Author Bloggingg 101: The Evolution of SPAM

by Joel Friedlander on October 1, 2012 · 41 comments

Post image for Author Bloggingg 101: The Evolution of SPAM

When you search out great content for other people, you spend a lot of time surfing websites and author blogs to gather the best articles you can find.

A couple of weeks ago I was on an author’s blog and noticed a series of comments that sounded oddly familiar. In each case the commenter had paid a flattering if somewhat vague compliment to the blogger about how good the piece was and, in each case the blogger had responded.

The problem was, as I realized a moment later, that the poor blogger was having a conversation with spam comments. There was no interested and grateful reader behind the comments. I know because I had seen them before, trapped in my spam filter.

After thinking about it for a minute, I left a note for the blogger to let her know what was going on. I have to say I felt a bit guilty because new bloggers—yes, I remember this quite clearly—are really, really grateful for anyone who will comment on their posts.

Then they can practice all that reader engagement they’ve been reading about, treating commenters with grace and appreciation.

Oh well. Had to be done, I told myself. Better off in the end.

Not Your Big Brother’s Spam

Spam is generally considered to be unsolicited commercial messages, typically emails from online pharmacies, Nigerian princes trying to recover their vast fortunes, or announcements that you’ve won a free trip to Dubai.

Spam blog comments are the work of automated programs that deposit identical messages on blogs wherever they can, hoping that one person in a thousand, or in ten thousand, or maybe one person in a million will click the link behind the commenter’s name and end up on a sales page for Viagra or whatever the craze of the moment happens to be.

Lately we’ve been getting a lot of spam for Louis Vitton luggage. Go figure.

What’s interesting is that as the tools we use to keep spam under control continue to improve, the spammers try to stay a step ahead.

For instance, here’s a spam comment that made it through the spam filter on my blog the other day:

Definitely believe that which you said. Your favorite justification appeared to be on the internet the simplest thing to be aware of. I say to you, I certainly get irked while people consider worries that they plainly don’t know about. You managed to hit the nail upon the top and also defined out the whole thing without having side-effects , people could take a signal. Will probably be back to get more. Thanks

This was linked to a site offering sushi delivery. Here’s another one:

I do consider all the concepts you have introduced for your post.
They’re really convincing and can certainly work. Still, the posts are too short for novices. May you please extend them a bit from subsequent time? Thanks for the post.

This one leads you to a site that my browser refuses to load for “security reasons.”

You seeing the pattern here? I don’t want you to get fooled by these people and start responding to these comments like they are real.

Here’s one more that managed to elude the spam filter:

Hey excellent blog! Does running a blog like this take a large amount of work? I’ve no expertise in programming but I was hoping to start my own blog in the near future. Anyhow, should you have any ideas or techniques for new blog owners please share. I know this is off topic nevertheless I just needed to ask. Cheers!

This one linked to a site selling supplemental Medicare insurance.

How Bloggers Prevent Spam

If you value your readers and the interactions you have with them, you’ll want to have a strategy for dealing with spam..

There are 2 basic approaches I’ve seen bloggers use, and each has its advantages.

  1. Make commenters prove they are humans and not spamming robots—You can do this in a variety of ways. For instance you can use the Facebook comments system on your blog, and that means anyone who wants to comment will need to be logged into their Facebook account first.

    Other systems use third-party commenting systems like Disqus to authenticate readers while also providing more tools for social media engagement.

    And, of course, we’ve all seen the blogs where you need to answer a question or type in a Catpcha code to get your comment posted. Each of these choices put hurdles in front of commenters and, in the case of requiring logins, discourage anonymous comments. It’s up to you to decide if that’s a good thing for your blog or not.

    Lastly, you can use the ability built into WordPress to moderate comments before they appear on your site. This solution is probably the most time-intensive for the blogger but ensures that nothing you don’t want on your site will get through.

  2. Use a plugin to catch the spam before it goes live—This is the approach I’ve taken on The Book Designer, and it has worked out pretty well.

    I use the Akismet plugin to capture and quarantine spam. Akismet is a project of Automattic, the same company that created WordPress.

