I had a problem with SPAM comments some time ago. After trying a few defence mechanisms I finally settled on forcing people to log in. Recently I saw a revival of the SPAM comments. Of course this time I know the identity of the people leaving the stupid comments. I would threaten to leave junk comments upon their blogs - but this would not deter them (they might welcome the extra traffic).
At the moment I am deleting the SPAM comments shortly after they are left, but if the problem doesn't go away I might be forced to introduce comment moderation.
As they say It is an ill wind that blows no good. While I was deleting the SPAM comments I noticed that my home weather station has been off line since 14th of August. Hopefully I will be bringing it back on line again soon.
Showing posts with label SPAM. Show all posts
Showing posts with label SPAM. Show all posts
Tuesday, September 3, 2013
Sunday, August 19, 2012
Update on SPAM Comments
I notice that the number of SPAM comments being left on my blog has reduced dramatically since I introduced the CAPTCHA test. However, the problem has not gone away completely which tends to confirm my suspicion that the attack is being launched by a semi-automated process. I think that a fully automated process would not be able to breach the CAPTCHA system, but a recent comment (which was automatically detected as SPAM) is a brilliant example of why it must be an automated system:
This could be a boost to my ego because I am proud to boast about my expertise in a wide range of subjects, but %PAGE_TITLE% is not one of the areas that I claim expertise.
Since the CAPTCHA is not being totally effective in blocking the SPAM, I will disable it. Instead I will force users to register for an account in order to leave a comment. In addition I have enabled a rule whereby comments have to be approved before becoming visible on old posts (most genuine comments are left fairly soon after the post is initially published).
This blog is wonderful. You are clearly and expert in %PAGE_TITLE%. I have shared this post with all of my colleagues ...
This could be a boost to my ego because I am proud to boast about my expertise in a wide range of subjects, but %PAGE_TITLE% is not one of the areas that I claim expertise.
Since the CAPTCHA is not being totally effective in blocking the SPAM, I will disable it. Instead I will force users to register for an account in order to leave a comment. In addition I have enabled a rule whereby comments have to be approved before becoming visible on old posts (most genuine comments are left fairly soon after the post is initially published).
Friday, August 10, 2012
Recognising SPAM comments on blogs
Like anyone who has been using the Internet I have often received SPAM emails, but it was only recently I encountered SPAM comments on my blog. The content of SPAM comments on blogs is very different from the content of SPAM emails and so I didn't instantly recognise what was happening - luckily Google has more experience of such practices and they immediately removed the SPAM comments before I even got to look at it.
SPAM emails typically try to trick the receiver to part with some money and/or click on a link which will infect your computer with some malware. The content is not always offensive, but it is certainly embarrassing to read about some of the alleged services being offered. Very few people who read a SPAM email would confuse it with a genuine email, but of course if the spammers send out enough emails they will surely find someone foolish enough to be tricked.
When I first established this blog, I was given the choice of implementing a policy that all comments would have to be approved by me before becoming visible on the site. I decided not to implement this policy because I was not too worried about the type of comments that user would leave. Until recently, my confidence in human nature was repaid and none of the hundreds of comments left over the last few years were comments that I would not have approved if I was reviewing them.
Since the same word is used for SPAM emails and SPAM comments, I foolishly thought that the content would be similar. However I recently discovered that the content of SPAM comments is surprisingly different from email SPAM, because all the authors are trying to do is manipulate their Google page rank by posting a link to their site on your blog. As a result the SPAM comment will deliberately be crafted to look at first glance as close as possible to a real comment.
My knowledge of the topic this changed about a 2 weeks ago ago when I received notification about a few surprisingly complimentary comments left on my blog. These comments were praising the quality of my writing and although I was surprised at how gushing the praise was, I didn't initially suspect that anything untoward was happening (bloggers typically have an inflated self-image and so I suppose it is not surprising that blog authors will often accept such praise at face value). However, when the trickle of such comments grew larger my suspicions arose and I began to look a little closer.
