Tuesday, January 12, 2010

Why moderate comments? Or, Attack of the spambots

I reckon I just got hit by a spambot.

A comment on a 2006 post of mine on CeBIT (seeking the future at CeBIT) seemed a bit off-topic. So I did a search of one of the less common phrases.

I found that since December 2009, someone had been posting an identical comment on a number of blogs.  Something about some research into online marketing.  The spammer was obviously not the originator of the words - the original probably resides somewhere in the recesses of Google, buried under this avalanche of spam.  The original was making a point that small business was looking to email for marketing (the phrase I extracted was "banner and search crowd a little wary") - not exactly riveting news.  But it was buried in a somewhat inscrutable turn of phrase which would make it past someone who was too busy to pay attention.

The comment concluded with a link to a website that basically hawks... stuff.  A disparate bunch of stuff, with no commonality save to sell to passing traffic.

It must be a slow way to market.  Using http://whois.domaintools.com, I found it to be run from Texas, possibly someone purporting to provide search engine optimisation services.

It's a slow way of making a living.  It would make more sense if someone wrote some code to automatically trawl blogs to add comments under a revolving list of names.  Maybe: most of the blogs didn't need someone to register to make a comment.  One comment was made as a registered user, requiring a registration process (which was created only this month) which is less susceptible to automation, making the effort somewhat less explicable.

...Just investigating the phenomenon, I see Wikipedia has a page on it: Spam In Blogs, which it characterises as a form of "spamdexing": using less than ethical methods to increase a page's profile in search engines.  So it doesn't even need people to click through to the site to achieve the objectives; it just needs the comments to hang around to be caught by the search engine(s).

That's one of the reasons I moderate comments on this blog.  This means a comment doesn't show up until I get notified to approve it.  I'd say I reject more comments than I allow, which shows how much off-topic spam gets posted.

Understandably, this results in confusion over whether the comment has taken hold, so some people try reposting a comment.  My apologies; bear with me please.  And don't make the comment too off-topic, or it might not make it.

14-Jan-10 Update:  Spammers don't even read the posts.  Another just tried again!
18-Jan-10 Update: Same again.  The phrase this time:"By the way, did you guys hear that some chinese hacker had busted twitter yesterday again".  The point: if you are suspicious, drag part of the post into google, see if it's been around the blocks.

22-Jan-10 Update: This is getting ridiculous. 2010 will be the year of the spambot!
I just got another comment that seemed totally innocuous:
"I recently came accross your blog and have been reading along. I thought I would leave my first comment. I dont know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often."

- but because it was off-topic, I did a google search, and found multiple copies of that comment - complete with typo (or spelling mistake, if it was Chinese-originated).  The only other part of that comment was a web link, which I don't need to reproduce.

Two possibilities:  comment spam is trying to get smarter, or they borrowed a contentless comment from elsewhere.

So if it is the year of the spambot, don't bother publishing comments unless they are clearly on-topic.  Otherwise, you're propagating free advertising at best, or carrying links to nefarious sites at worst.

1 comment:

bazza said...

Hi Stephen. I get the various range of spam on my business email address and usually just blacklist the sender but I had one last week that said I could not delete because the sender was me. When I checked it was 'sent' by me!