spam

If you’re on WordPress, or really any blogging platform, spam in your comments is undoubtedly the bane of your existence. I’m sure you see hundreds of spam comments a week–most of which are (hopefully) caught by an automatic filter–and if you’ve been blogging for any length of time you can probably recite the bots’ comments by rote. “Hi, great post! How long you been blogging for?” “These are genuinely fantastic ideas!” “I’ve been browsing online more than 3 hours today and never found a blog like yours…” Most of these comments are posted from disposable email addresses, studded with links to shady sites where you can buy counterfeit Rolexes, pills for your penis (even if you don’t have one) or other such nonsense.

This form of deceptive advertising is obviously fulsome, but the process of how spam works and where it comes from is both fascinating and mysterious. Online spam is a form of what I call “organized deception,” the art of duping people through a careful, rationally-designed process of fraud aimed at monetary gain. Organized deception has a spectrum of villainy, with comment spam perhaps at the least reprehensible end, and something like Bernie Madoff’s billion-dollar Ponzi scheme at the other extreme. But it is interesting, at least to me, how these scams are structured. The problem is we don’t really know that much about them, because nobody cares enough to find out. In researching this article I did numerous searches on the subject of blog comment spam, and in tens of thousands of hits I brought up I’d say 99.9% of them were articles about how to filter, stop or otherwise combat it. Comparatively few people ever talk about what spam really is or care where it comes from, which I guess is understandable. But if you want to stop something, won’t your efforts to do so bear more fruit if you understand your enemy?

madoff

No, comment spammers aren’t nearly as evil as the things this person (Bernie Madoff) did, but both of them used organized deception for financial gain–on vastly different scales.

I believe the vast majority of comment spam comes from a surprisingly small number of sources. Despite the staggering volume of spam out there, not very many people are in the spam business, but the few that are have a very big footprint. A few people (one article I read referred to them as “Slimy Guys”) employ software that automates the process of finding blogs to spam and entering comments. The number one product used for this purpose is called TrackBack Submitter, which retails for anywhere from $75 to $150. TrackBack is marketed to people supposedly in the business of, you guessed it, the dreaded “SEO”–Search Engine Optimization–but what it’s really for is comment spam. The name of the game is what they call anchor text, which is the search term the spammer or his company wants to rise in the statistical search rankings. Anchor text is usually the name of a product or service–dick pills and counterfeit watches. Getting this text up on your blog is the only point of a spam comment.

The rest of the spam comment, the silly “I’ve been browsing 3 hours today!” garbage, is merely a strategy to try to evade automated comment filters, like Akismet (which is commonly used here on WordPress), by making the comment look as close to human-generated as possible. The banal chatter and half-assed compliments are generated by a random algorithm from a menu of pre-scripted text with various fields where different words can be generated. This is done because most comment filters seek to block comments that are obviously repetitive of other comments. It doesn’t work very much of the time, but then again it doesn’t have to. With a tool like TrackBack Submitter, it costs absolutely nothing to send as many comments as you wish to the target blog. If the blog’s spam filter like Akismet stops 99.9% of spam comments that get through, if you send out 10,000 comments, that means 10 will get through. If you’re spamming 1000 blogs an hour, the anchor text is sticking 10,000 times an hour. And your dick pills are, forgive the connotation, slowly rising in the search rankings.

viagra

This is one of the most popular products hawked by spammers who target WordPress blogs.

Not long ago I received a very interesting spam comment that got through the filter. It was a unique comment because something went wrong with the software that posted it, and instead of going through its random algorithm to craft a somewhat human-looking comment from the menu of pre-scripted text, the comment contained the entire script, with the various fields showing all the possible permutations of the words. Curious, I ran some of these permutations as search terms in my spam comment folder. Guess what? Thousands of comments popped up. Almost all of the spam comments I receive on this blog–nearly 400,000 so far–come from a single source, using a single script.

Just for grins I posted a portion of the script below. It’s an illuminating look into the technology of spam. Too bad that technology always seems to be just a split-second ahead of the technology that we, the victims of this deceptive advertising, use to combat it. But in a business that deals in huge volume with little or no cost, a split-second head start is all a spammer needs to blanket the world with their crap.