    Akismet is updated constantly and made available free of charge for individual bloggers, although commercial versions are also available. It simply moves suspicious comments to the spam folder. It’s then a pretty simple matter to scan through them just to make sure no legitimate comments have gotten caught in there.

    Because they will. There are regular commenters here whose comments almost always end up in spam, or with a request for moderation, simply because they contain a few links. It’s a small price to pay to keep the vast majority of spam comments off your blog.

    Akismet amasses statistics for you as well. Here’s what it reports for this blog as of the writing of this post:

    Akismet has protected your site from 238,859 spam comments already.
    There are 326 comments in your spam queue right now.

    Web-wide, the Akismet site today notes that:

    Akismet

    This chart shows the extent of the problem, too: over 13 times as many spam comments as real (“ham”) ones. If you’re going to blog, you have to deal with this issue one way or another.

    When I set up a new blog or website, the first plugin I install is Akismet, and you might think about doing the same.

    If you’ve never installed a plugin, watch for an upcoming post on plugins that will walk you through it.

    In the mean time, keep emptying your spam, because the spammers will keep trying to trick all the defenses we’ve put up to stop them.

    Photo credit: namestartswithj89 via photopin cc

    Be Sociable, Share!

    { 39 comments… read them below or add one }

    Liz November 15, 2012 at 6:55 am

    This is an awesome post. I use Akismet also. My blog is fairly new so I have not gotten a lot of spam. It seems to come in waves. On one day I will have 38 spam comments in my spam folder and other 0. So far none have made it through. Unfortunately, recently, the comments that I have been leaving for others have been falling victim to their spam folders and I am not sure why. It is really disappointing because I love the interaction. I can assure you I’m no spammer by any means. Once again thank you for the great information. Sorry for the duplicate post.

    Reply

    Lynn Millar October 6, 2012 at 9:56 am

    Spam reads like horoscopes – one ‘very informative’ phrase fits all.

    Reply

    Joel Friedlander October 6, 2012 at 10:31 am

    Oh, that’s good!

    Reply

    Ryan Casey October 4, 2012 at 12:19 pm

    Thanks for highlighting this issue, Joel. Spam is getting rather irritating in that it’s becoming somewhat more convincing (emphasis on the somewhat), like you said.

    Personally, I have a few measures to avoid chatting with the spambots. Firstly, I have Akismet installed on my Wordpress blog. It seems to do a good job of catching things, and although I have heard reports of legitimate comments being thrown in the spam zone, I’ve yet to experience this myself.

    Also, I have to approve comments from all first-time commenters. This helps me keep track of who is real, who is suspicious, etc. I have a look at the website link provided by the spambot sometimes too; often ‘free-ebook.whatever’ rings alarm bells.

    Basically, if a comment looks a bit weird and the source is strange, it’s probably spam. If it ends up being someone legitimate, then it’s not the end of the world, and you can revert the decision to throw it in the spam folder.

    Ryan.

    Reply

    Joel Friedlander October 6, 2012 at 10:31 am

    Good tips, Ryan. I also scan the spam folder only looking at the information on the posters, I don’t even bother looking at the comments. Very easy to spot the real person whose comment got inadvertently stuck in there with all the robots.

    Reply

    Harold Stiver October 3, 2012 at 2:03 pm

    Thanks for another interesting post.

    Some thoughts:

    The first thing I add to a blog site is the Aksimet plugin, and after that is active, spam is virtually eliminated.

    Gmail has a great spam filter although you get a few false negatives.

    Captchas is becoming wretched, I have one site I am a member of which is almost inaccessible because of the difficulty of the required authentication. I am at the point of abandoning it.

    Reply

    Penelope Irving October 3, 2012 at 9:34 am

    I only wish I had this problem yet! I think my blog has so little traffic so far that even the spambots are leaving it contemptuously alone…

    Reply

    Ian October 2, 2012 at 8:36 am

    *laughing*, I am wondering how Michael’s comment “got though”, after mentioning several parts of the anatomy so favored by the spammers!

    Akismet is awesome, way better than the ‘bot’ that works for my regular mail program…

    Reply

    John DuMond October 2, 2012 at 4:36 am

    Wordpress also has a setting for first-comment moderation. The first time someone comments under a particular name/email address, the comment goes into moderation. Once the comment has been approved, subsequent comments from the same individual go through automatically. It’s a bit of an inconvenience for new visitors to your blog, but it allows real-time commenting for “regulars”.

