Over at Imperva, an online security firm, they have put up a fascinating Acrobat document showing how spam comments are made with automated tools. It is well worth reading for anyone who runs a blog and wonders how or why all the fake comments with links flood in.
Of course it mostly boils down to trying to elevate rankings of websites in Google’s search engine, surprise, surprise. Particularly interesting is the small percentage of sources responsible for most of the spam. I have no doubt automated tools like the ones shown in the report are used to generate fake referrals as well.
One of the things I’ve wondered about is how the text is composed for the comments and figured they just rotated prefabricated scripts. It turns out it is more complicated than that, using software to generate topically correct comments to get past filters or Google’s spam detection.
Most of the comment spam aimed at this blog isn’t that sophisticated, however. Usually it is blatant attempts to sell drugs, sex, and shoes. What, you were expecting rock and roll? Yeah, it is disappointingly unoriginal.
Ironic that I’d run into this just after marveling how an article at Wired was over run by comment spam. You’d think a big website would have their act together, but that clearly wasn’t the case. Anyway, thought this would be of interest and I hope they keep the report up for posterity.
2 comments:
I noticed that I didn't get comments with links after stating I didn't something among the lines of spam links in the comment description box. I've been getting less comments but legitimate ones.
I don't know if this is a way to discourage spam that aren't automated... though I can't say for sure that I haven't ever received automated spam comments before.
Yeah, it can be hard to tell, some of them are pretty convincing at first glance.
Also, I think it varies from blog to blog and might have to do with the subjects written about. Lately a more spam comments have been in Japanese, which makes me suspect a tool was used to search for blogs related to anime or kaiju.
I see a lot of what is normally sent straight to the spam box by Blogger due to having approval for all comments enabled. A few make it past that, but most are caught. About 5-8 attempts to spam posts are made per day on this blog.
Post a Comment