Why do Spammers do this?

This isn’t a metaphysical question about good and evil. I’m really trying to understand what the motivation or payoff is.

Over the last week or so I have been experimenting with BuddyPress as a way of adding social networking features to SMUG. I’ve been impressed with the functionality. Now that I’ve learned some of what I was seeking to discover through the experiment, I have reverted back to the previous theme and disabled BuddyPress.

One of the settings I enabled in BuddyPress allowed visitors to sign up for an account here. They just had to fill out a form, like this (click any of the images to enlarge):

And then they would see a message which said they would be getting an email message with a link to confirm their registration:

When they clicked the link in the email, they would return to the site and see this confirmation:

Today I got a message from a helpful SMUGgle, Michelle Murray, who said she had gotten an “internal server error” message when trying to visit a curriculum post…and that the problem had happened a few times. So I decided to investigate. To cut to the chase, here’s what I discovered:

A whole bunch of new “users” whose names were eerily similar. The extent of the problem is shown in this closeup of the user totals, which you don’t need to click to see clearly:

After I had deleted 50 of them, here is the closeup of the user type breakdown:

In other words, my blog had essentially been the target of a Denial of Service attack by a spam bot creating nearly 6,400 accounts.

As I examined one of the profiles, it seemed odd that the person behind the spam would try this, because it wasn’t immediately apparent what benefit they would derive. Here’s an example of what they had entered for each fake user:

And when you look at the tail end of the Website field, it is just the link to the member profile on SMUG, not some other Web page they wanted to give Google juice.

It seems that the goal is to somehow help a site devoted to offering six-pack abs to its customers (clearly something I could use), but it isn’t (or wasn’t) clear to me how this spamming strategy would drive traffic to that site. Other spam email domains pointed to searsuckersuit, realestatequicksolutions and comfortersonsalenow, all with .coms appended.

On further reflection, it seems perhaps one way this scheme could work would be if the spammer accounts could be used to bypass the Akismet comment filtering. In that way they could include links back to their sites within comments.

Or maybe if my default for new users was to make them Authors instead of Subscribers, it would give the spammers a chance to create new posts with lots of links to their sites:

What do you think? Based on what you see above, what would be the benefit to spammers in creating 6,000+ accounts on a site, without any links back other than in the user email domain, which isn’t published?

Was this just a first step in a plan to eventually unleash a torrent of new posts or comments?

By the way, for the time being I have turned comment moderation on, so I’m not just relying on Akismet. So when you share your thoughts, it may take a little bit for me to moderate and approve the comment.

Meanwhile, does anyone have a recommendation for mass deleting 6,300 spam subscribers in WordPress?

Otherwise, it looks like I’ll be selecting 50 at a click and deleting about 126 times. Should be an hour or so of mindless fun.

Blogging 118: Trackbacks

As I said in Blogging 117, blogs enable conversations, and one key way those happen is through comments. And comments you leave on other blogs have the additional benefit, if you comment thoughtfully, of encouraging readers of those blogs (and perhaps the authors) to visit your blog and see what you have to say.

Trackbacks are a special kind of comment that require special mention and explanation, because they involve some mysterious lingo that isn’t intuitive.

In essence, a Trackback is a comment on someone else’s blog post that you leave on your own blog. It’s sort of a mega-comment.

Here’s how it works.

Continue reading “Blogging 118: Trackbacks”

Blogging 117: Attracting Blog Visitors through Comments

Blogs are a conversational medium. As we learned in Blogging 101, a blog is essentially a newspaper. Two major factors that set blogs apart are:

  1. Anyone can be a publisher, and
  2. Within reason, every letter to the editor is published.

I say “within reason” because some people go out and leave meaningless or off-topic comments as a way of driving traffic to their sites. Thankfully, as a wordpress.com site, SMUG is protected against comment spam automatically by Akismet. But still, sometimes one sneaks through, with an innocuous comment like, “Great site. Keep up the good work” that includes a link to a Russian porn site. When that happens, I mark the comment as spam, which deletes the comment and makes it more likely Akismet will prevent that person from infecting other wordpress blogs.

