Lately I’ve noticed some new and disturbing trends in blog spamming techniques. Among the most prevalent are commenters who spend time building up a considerable number of comment back links on a seemingly non-commercial site in order to later convert that site into a commercial free-for-all.
This behavior is inherently unethical. Bloggers, like myself, only allow links to be associated with commenter’s names for the purpose of getting to know who they are, not so our visitors will follow links only to be subjected to commercial solicitation. Posing as legitimate is nothing new, spammers have been faking regular commenter names for a while now.
Donncha has recently noted that a good way to determine if a comment is Spam is to look and see where the spammer came from. If you pay attention to your e-mail notifications you can use his Comment Referrer plugin and clearly see when someone arrived on your blog as a result of a search for specific keywords. Any time you see that, you ruthlessly mark the comment as SPAM (I think Akismet should actually do it automatically)!
Unfortunately those of us that moderate comments by hand on the Edit Comments page don’t get the benefit of seeing where the comment came from to help make the determination as the plugin doesn’t store the data. (Perhaps someone can add that function to Donncha’s referrer plugin?) So instead we have to use the tools at our disposal. And one of those tools is the IP address.
I’ve got a situation right now where I have at least two different commenters with legitimate sounding names, leaving legitimate sounding comments (but very short and very frequent), and both linking to blogs that have nothing more than a “coming soon” page on them. That raised a red flag with me. Seems like if you don’t have a site yet, you don’t need a link. Who knows what is going to be added to that later…
So, after doing an IP trace route on the comments, it turns out they are coming from the exact same locale in Dearborn, Michigan. I don’t know about you, but that’s just too coincidental for me.
Additionally, I did a Whois and the domains are registered to completely different people. So, with all of those red flags I had to remove all their comments and mark them as Spam.
In a separate but related instance I noticed that two other fairly regular commenters here, who seemingly had no ties to one another, all of a sudden had commercial advertising between one another’s sites. This is in addition to the fact that those sites, which previously appeared benign, were beginning to appear very commercially motivated.
Again, I decided to do a little investigation and found that the Whois data reported they were owned by people whose names did not even match the domain, and Trace Route data indicated that these comments are coming from India – from two “women” with absolutely American sounding names… yeah, right. So in keeping with tradition all of those comments are now gone as well.
The moral to this story is that spammers are now beginning to develop personas and plan way ahead in order to build up traction to commercialize a site, and they have zero respect for legitimate authors with a hard earned Web presence. Bloggers need to keep a constant vigil on not only new commenters, but old comments as well. In addition, I have a feeling that my Top Commenter’s plugin is contributing to the fact that these leaches are targeting OMB, so I’ll likely be adding the “nofollow” attribute soon.