    Reply

    Joel Friedlander October 2, 2012 at 10:28 am

    That’s a great suggestion, John, and might provide a middle ground between wide open comments and the login or moderation option.

    Reply

    Karl October 1, 2012 at 5:03 pm

    One nice thing about these spam-bots: The moronic, brain-dead gibberish they spew out stands as a bit of reassurance that the robot apocalypse isn’t coming any time soon.

    Reply

    Tana Brouillette October 1, 2012 at 8:53 am

    I’ve got to say. If it weren’t for Akismet I would be a goner. It helps save so much time.

    I laughed when I saw the excerpt of the comment you receive. I also get dozens of those a day. Most are just baaarely readable.

    How about the ones that say “Great post, Steve!” and then ramble about something else? I guess they figure “one of those thousands of blog owners that I’ve just spammed has gotta be a Steve.” :P

    Reply

    Joel Friedlander October 1, 2012 at 11:50 am

    Yes, there were a lot to choose from, including the ones completely in some cyrillic alphabet, but these show the new face of SPAM pretty well.

    Reply

    Tracy R. Atkins October 1, 2012 at 8:33 am

    Dear Mr. JoeL, I am Dr. Kofi John Smith and I am writing you today to gain your assistance in recovering $50 Million Pounds Sterling in Viagra pills that are stuck in Nigerian Customs. All I need is a $700 money order, made out to cas…..

    Just kidding..

    Since I switched to Discus, my comment spam has dropped to pretty much zero. I am starting to see spam hitting any forms I have on the site though, like contact forms or requests for ARCs. Completely automated. In addition, phony Wordpress account requests are starting to be a killer too on some blogs I help other people with.

    The worst though are forums. I setup my father-in-law a blog so he could talk about fishing a few years ago. I had installed Simple Machines Forum on the site for him, but he never used it and we forgot about it. A year later, I was looking through analytics (finally) and noticed that he was getting about 20,000 visitors a day to his forum that he never even looked at. Turns out spam bots had setup accounts and it became a huge hub for nasty photos. We toyed with the idea of monetizing it… but cooler heads prevailed and we shut it down.

    -Tracy

    Reply

    Joel Friedlander October 1, 2012 at 11:48 am

    Tracy,

    Did you find that you received less comments after going to Disqus? I would be interested in your results. It seems to be the favority third-party commenting system, so I’m sure other readers would be interested also.

    Reply

    Tracy R. Atkins October 1, 2012 at 12:11 pm

    I have had a couple of blogs over the years personally, and setup for other people. Most were smaller volume, though some a few hundred a day.

    Now, using the Wordpress Comment system for many sites, I always had a TON of spam. Akismet would capture a bunch of it. Actual user comments would be minimal. Early on, I was even fooled with several of them. I would say Akismet caught 95% of them, though some still got through. Without Akismet.. well.. i don’t even want to try to tackle that one..

    On my author blog, I started with Discus right off the bat, since I’m used to using it already on major sites around the web. My comment volume is low, but all seem to be real people with real conversation. Using discus on other sites, I see virtually no spam that isn’t human-hand entered (live). (You can use Akismet with Discus too, if i’m not mistaken, though i dont)

    So, I feel much more confident and zero hassle with my Author blog, compared to the crap I had to deal with on other sites using wordpress’ built in system.

    In all, the volume of my author blog with discus, compared to a similar blog I ran using wordpress comments, I get about the same number of legit comments. However, the spam is nothing on my blog, when it comes to comments. Again, robots still hit my forms sometimes.

    Reader penetration for Discus seems to be pretty good. Signup is easy and once someone gets an account, it seems to remember you, no matter where you go. Therefore, once you are logged into discus, you can hit your daily websites and blogs and not have to re-authenticate. That is another advantage i like over wordpress, if you use their built in account system. Its a bit a pain.

    Now, it’s not to say Discus is hack-proof, and it certainly isn’t troll proof. I just don’t have a high enough volume to give some firm numbers to compare the two. Nevertheless, my gut feeling and overall satisfaction gives Discus the nod by a wide margin.

