is free to join and provides bloggers with a means to identify these types of visitors.Use the database to check IP addresses for threat level and type of threat, join the movement by installing a honeypot trap on your own sites and blogs, report spambots and other ill-intentioned visitors…

Users of WordPress.com and Blogger.com cannot set-up a hosted honeypot trap as we don’t have access to the server, however we can use a quicklink to assist Project Honeypot in collecting data about spambots and automated dictionary attackers etc.

Using the honeypot trap will not interfere with your normal comment system, it is solely to catch the bots used by spammers. It will also not prevent bots spamming your own comment forms – that’s for Akismet or however else you choose to limit Spam.
Read the rest of this entry →

-26.109812 27.891908

Seriously Spam Comments

Spambot – Check the Names and Websites

Spambots getting better? This spammers auto spam-bot message is almost convincing. I had to stop for a moment and think; almost started moving the mouse to find the list of e-mail subscribers when I remembered something – the posted name and website link was not one of the available sign in services (WordPress, Facebook, Twitter), so how did this commenter manage to subscribe by e-mail when leaving  a comment.  SPAMBOT…

It nearly got published – It is still a bit early for me, I don’t function too well until I have seriously diluted the blood level in my caffeine stream, even the eyes don’t see too well until caffeine overtakes the red cell concentration, and almost missed the “great site dod” intro and the spam terms “cheap” and “viagra”.

Read the rest of this entry →

-26.109812 27.891908

Website Disabled – Too Many Backlinks

Website Disabled Because of Too Many Backlinks

This search term led to my blog this morning. The full term used was “disabled my website because I make too many backlinks”, leading to my post Too Many Backlinks Bad News. No idea where the website referred to was hosted, but a semi-educated guess would suggest WordPress.com or similar service, nor what sort of “too many backlinks” the searcher had created. A further educated guess would suggest these were to products for sale, or so many had been posted the site was considered a link-farm, contravening the terms and conditions of use of whatever platform the author used.

All blog providers and website hosting services have terms and conditions of service; most of them will not permit link farming or spamming!

Read the rest of this entry →

-26.109812 27.891908

No Link in Spam Comments

Where are the Spam Comment Links?

I have recently come across a trend that makes no sense whatsoever. Spam comments on WordPress.com with a non-existent backlink. We all know moronic spammers try to post comments on WordPress.com for backlinks to their trash websites, so why are they posting bad links?

Take a typical spam comment, a line or two of badly written English, an email address if required – useful to check if an apparent borderline comment is spam. At least one outgoing link, even if only in the ‘website’ field. It looks like spammers have finally realised many blog authors activate the “mark 2 or more links as spam” setting.

Checking another blog’s spam folder  today six of these were found (out of a total of 16 spam comments; a high percentage. I could see from site visits on the days the so-called comments were posted these were almost certainly spambot generated; comments on posts that had not been viewed for several days before and after. (more…)

-26.109812 27.891908

More e-mail Problems with MWEB

MWEB and Spam

Today I received a mail from a client of MWEB regarding blocking of e-mail incorrectly identified as spam. Respecting the complainant’s request to remain anonymous, all names and any other identifying terms have been edited or deleted. The complainant found an article on this blog referring to this service provider and e-mail blocking.

Quoting the e-mail received

“This is not an inquiry but I thought it may be of interest after reading the comments on your site regarding Mweb and spam.  I ended up on this site after Googling to see if anyone else has experienced my problem which is basically that for the past few weeks, except intermittently, I have been unable to contact my largest and most important supplier in Germany.  The reason given is:

“Service unavailable; Client host [196.28.80.38] blocked using ix.dnsbl.manitu.net; Your e-mail service was detected by mx.selfip.biz (NiX Spam) as spamming at Fri, 16 Dec 2011 14:20:53 +0100. Your admin should visit www.dnsbl.manitu.net/lookup.php?value=196.28.80.38

A mail from my supplier’s IT department goes further:

“The problem is, you are using the mail server relay08 which frequently is sending viruses, spam and other malware.

