Saturday, April 26, 2014

Spammers, And Content / Risk Management

Spammers protect their content against "unfair" deletion, and provide uninterrupted service to their "customers", by publishing multiple blogs, in spam blog farms.

The better planned blog farms minimise the risk to their blogs, by separating the hacking / porn / spam content (Payload), from the immediately visible Blogger blogs (Collector). Spammers use 3 groups of blogs, in their spam farms.
  • Collector blogs.
  • Distributor blogs.
  • Payload blogs.
Only the Payload blogs contain detectable hacking / porn / spam material - and only the Collector blogs are immediately visible to the abuse detection processes.

The Collector blogs (lots of these) link to the Distributor blogs (many of these), which link to the Payload blogs (a few of these). This is good risk management, by the spammers.

In some cases, the Payload "blogs" might be non Google websites. Content hosts which have no objection to hacking / porn / spam content can host the Payload, with no risk.

Risk levels differ, according to content in each blog.
  • Payloads (much risk, because of the detectable hacking / porn / spam content).
  • Collectors (some risk, because of the detectable ads - plus invisible, automated links, to the Distributors).
  • Distributors (little risk, only because of the invisible, automated links, to the Payloads).
As an example, one spam blog farm might be structured in geometrical progression.
Collectors (25) --> Distributors (5) --> Payload (1).
See the triangular structure, and the redundancy?

If automated links were permitted, only the Gateway blogs would be need to be advertised, to Blogger blog readers. If any of the Collector and / or Distributor blogs are detected and removed, the spammer can simply activate more blogs - and the Payload blogs can remain undisturbed.

If any Payload blogs are detected and removed, the spammer simply adds more Payload blogs - then updates the links in the Distributor blogs, with the URLs of the new Payloads. This is good project and risk management.

To interfere with this activity, Blogger prohibits automated linkage of blogs to other blogs and to non Google websites. This forces the spammers to provide visible links between the blogs and websites - and requires them to imaginatively publish both "legitimate" Collectors and Distributors with interesting and unique content and links.

>> Top

1 comment:

Annie @ knitsofacto said...

Some of my readers are reporting hearing a short blast of music when they open my and other Blogger blogs in a variety of browsers, and I've experienced the same both on my own blog and elsewhere. I'm assuming this blast of song is coming from an invisible ad. Malware checks etc. reveal nothing, although using Google Chrome to inspect the page source I did see a 3across.com iframe that I didn't recognise. Is it possible for spammers to embed invisible links in Blogger blogs somehow?