    Reply

    Deb Atwood October 1, 2012 at 8:30 am

    I’m really happy with Aksimet. I don’t actually know how it got onto my Wordpress blog, but it works well and only occasionally captures something not spam.

    I hate captcha because, like other posters have mentioned, I find it too difficult. Sometimes captcha provides an easier, visually impaired option (I’m not visually impaired), and I have even failed that one.

    Reply

    Roger C. Parker October 1, 2012 at 8:23 am

    Dear Joel:
    Thanks for sharing this; the problem seems to be growing at a rapid pace.

    As you, and others, have commented; the wording of the spam comments is getting better. They start-out with a fairly targeted phrase, then you notice the Wild Girls of Daytona url.

    As you said, it’s important to be extra vigilant. Thanks for all you share.
    Roger

    Reply

    Wen Scott October 1, 2012 at 8:10 am

    The latest trickery ( I almost fell for it :-) ) was a request to look into multiple emails a commenter was receiving who checked to receive followup comments when leaving their own. (“Notify me of followup comments via e-mail”) They sincerely hoped I could resolve this issue.

    Trouble is, no one had yet commented on the blog entry, and I hadn’t yet approved their comment.

    Reply

    Joel Friedlander October 1, 2012 at 11:45 am

    Oh, that one is diabolical, glad you spotted it as a ruse, Wen.

    Reply

    B B Shepherd October 1, 2012 at 10:37 pm

    Hahaha…I got that one too, but there isn’t a box for them to check, so my response to them was:
    @backlinks:
    Do not try and click the checkbox. That’s impossible. Instead… only try to realize the truth.
    ‘What truth’ you ask?
    There is no checkbox.

    Reply

    jules older October 1, 2012 at 7:52 am

    Timely article, well done.

    And like Sylvia, I’ve noticed Captchas are getting harder, i.e. more annoying. I suspect being colorblind makes them even worse, but twice lately I’ve simply given up posting my comment.

    Reply

    Sylvia Liu October 1, 2012 at 6:32 am

    Hi Joel, A nice article. As a blogger on Blogger, I find that it has a pretty good spam filter. I don’t like using the Captchas because, as you say, they create friction and are slight barrier that may discourage comments. So far, disabling the Captchas hasn’t resulted in a flood of spam for me. Also, in the last few months, I’ve noticed that the Captchas have gotten much more difficult to read.

    Reply

    Joel Friedlander October 1, 2012 at 11:45 am

    I’ve noticed that also, Sylvia, but I don’t know enough about the Captcha system to speculate why that might be. And I like the fact that people can comment anonymously if they so choose.

    Reply

    Liz Jansen October 1, 2012 at 4:37 am

    Informative article Joel. I too have seen other bloggers “corresponding” with spam. It’s easy to get caught in when starting a blog. I am very thankful for Akismet.

    Reply

    Marina Sofia October 1, 2012 at 3:57 am

    Actually, some of the spam I’ve been getting has been so funny and randomly poetic, that it inspired me to write a poem and a blog post about it! So even bad things can lead to good things! But yes, it can sometimes be tricky to tell whether a comment is genuine or not.

    Reply

    Steve Vernon October 1, 2012 at 2:22 pm

    Me too, Marina. I wrote an entire novella centered around the notion of where all of this spam comes from – combined with Anansi and the heart of all stories. The novella was printed in hardcover and softcover by a small press publisher – and it’s now selling as part of an e-book collection of mine – so I guess that’s the good thing about being a writer. You can take the crap that throws at you and turn it into something profitable.

    Reply

    Steve Vernon October 1, 2012 at 3:40 am

    You know, I’ve noticed that this latest generation of spam has become a little smarter. The messages I used to get usually weren’t germaine to anything I was talking about – or loaded with mispellings – (shoot, did I spell that correctly?) – or just a whole lot of gobbledygook jammed together.

    But these days – as you have already pointed out – the spam has begun to be written by folks who might actually have a grasp of the English language.

    The whole thing is a little Invasion of the Body Snatcher-ish. They look just like us.

