Category Archives: Spam

No Website Url Less Spammers

Removing Website URL from Comment Forms Stops Spammers

Another way to stop spam comments – get rid of the website URL in comment forms. We’ve finally got rid of nearly all spam comments on graphicline.co.za. Although the site was already protected by Project Honeypot, and comments use a CAPTCHA challenge, we were still getting a lot of spam. no comment spam links thumbnail imageInstead of switching to RECAPTCHA with it’s more difficult text, we looked for another way to reduce successful spam comments.

The common factor to all spam comments was the inclusion of a homepage URL in the form field. The thinking was; if there’s no field for the URL, then spambots may fail as they can’t finish their job. Without a homepage URL field, manual spammers may be discouraged from posting rubbish as well.

Read the rest of this entry

Advertisements

Extreme Spam Control

Taking Spam Control to an Extreme Level

extreme spam control thumbnailWe took spam control to a ridiculous level. As an exercise in discovering just how effectively spam can be blocked with WordPress it’s been an interesting exercise. We looked at the 4 main types of spam one is likely to see on their blog; comment spam and trackback spam, spam registrations and finally e-mail spam from contact forms.

The site chosen was our WordPress information site. A few months back a plugin support forum was added to the site, and public registrations allowed. Almost immediately there was a spate of spam registrations – “visitors” registering an account. Most were bots. How do we know? Well, the only link to the registration form is from forum pages, and only a few registration attempts came from one of these referrer pages – the others all arrived at the form directly, without visiting the site at all.

Read the rest of this entry

WordPress Spam Registrations

A Bunch of Spam Registrations

I’m getting a lot of spam registrations for a WordPress site. Interesting thing is; I’ve only allowed user registrations for about 5 days, but have had subscribe to new posts forms all over the site for ages.

A normal person would think anyone wanting to subscribe to post/page updates would use one of the convenient subscription forms. But no, it seems they want to register accounts 🙂

The other interesting thing is, the only links to the registration/login forms are from a very small forum section, literally less than a handful of pages. So how are these users finding the form?

Read the rest of this entry

Trackback Settings Allow Spambots

Spam Comments Even When Comments Off

Spambots are able to bypass WordPress.com comment settings for individual posts and pages, and submit comments even when comments are off for the page. That’s what it looks like, on first impression anyway.

The spam looks like it’s a comment submission, the spammers name, and of course the outgoing link fields are filled in. The content is typical spam rubbish. These spam submissions certainly look like the spammer has bypassed the comment settings, and submitted a comment using wp-comments-post.php.

Looking closer, we see most of the time these spam comments are actually posted using WordPress trackbacks (pings).

Read the rest of this entry

2753 Spam Comments in Two Weeks

The Heavily Spammed Article

spambot graphic imageThree spambots tried to leave 2753 spam comments on a single article in two weeks. I’m pleased to say none were succesful – all blocked by Drupal CAPTCHA. The article receiving this unwanted attention is about the use of website backlinks “Backlinks for Results“. I would take an educated guess at the subject matter of these spammers’ efforts – Black Hat SEO services!

That adds to the tally of around fifty other spam comments blocked most days of the week… I for one am very thankful for CAPTCHA challenges. These annoying, much hated image and text field challenges save a lot of time, and time is money…

Spambots are an evil of the net today, there’s no getting away from them, and the better a site performs in Google SERP, and the more visitors a site gets, the more spammers, both bots and human, will try to leave backlinks in rubbish comments hoping for that elusive “followed” backlink or just the traffic from readers clicks.

Read the rest of this entry

Image Hotlinking

Image Hotlink in Spam E-mail

Hotlink Warning SignSome “kind person” decided to generate lots of traffic to one of my websites yesterday, and used an image hosted on the website server in a spam e-mail, resulting in over 500 hits on the image file in four hours. After redirecting and blocking hotlinks to images there were another 600 hits on the hotlink redirect notification page Broken Image Links for a total of more than 1100 hits in twenty-four hours, and then changed to display a copy of the image on the right.

Hits from the spam mail reached a peak between 1:45 pm and 2:15 pm this afternoon (March 27) with more than 1400 hits before stabilisng at around 100 /hour. The peak probably co-incided with workers checking their mail after lunch.

Read the rest of this entry

Fix this Message – Fake Warning

Another Spam Scam – Fix this Message

“If you are the owner of the site, you can fix this message by publishing…” is appearing all over blog comment forms. The spammer would have the blogger believe there is an error message somewhere on the site, and publishing the contents of the comment will some-how fix the supposed problem…

Mysteriously fix the Error Message

fix it button graphicPublish the comment and the problem with the site is gone! Wow – as easy as that. No checking code files or testing plugins, all your problems are solved if you are the owner of the site…  Publish the comment and you can fix this message. So simple.

Of course this is a spammer trying to get the link to some trash site published, hoping to attract click-throughs to the site, hoping to sell some rubbish product like cheap black-market Viagra or install malware on the visitor’s computer, steal personal information such as your banking details. Are we really that naïve – I don’t think so.

Read the rest of this entry

Honeypot Your Blog

Honeypot Trap for WordPress.com and Blogger

honeypotProject Honeypot is a Spammer, Hacker and  Mail Harvester monitoring service intended to find and list IP addresses used by people with malicious intentions. Project Honeypot is free to join and provides bloggers with a means to identify these types of visitors.Use the database to check IP addresses for threat level and type of threat, join the movement by installing a honeypot trap on your own sites and blogs, report spambots and other ill-intentioned visitors…

Users of WordPress.com and Blogger.com cannot set-up a hosted honeypot trap as we don’t have access to the server, however we can use a quicklink to assist Project Honeypot in collecting data about spambots and automated dictionary attackers etc.

Using the honeypot trap will not interfere with your normal comment system, it is solely to catch the bots used by spammers. It will also not prevent bots spamming your own comment forms – that’s for Akismet or however else you choose to limit Spam.
Read the rest of this entry

Seriously Spam Comments

Spambot – Check the Names and Websites

Spambots getting better? This spammers auto spam-bot message is almost convincing. I had to stop for a moment and think; almost started moving the mouse to find the list of e-mail subscribers when I remembered something – the posted name and website link was not one of the available sign in services (WordPress, Facebook, Twitter), so how did this commenter manage to subscribe by e-mail when leaving  a comment.  SPAMBOT

It nearly got published – It is still a bit early for me, I don’t function too well until I have seriously diluted the blood level in my caffeine stream, even the eyes don’t see too well until caffeine overtakes the red cell concentration, and almost missed the “great site dod” intro and the spam terms “cheap” and “viagra”.

seriously spamming
Read the rest of this entry

Website Disabled – Too Many Backlinks

Website Disabled Because of Too Many Backlinks

Too Many BacklinksThis search term led to my blog this morning. The full term used was “disabled my website because I make too many backlinks”, leading to my post Too Many Backlinks Bad News. No idea where the website referred to was hosted, but a semi-educated guess would suggest WordPress.com or similar service, nor what sort of “too many backlinks” the searcher had created. A further educated guess would suggest these were to products for sale, or so many had been posted the site was considered a link-farm, contravening the terms and conditions of use of whatever platform the author used.

All blog providers and website hosting services have terms and conditions of service; most of them will not permit link farming or spamming!

Read the rest of this entry