A New Breed of Spam

I haven’t had much opportunity to post lately, as I’ve been spending my free time working on some graphic design stuff for the site at large. Graphic design is not my forte, so playing with pixels and crop and MS Paint takes up more of my time than I would like. But I thought I’d throw this one out there as a quick reference for anyone in the blogosphere that might be interested.

The amount of SPAM that hits my blog kind of ebbs and flows, and I’d been in a merciful ebb until about a week ago. As a matter of principle, I prefer not to queue comments for approval or place any kind of restrictions that would keep people from posting. I don’t use captchas or Akismet or anything like that.

Generally, SPAM is fairly easy to recognize. In its most rudimentary form it includes a link or series of links and nothing besides. Sometimes it includes garbage characters and links and other times, it’s complimentary posts that include links. I take these on a case by case basis, deleting them when there’s some obvious agenda or leaving them if they seem like strange comments but include no links or anything of that nature.

Recently, however, a series of posts have started to come in that follow a distinct pattern. They’ll include some insipid compliment not referring to the content at all, and contain exactly one misspelled word. So something like, “Wow, great contnet!” The other defining characteristic is that they all register a URL to a popular site–google, facebook, yahoo, etc. In essence, harmless as far as SPAM goes–no link to something unsavory, no obvious attempt to game search engines, etc.

I pondered this a bit as I’d delete them–they come in a lot at a time. And I think I get what the game is. I believe they’re sending out feelers to test whether or not a blog has some kind of automated SPAM blocking so that they can target blogs that won’t get their IP addresses black-listed on anti-SPAM rolls of sites like Akismet. The misspelled words make it a lot easier for some automated web crawling utility to go find the spammer’s handiwork, and the harmless links tell them whether or not the blog in question will even allow them to ply their trade. Basically, the spammer or spammers try to create something that is borderline enough to trigger SPAM protection if it’s there, but not so blatant as to be classified as a real threat.

These things tend to come in volleys. I spent a few days deleting such comments every 10 minutes, and that got tiresome enough that I installed the Defensio plugin, which seems great so far. It’s free and very configurable, and it allows you to review all blocked and non-blocked comments to give it feedback. So far, it’s blocked something like 50 messages with 0 false positives and only 1 false negative. I didn’t really want to go this route, but the manual labor was getting tiresome and at least I can tell this tool if it got things wrong, so the worst case scenario is that someone’s comment is held for moderation temporarily (and my apologies if that happens to anyone).

It’s sad that we have to worry about these things, but c’est la vie, I suppose.