None of the comments were duplicates of each other, but they all followed a pattern. The comments were gushing in praise about the quality of the blog, but they would refrain from specifying what exactly made the content interesting (presumably because the comments were being left by some semi-automated process that doesn't involve actually reading the content). The comments would all end up with a line like "you might also be interested to read my blog" and then they would provide a link to their own site (but of course genuine comments also frequently end with a line like that).
When this flood of comments started, I was on vacation without convenient access to the internet. Therefore, about a week had passed before I investigated and about 40 of these comments had been left. Luckily the Google Blogger platform was intelligent enough to catch all but 2 of these as SPAM without me having to do anything. When I then reviewed all the comments from the previous year and I found only one which was a previous incidence of the same pattern (my naive self was pleasantly suprised at the praise, but my new Jaundiced eye brought me down to earth). So clearly my blog has been added to some list of "easy targets" for comment SPAM.
In the meantime, the flow of SPAM comments continues to grow even more frequent. Although it is good that the blogger platform automatically categorises them as SPAM and hides them, it is still a nuisance that I can do without. Therefore I have been forced to implement a captcha system to slow the flood.
I personally hate captchas because I find them very difficult to complete (perhaps it is my fading eyesight). However, I think that I will need to leave this defence mechanism in place for a while until the spammers go away to softer targets.
SPAM emails typically try to trick the receiver to part with some money and/or click on a link which will infect your computer with some malware. The content is not always offensive, but it is certainly embarrassing to read about some of the alleged services being offered. Very few people who read a SPAM email would confuse it with a genuine email, but of course if the spammers send out enough emails they will surely find someone foolish enough to be tricked.
When I first established this blog, I was given the choice of implementing a policy that all comments would have to be approved by me before becoming visible on the site. I decided not to implement this policy because I was not too worried about the type of comments that user would leave. Until recently, my confidence in human nature was repaid and none of the hundreds of comments left over the last few years were comments that I would not have approved if I was reviewing them.
Since the same word is used for SPAM emails and SPAM comments, I foolishly thought that the content would be similar. However I recently discovered that the content of SPAM comments is surprisingly different from email SPAM, because all the authors are trying to do is manipulate their Google page rank by posting a link to their site on your blog. As a result the SPAM comment will deliberately be crafted to look at first glance as close as possible to a real comment.
My knowledge of the topic this changed about a 2 weeks ago ago when I received notification about a few surprisingly complimentary comments left on my blog. These comments were praising the quality of my writing and although I was surprised at how gushing the praise was, I didn't initially suspect that anything untoward was happening (bloggers typically have an inflated self-image and so I suppose it is not surprising that blog authors will often accept such praise at face value). However, when the trickle of such comments grew larger my suspicions arose and I began to look a little closer.
None of the comments were duplicates of each other, but they all followed a pattern. The comments were gushing in praise about the quality of the blog, but they would refrain from specifying what exactly made the content interesting (presumably because the comments were being left by some semi-automated process that doesn't involve actually reading the content). The comments would all end up with a line like "you might also be interested to read my blog" and then they would provide a link to their own site (but of course genuine comments also frequently end with a line like that).
When this flood of comments started, I was on vacation without convenient access to the internet. Therefore, about a week had passed before I investigated and about 40 of these comments had been left. Luckily the Google Blogger platform was intelligent enough to catch all but 2 of these as SPAM without me having to do anything. When I then reviewed all the comments from the previous year and I found only one which was a previous incidence of the same pattern (my naive self was pleasantly suprised at the praise, but my new Jaundiced eye brought me down to earth). So clearly my blog has been added to some list of "easy targets" for comment SPAM.
 |
| A sample CAPTHA |
I personally hate captchas because I find them very difficult to complete (perhaps it is my fading eyesight). However, I think that I will need to leave this defence mechanism in place for a while until the spammers go away to softer targets.
Subscribe to:
Comments (Atom)