Are You Noticing An Increase In Blogspam Too?

For fans who read the BlogHerald, you might notice over the past few weeks a noticeable increase in blogspam, both in volume and variety. We’re running a combination of Spam Karma 2 and Akismet, but a whole lot still gets through.

I have noticed two particularly interesting kinds of spam, as I have been hand deleting comments of late.


1. Worthless Identical Comments: We’ve been hit recently with a lot of spam that comes from a few select IP’s, but they almost always have the same content. Its some variation of

“This is exactly what I expected to find out after reading the title *insert <title> of your post here*. Thanks for informative article”

or

“Hey! Nice blog posting about *insert <title> of your post here* I would have to agree with you on this one. I am going to look more into . This Thursday I have time.”

or the frequent favourite

“Superb write up talking about *insert <title> of your post here*. Thoroughly love your blog.”

Now the apparently puzzling phenomenon here is that quite often none of these comments have a URL attached to it; the traditional thinking has been that comment spam serves to artificially inflate the number of trackbacks to a particular URL, even if the rel=nofollow is on. What purpose does a non-URL’d piece of blogspam serve? Well, one theory that’s popular (and one that I subscribe to), is that there is still an IP that is attached to each comment; by allowing these seemingly benign comments through, you’re almost ‘white-listing’ these IP’s, so that when “real” blogspam comes, they aren’t automatically flagged.

Bottom line is that no matter what the reason why blogspammers are doing what they’re doing, the current practice I’ve adopted is that if it looks like blogspam, smells like blogspam, and acts like blogspam, then it gets deleted like blogspam. In this particular case, the current practice here is that if I see a whole bunch of comments that look the same, they get put in the same bin.

A few IP’s that keep on propagating the above non-sense have been blacklisted by me (through SK2), and you might want to keep a watch out for them as well:

 

72.232.123.175
72.52.145.58
70.86.43.130
64.22.110.34
64.22.107.90

 

2. High Granular Spam: Now, by this, I’m referring to how Spam Karma 2 recognizes past commenters through the “Snowball Effect”. That is, it tends to give commenters points based on how ‘valid’ their past posts have been, with the thinking that commenters who have always given ‘valid’ posts aren’t likely to post spammy ones in the future. Unfortunately, one way that it SK2 recognizes ‘valid’ posts is through the IP and URL of the commenter. We’ve been getting a lot of traditional spam recently that gets through SK2 precisely because the URL comes from Blogspot.com, where it gets a ton of points (granularity).

I’d love to comment on how stuff like this gets through Akismet, but since there are no FAQs on exactly how it works (or, provides a cookie trail for the stuff it moderates and stuff it doesn’t), I’m not able to. If anyone has any insights on this please don’t hesitate to leave a comment.

For future reference, however, we will simply through into the moderation queue any comments that contain the word phentermine, viagra, cialis, ambien, meridia and combinations thereof, and we will likely be turning *off* the Snowball effect for the time being, as a function for SK2.

If anyone has any other experiences with the rise of Blogspam, I’d love to hear about it (and commiserate) as well — do you find that more is slipping through? Has the quality of blogspam changed? And more importantly, does anyone know why this might be?

Like & Share this Article

Comments

  1. says

    Even as small as I am, I am getting a lot of the ones you noted in #1. Fortunately, my Spam Karma puts them in the que. So big and small are getting them. Odd yes.

  2. says

    I learned on Twitter that two pretty high ranking bloggers in my circle have been inundated with spam — they both run on TypePad. I have also received weird comments marketing or pitching products that had nothing to do with the post. My delete button is the fastest this side of the West ;-)

  3. says

    I left what I thought was a legit comment and saw that it got deleted. Maybe it was what I said, maybe it was because I used my site’s name as my name. Only you know the answer to that one.

    Guess I still have some stuff to learn.

  4. says

    I noticed an increase in spam on my blog too. I also use a combination of Spam Karma 2 and Akismet but lately there is a lot of spam coming through.

    I receive spam of a different category, which I refer to as splog portal spam. This kind of spam is easy to recognize as the URL in the trackback is always a generic php page such as mywebsiteisgood4you.com/?p=538
    Such URLs trigger my spam alert immediately.

  5. says

    Akismet’s recipe is secret but it “learns” which is the best part. What gets through is usually “new” so by marking it, the information is added to the database through the Plugin.

    Remember, comment spammers, like email spammers, are working overtime to make sure their crap gets to see the light of day. It isn’t just about the link juice. That’s old think. What isn’t is that people are still clicking these, even if it is to determine if it is indeed comment spam or because they are ignorant.

    We have to work overtime to fight back. That means supporting those who help us fight back, like Akismet (when was the last time you “paid” for it?), Bad Behavior, and Spam Karma. These “free” tools are invaluable for cutting back the spams to a few.

    We have to pay attention and monitor comments daily.

    We have to be vigilant and constantly search for “X wrote an interesting post about” which is typically a splog trackback, which contains words within the post itself and usually skips through because it “looks” good. These need to be killed off as they are also cluttering the web for link juice and ad revenue without adding content, even though their usage of your content is within copyright standards.

    These are our blogs and we have the right to choose who we allow to trackback and comment on our blogs, and I say splog trackbacks, justifiable or not, are not welcome.

    Good for the Blog Herald for jumping on this issue to protect their readers from comment spam, and helping others understand the importance of such actions.

  6. says

    I also get a bunch of bad requests to my WordPress blog like so:
    Refering link: http://docwhat.gerf.org/newuser.php
    Bad link: /newuser.php

    Which is goofy. There is no referring page “/newuser.php” Something is trying to pretend to come from the page they are at to register a new user. I’m not sure what blog platform newuser.php is for, but it’s not mine. :-/

    I keep thinking I should get some sort of spam blocking software where I could add this ip address as a must moderate ip address…

    Askimet seems to be working well enough, but my blog is just personal…

    Ciao!

  7. says

    I just got a ton in the last few days from the same IP address, and a lot of them didn’t have a website… but I think maybe the spammer just forgot, because there’s some before that from same IP and same style (Hey, I googled for and found your page ) that have links. So, maybe just forgetful spammer? Akismet caught all of them (about 100 in 3 days) and I just added the IP to .htaccess . Actually found this page by googling the IP :D

Trackbacks

  1. Are You Noticing An Increase In Blogspam Too?

    [Source: The Blog Herald] quoted: Bottom line is that no matter what the reason why blogspammers are doing what they’re doing, the current practice I’ve adopted is that if it looks like blogspam, smells like blogspam, and acts like blogspam…

Leave a Reply

Your email address will not be published. Required fields are marked *