At 14:45 this mail server was blocked by the biggest German malware protection blacklist which we are using.
So the mail to Mrs. P was blocked.

Between 14:45 and 16:06 this mail server was removed from the blacklist.
The reason for this was, that the server stopped sending viruses, spam and other malware.
So your Mail to Mrs.  K  got through.

If this server starts again to send viruses, spam and other malware he will be blocked again.

You should have this problem with many contacts which are using such blacklists.

To solve the problem you could switch to a mail relay service which is checking the outgoing mails for  viruses, spam and other malware too. Or you can use an own secured mail server.”

I sent all of this to MWEB expressing my disgust at using a service accused of being a spammer, and received the following reply from MWEB:

Read the rest of this entry →

-26.109812 27.891908

Fun with Spammers

Spammers are Losers

It has been a while since I mentioned spam commenters… This blog get’s very little these days since restricting commenting to logged-in visitors only. A vast improvement from the days of finding 50 or more spam-bot or manually generated nonsense in the spam folder.

However, some of the blogs I manage for others get these spam comments. The ones I mention are still small, written by occasional bloggers, and I just take care of formatting, graphics, proofreading and admin tasks on behalf of the authors.

Last week I was doing the rounds of these blogs, checking the comments, and found a number of comments which were complimentary, short remarks even relevant to the topic of the posts concerned, but with outgoing links all over the place. I decided to have a bit of fun with the spammers, and approved their comments – after editing!

The net result – the spammers are all-round losers.

Editing the Spam Comments

First off the links had to go… The rule is simple, links from spammers are bad news, even if “nofollowed” – who knows what dangerous malware is on the linked to page. I really do not want visitors to these blogs to click the link (or even copy and paste to their browser) and end up getting their computers infected with a trojan or virus. So the links were deleted entirely.

Read the rest of this entry →

-26.109812 27.891908

Spam Comments

Spam Comments – we all get them

How many bloggers have never had their comment form used by spammers? Very few I would say.

Perhaps the number of spam attempts on our comment forms is an indication of how succesful our blogs are. At least it seems that the sheer number of spam comments increases as our blogs become more established. New blogs take a while to attract spammers, older ones with plenty of content and readers get more.

Spam Comments for Backlink SEO

Many of these spam comments seem aimed at generating backlinks to the spammers website(s). Invariably there will be at least one such link, almost invariably to some product page  or site selling something (usually junk).

Another type of link refers to blogs on wordpress.com. These are ‘Spam Blogs‘. (Splogs) No (or very little) content of value, often just a few words, and a link to a web site where something is for sale. Very often splogs consist of  just a single post, even if the blog is several months old (or older) These spammers have at least taken the time to sign up for a wordpress.com account, to circumvent restricted commenting (where guest account has been disabled).

Spam Comments Useless for Backlinks

Spammers intending to get backlinks to their sites probably do not realise their links they load into our comment forms have no value as backlinks. The good guys at WordPress.com have thought through the problem and have included no-follow code for links in comment forms, both for links contained in the body of the comment, and for the URL in the commenter’s identity. The following answer to my question to wordpress happiness engineers explains this clearly…

We don’t nofollow the whole comment section (so comments themselves are indexed), we just nofollow the commenter’s link and any links made within the comments (so they don’t earn any page rank points).

Read Question and Answer

So the only benefit the spam link has is possibly to generate a bit of traffic to the site.

My suggestion for any blogger wanting to limit spam is simple, disable the guest commenting feature. Anyone who has a genuine comment to add to your post can still comment using their wordpress.com, Facebook or Twitter identity.

Spammers will still try to get their rubbish posted, but you will not end up with 50 or more such inane remarks and links in your pending moderation box. and if you do get comment spammed, don’t follow the links – that is exactly what the spammer wants you to do.

More Articles on Spam

• Reasons Why Leaving Spam Comments is NOT the Way to Promote Your Blog
• Having a blog does not a blogger make

-26.109812 27.891908