    If you want me to elaborate on this just hit the enclosed link and send me your credit card information…

    Reply

    Joel Friedlander October 1, 2012 at 11:43 am

    As soon as my funds arrive from Nigeria, I’ll let you know.

    Reply

    Michael N. Marcus October 1, 2012 at 1:40 am

    I’m not sure if I want to jailbreak my iPad, but I now know that Ugg boots are wonderful, I can save big on women’s Halloween costumes, naked women are waiting to meet me, sexy men want to date me, I can quickly and safely enlarge my breasts and my penis, I can get good prices on Frigidaire parts in Orlando, save half on Christian Louboutin ankle boots… and I’ll never have to pay another electric bill.

    The spam-bots are not very discriminating. I have several dormant blogs and one dormant forum that I have not updated IN YEARS, that are targeted every day. One forum that is still in operation has 236 pieces of spam waiting for me to delete one-by-one. My functioning blogs get multiple daily spam attempts. What a waste of time and bytes.

    Michael N. Marcus
    http://www.BookMakingBlog.blogspot.com
    http://www.SilverSandsBooks.com
    http://www.BookFur.com
    http://www.Facebook.com/SilverSandsBooks

    Reply

    Tracy R. Atkins October 1, 2012 at 8:39 am

    Michael,

    Didn’t you have a blog of some sort for a few years where you were receiving a ton of spam for a fictitious person? April Wrong?

    Reply

    Joel Friedlander October 1, 2012 at 11:42 am

    Well, one great thing about WordPress is that, whether you want to review pages of SPAM or not to see if there are any legitimate comments in there (and I do this largely for you, Michael), you then get to use the handy “Empty Spam” button that elimates all of it in one fell swoop. And I have to say, pushing that button is pretty satisfying.

    Reply

    RD Meyer October 1, 2012 at 1:31 am

    I don’t like the Facebook filter b/c I don’t personally want to have to log into Facebook just to comment on a blog I like.

    Haven’t had to worry too much though – guess I’m not popular enough for people to spam me yet. :-P

    Reply

    Joel Friedlander October 1, 2012 at 11:39 am

    RD, that’s the principle reason I haven’t used Facebook comments. Although I’ve been told they are good for SEO and most everyone is on Facebook, I prefer the spontaneity of being able to comment directly without having to go through a two-step just to do so. However, if the SPAM rate continues to increase (see the chart at the end of the article) it may become necessary to have some kind of login for commenters.

    Reply

    Rinelle Grey October 1, 2012 at 1:29 am

    I don’t get much spam yet, so it’s easy enough just to sort through it and delete. But from previous blogs I’ve had, I know it will come! So thanks for the advice. I’m going to look into Askimet.

    Reply

    Will Gibson October 1, 2012 at 8:57 pm

    I agree, thanks for the advice and I will also look into Askimet.

    So, once again, Mr Friedlander, you have educated me on something that I previously didn’t know that I needed to know. Your blog continues to be always informative and interesting to read. Thank you for putting in the time necessary to inform us self publishers on information that we need to know to be successsful.

    Hmmm…that sounds a little too spammy maybe, but at least we now know what it looks like. Thanks, Joel, for this posting.

    Reply

    Rick Shelton (Top Kindle Picks) October 1, 2012 at 12:53 am

    Joel, excellent and highly informative article. I get largely spam in my comments, and I’m happy to read about how to handle them. I’ll try the Askimet plug-in. I look forward to looking at the rest of you posts as I can. Thanks.

    Reply

    B B Shepherd September 30, 2012 at 11:36 pm

    I don’t get anything like your amount of spam, so I just either delete it or have a little fun with it. If in doubt, I open separate browser window to check out any links. I also edit out links included in any comments I keep unless I think they’re legit. I don’t mind links to other real blogs. I look forward to your article on plug-ins. I have Askimet but haven’t activated it.

    Reply

    Tracy R. Atkins October 1, 2012 at 8:35 am

    Akismet is a lifesaver.

    Once the bots get a hold of your site, they tend to flood it rapidly. You may only get one or two, but if it gets around the automated network that you have an unprotected site, they will slam you.

    Reply

    Leave a Comment


    + 9 = fourteen

    { 2 trackbacks }