After “comment spam”, comes “like spam”


No spam

Maybe if I had a blog that was visited by tens of thousands every day and on which hundreds wanted to comment it would not be so easy, but “comment spam” is not a problem here – anything which the algorithmic spam filter does not pick up can be chucked out by hand.

But in recent weeks I have seen a new form of blog spamming – “like spamming” against which WordPress seem to have given me no protection. Spammers – usually they are SEO snake oil sellers or link farmers – come here and like a post – that gives them an automatic link back to their blog.

I don’t want to discourage anyone who genuinely likes my blog – but let me warn the spammers. From this point onwards spam-like likes will see your blog reported to WordPress.com as spam.

New comment spam fashion


Comment spam appears to have entered a new phase – recently my spam filter is filling up with comments that link to other pages of links. I assume this is some sort of pay-per-click effort, as I am guessing that Google would automatically bomb any page that was just a series of ads and similar links.

Of course, the key thing about understanding spam is how low the marginal costs are for the spammers – especially if they write scripts that just plaster this all over people’s blogs. Even if just 1 in 100 bloggers does not have a filter installed and only 1 in 1000 visitors clicks on a link on any day, that probably still works as a money making venture if they can get the volume up to a high enough number.

More thoughts about the economics of spam


no spam!
Image via Wikipedia

Spam is often thought of as a hugely profitable business: entry costs are low, marginal costs of sending spam are close to zero and because you target millions you do not need much of a response rate to make money.

But the evidence suggests, to me at least, that most spam senders are like most drug dealers – poor and going nowhere.

Spam is written in appalling English, and that is actually the easiest way to identify it – by the second or third word in (or the first if it is “dearest”), it is clear it is not written by a native speaker.
Here’s a real world example currently sitting trapped by Akismet on this blog:

I surely wanted to sort a message so as to express gratitude to you for those good tips you are writing at this web-site. My extensive web appear up has at the end of the day been compensated with pleasant knowledge to write about with my two pals. I ‘d state that that we website visitors are extremely fortunate to exist in a fine community with many amazing folks with helpful tips and hints. I feel rather grateful to have seen your web page and look forward to some extra enjoyable times reading here. Thanks again for all of the details.
So most spammers are in Eastern Europe? So what, you might say. But the point is that if they were really making any money they could afford to pay for someone to write the stuff in good English – that might double the response rate, say, and that would surely be a competitive advantage. But if the “industry” is broke from the start then there is never the capital to afford to do that.
Of course, some spam does work – phishing, where the “good” cases clearly show real effort has been put in, proves my point: phishers can afford to invest in the technology and the presentation.

New trend in comment spam?


Escherichia coli: Scanning electron micrograph...
Image via Wikipedia

The tactics employed by comment spammers continue to fascinate me, but I have noticed a new trend, which indicates either a new trend or adaption from the spammers – which reminds me of the way bacteria respond to antibiotics – or perhaps just indicates I am being over-sensitive.

Twice in the last 48 hours I have had comments from people who are clearly responding to the content of the blog post but who are also linking to an explicitly and solely commercial page: one was an XML editor and the other was a video on “how to be a hacker” (of the LulzSec variety as opposed to kernel patcher type).

Now, this blog is currently doing pretty well in Google on a number of the technical areas it discusses and traffic is slowly rising as a result. (Interestingly Google ranks the HTTPS pages much higher than their HTTP cousins, but that’s another issue and not one I am going to discuss here, because I really have no idea why that is.)

Therefore it may well be quite valuable to comment spam this site if you are looking for people interested in XSLT or the Kronecker delta or whatever. But you are also up against a pretty good spam filter in terms of Akismet, so the usual “your blog is great” crap is not going to make it.

So, like a bacterium faced with penicillin the spammers mutate and devote more energy to survival. Or, it is just that people who sell a product are genuinely interested in what I write here – though something tells me that it is more likely to be the first!

Some insight on “comment spam”


wall of spam
Image by chotda via Flickr

As I sit here chewing my lunch, some insight has come to me about “comment spam” – the sort of “great blog, have you seen my used car website” comments that, in recent years, have poisoned so many sites.

WordPress.com gives me access to “Akismet” so these things rarely if ever get through, but I still get to see them (traffic here is going up, but it is not at such a level that I cannot take time out to smell even the stinking roses) and they have become much more frequent in the last few days – as have references from those odd “aggregation” sites that you see around the web – I won’t link to one because I don’t want to give it any sort of “google juice” but if you don’t know what I mean they are sites that (unlawfully) lift whole blog posts and stick them on their site on the basis that you have written about some subject that supposedly interests the owner/publisher.

It is pretty plain to me now that the real role of these sites is to simply provide pointers to spammers about where they can go to splurge on some comment spam.

Maybe somebody should organise a campaign to pressure the hosters to take these sites down?