An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Saturday, June 08, 2013

Comment Spam And Referer Spam Has Various Purposes

One of the most intriguing subjects discussed in Blogger Help Forum: Something Is Broken involves the seemingly purposeless spam which torments us in our comments and our Stats logs.
I see this random garbage on my blog - and the sites advertised are complete junk. Is there any actual reason for this?

Interestingly, both nice blog spam (in our comments), and referer spam (in our Stats logs), have purposes - though with the continually varying content used in both, it all looks very much like random garbage.

If we analyse the content, structure, and volume of the various spam attacks, we can see patterns - and an understanding of the overall purpose of the spam.

Both our comments - and our Stats logs - are continually assaulted by seemingly random and useless noise, in large volume. This is similar to the random spam which attacks our email.

If you look at enough comment and Stats log spam, you will start to see patterns - and reasons for the spam. The spam, though apparently random in content, is not purposeless.

First, some warning may be appropriate.
  1. If you wish to examine the sites advertised in comment or referer spam, learn to use a proxy server.
  2. Unless you are a computer security expert, with a properly protected (or intentionally sacrificial) computer, do not surf these sites advertised, using an unprotected computer. Avoidance is the best way to protect yourself.
  3. If you do, even inadvertently, surf a comment or referer spam site, quarantine and scan your computer as soon as convenient. If you must surf the sites advertised, while unprotected, diagnosis is the next best way to protect yourself (and others around you).

Examining the comment and Stats based spam diagnostically, you'll see various purposes behind the spam.
  • Spam delivery. It is called "comment spam" / "referer spam", after all.
  • Malware delivery. This is the secondary purpose, known by many people - and the reason why I provide the above advice.
  • Attacks against third party, non spammers. Various third party blogs and websites, who do not subscribe to the service, may be maliciously targeted, by some spam.
  • Strategic malware delivery. Some malware may be packaged in portions, delivered through multiple attacks.
  • Filter poisoning. Some spam may be simply intended to overwhelm the malware / spam detection systems.
  • Email address mining. Some very special comment spam, which I call "Nice Blog" spam, is a very imaginative email address mining technique.

The best way to identify comment and referer spam may be to simply follow the various forum discussions - and observe which spam techniques are reported by multiple blog owners, being assaulted in identical style. As the old saying goes,
If it quacks, it's probably a duck.

>> Top

Dude, hit me with a comment!

Darnell J Knauss said...

I think I recently saw a post from you about Blogger deciding one's blog is offensive or otherwise needs to be shut down and that it sometimes happens to innocent people without warning. Then I see all these referer spam URLS in my stats and I break out in a sweat thinking Blogger will somehow kill my blog. Can you reassure me again that I don't need to worry about this. I know enough never to click on any of these bleeps. It's like telemarketers on your phone, I guess, but honestly, there oughta be a law. Oh, wait, there is one for phones and it's worthless. I took a print screen of my stats just now if you want to see it. You only have a billion comments to look at and answer ... Darnell (djkardkreations.com)