The photo of Viagra is by Wikimedia Commons user SElefant and is used under GNU Free Documentation License. “Viagra” is a trademark of Pfizer Pharmaceuticals.

__________________________________________________

A portion of a raw spam comment script:

{
{I have|I’ve} been {surfing|browsing} online more than {three|3|2|4} hours today, yet I never found any interesting article like yours.
{It’s|It is} pretty worth enough for me. {In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and
bloggers made good content as you did, the {internet|net|web} will
be {much more|a lot more} useful than ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.

{Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I’ll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch} your {rss|rss feed} as I {can not|can’t} {in finding|find|to find}
your {email|e-mail} subscription {link|hyperlink} or {newsletter|e-newsletter} service.

Do {you have|you’ve} any? {Please|Kindly} {allow|permit|let} me {realize|recognize|understand|recognise|know}
{so that|in order that} I {may just|may|could} subscribe.
Thanks.|
{It is|It’s} {appropriate|perfect|the best} time to make some
plans for the future and {it is|it’s} time to
be happy. {I have|I’ve} read this post and if I could I {want to|wish to|desire to}
suggest you {few|some} interesting things or {advice|suggestions|tips}.
{Perhaps|Maybe} you {could|can} write next articles referring to this article.
I {want to|wish to|desire to} read {more|even more} things about it!|
{It is|It’s} {appropriate|perfect|the best}
time to make {a few|some} plans for {the future|the longer term|the
long run} and {it is|it’s} time to be happy. {I have|I’ve} {read|learn} this {post|submit|publish|put
up} and if I {may just|may|could} I {want to|wish to|desire
to} {suggest|recommend|counsel} you {few|some} {interesting|fascinating|attention-grabbing} {things|issues} or {advice|suggestions|tips}.
{Perhaps|Maybe} you {could|can} write {next|subsequent} articles {relating to|referring to|regarding} this
article. I {want to|wish to|desire to} {read|learn} {more|even more} {things|issues} {approximately|about} it!|
{I have|I’ve} been {surfing|browsing} {online|on-line}
{more than|greater than} {three|3} hours {these days|nowadays|today|lately|as of late}, {yet|but}
I {never|by no means} {found|discovered} any {interesting|fascinating|attention-grabbing} article like yours.
{It’s|It is} {lovely|pretty|beautiful} {worth|value|price} {enough|sufficient} for me.

{In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and bloggers made
{just right|good|excellent} {content|content material} as
{you did|you probably did}, the {internet|net|web} {will
be|shall be|might be|will probably be|can be|will likely be} {much more|a lot more} {useful|helpful} than
ever before.|
Ahaa, its {nice|pleasant|good|fastidious} {discussion|conversation|dialogue} {regarding|concerning|about|on the topic of} this
{article|post|piece of writing|paragraph} {here|at this place} at this {blog|weblog|webpage|website|web site}, I have read
all that, so {now|at this time} me also commenting {here|at this place}.|
I am sure this {article|post|piece of writing|paragraph}
has touched all the internet {users|people|viewers|visitors}, its
really really {nice|pleasant|good|fastidious} {article|post|piece of writing|paragraph} on building
up new {blog|weblog|webpage|website|web site}.|
Wow, this {article|post|piece of writing|paragraph} is {nice|pleasant|good|fastidious}, my {sister|younger sister} is analyzing {such|these|these
kinds of} things, {so|thus|therefore} I am going to {tell|inform|let know|convey} her.|
{Saved as a favorite|bookmarked!!}, {I really like|I like|I love} {your blog|your site|your web site|your website}!|
Way cool! Some {very|extremely} valid points! I appreciate you {writing this|penning this} {article|post|write-up} {and the|and also the|plus the} rest of the {site is|website is} {also very|extremely|very|also
really|really} good.|
Hi, {I do believe|I do think} {this is an excellent|this is a great} {blog|website|web site|site}.

Advertisements