A 2012 Post

This year’s post is a quick note about spam . . . one of the few constants in a changing

universe. Spam, as you no doubt know, is a one-way communication whose purpose is to forward an agenda. It may read like a baboon typed it, but any links within direct anyone unfortunate to click them to

  • materially benefit the spammer in some minor fashion, or
  • (more likely) land on a hijacked website packed with malware, trojans, viruses and other unsavory nastiness

Last month (June), over 1700 spam ‘comments’ were posted here.  Here. A website that’s been inactive for years. Thus far, July has seen over 1200. This isn’t extraordinary by any stretch; in 2008, back when I was actively updating this site, wiseandfoolish.com received 77,700 spam comments.

Fortunately, WordPress’s Akismet plugin filters most of it out, but the ones it is uncertain about — the ones that could be actual comments — it leaves for a human to approve or trash.

Errors in judgement happen. This is why you see some bizarre comments to posts on otherwise sensible mainstream sites. Unfortunately, the links on those comments are typically active.

One reason why bad comments are passed through has to do with their apparent harmlessness; these days, most spam comments actually make sense, and are typically written to gently compliment or gently chide the article author. Back in 2008, Akismet didn’t have to work as hard; spam comments were often cut-and-paste sentences slapped together programmatically . . . the spammers weren’t even trying.

Now, however, they’ve become subtle. Consider:

It has been a pleasure searchingyour post! Keep up the goodwork! Will visit again soon enough.

Regards

Well. A pleasure! The comment seems valid, and only marginally erroneous (‘goodwork’ and ‘searchingyour’). But the link the poster left leads to a UK eBay online store page which presumably is harmless (but is going to stay unclicked from this end). This alone wouldn’t disqualify it from being legitimate . . . I tend to go the extra mile and apply the Google test.

To do this, copy the comment and paste it into Google. Stand back. (You may have to tell Google to search for the exact phrase if the comment has misspellings).

Surprise! My comment poster has written the exact phrase elsewhere. If blog owners are vigilant, there will only be a few returns from the search . . . if the spam was convincing, however, you may see several.

This one, for instance:

Great goods from you, man. I have understand your stuff previous to and you’re just extremely wonderful.

Many returns follow that search, but many more happen if you copy and paste everything but the last word in the sentence. It seems a clever programmer has made the terminating adjective a variable . . . “you’re just extremely %insertGushingAdjectiveHere%.” (for what it’s worth, the “Regards” in the comment above this one may instead be “Cheers”, et cetera.)

A hint to how this is actually accomplished (it is, not surprisingly, programmatic) may be seen in other comments which were badly coded. This was the text of the first comment:

those who|if you happen to} {continue|proceed} this {in future}

. . . and the second:

am} {satisfied|glad|happy} {that you|that you simply|that you just}

As the script runs, it decides which word to insert when it hits the brackets. In so doing, it reduces the returned hits when a blog admin investigates via Google, and — possibly — introduces enough dissimilarity into the text to squeak it past Akismet’s filter.

So . . . what’s the big deal? These days, spam comments aren’t provided by blog readers, they’re mostly supplied by botnets of infected computers looping through lists of blogs, much like a telemarketer’s computer loops through a list of phone numbers. It’s nothing personal.

But that’s my point. Blog comments are meant to be personal . . . a means of feedback to blog writers, as well as a mini-forum where public discussion on article topics can occur. They’re not meant to backlink your nothing-but-affiliate-and-Adsense-links site or turn readers’ computers into infected zombies controlled from Eastern Europe and China. Really.

But because most comments awaiting blog administrator review are exactly that, legitimate comments from actual readers get buried in mountains of script-generated rubbish. With zero discerned legitimate feedback, blog authors can get discouraged.

Some of ’em might not write anything for years. 😉