But comment spam isn’t the main point of this post. This post is about how you can legitimately engage in discussions through comments on other related blogs, and as a natural byproduct attract visitors to what you’ve written.

If you’re commenting just to attract blog traffic through that single link, people will sniff it out and you won’t get much out of it. But if you’re contributing meaningfully to the conversation, you not only will get some visitors via the link in your comment (as described below); you also make it likely that the blog’s author will take notice of your blog and possibly link to it in a future post.

Continue reading “Blogging 117: Attracting Blog Visitors through Comments”

Facebook Friend Rules

I suppose I have brought this on myself (or maybe that’s just a blame-the-victim mentality), but some recent developments have led me to establish some new rules for accepting Facebook friend requests.

I have previously encouraged any SMUG students or even casual readers to add me as a Facebook friend. I still hope you will. The fact that you’re here suggests that Google thought you might find this content interesting and relevant, and that you took Google’s recommendation. We should be friends, even if we haven’t yet met.

But in the last month or two I’ve had an alarming increase in friend requests from people who seem to think Facebook is the next Amway, and who want to use it mainly as a tool for multi-level marketing.

Getting away from spam (the electronic kind, not the trademarked kind that is made in my home town, and which saved Western civilization during World War II) is a major part of Facebook’s appeal. I don’t want to be bombarded with get-rich-quick schemes.

Lately, I’ve had too many scenarios like this, which started last night:

11:09 p.m. on 6/14/08 – I accept a friend request from Jan Cheung

Within a few hours I had received this (click to enlarge):

And very shortly after that I received these two group invitations:

Jan’s not the only one who’s done this, but this was the proverbial straw.

So he’s not my friend any more. Not in Facebook, and after this post, likely not elsewhere either.

And I’ve developed some new rules for Facebook friend requests. I’ve had other people whom I have accepted as friends send friend requests to my kids, who thought they should add people because I did.

So here are my new rules, which are less strict than Facebook would suggest, but yet leave room open for connecting with people who have a common interest in learning about social media, not just using people as leverage points.

  1. Send me a message with your friend request. Give me some sense that you’ve read one or more of my blog posts, and that you added me in Facebook from here instead of from someone else’s list of friends. If you say something about SMUG, I’ll know you weren’t just cruising people’s friend lists and adding people in alphabetical order.
  2. Don’t spam me. If you send me a message inviting me to join a group within 24 hours of becoming my friend, or make me one of 8-10 recipients of one of your messages, I will “unfriend” and block (and perhaps report) you.

If you’re reading this post, you’re exactly the kind of person with whom I want to be friends. But for those who add me because I’m first in alphabetical order in all my friends’ lists as you cruise Facebook, they’ll be ignored.

Are you having a problem with friend spam, or is this just among the cons (there are many pros) of having a surname like Aase?

Blogging 304: Does Google Treat Hyphenated Domain Names as Spam?

A reader named Andy raises a point I hadn’t considered, and which I tend to doubt, but I’d like any feedback from someone who may know. And because Social Media University, Global is a research institution for social media higher education, in addition to offering practical, hands-on learning, I’ve devised a project in which we can all participate to test for ourselves whether what Andy said is correct. This post is added to the SMUG curriculum as Blogging 304: Hyphenated Domain Name Research Project.

Andy writes, in a comment in the About Me page:

I can say that domain names with dashes like your’s “social-media-university-global” treated by Google and others like spam domains…

The reason I doubt this is three-fold:

  1. When I Google social media university, this blog comes up in the first two positions in my search results, ahead of American University’s centerforsocialmedia.org.
  2. When I Google blue shirt nation, a post I wrote about Best Buy’s employee social networking site comes up #5 (see below), and if I search for best buy blue shirt nation it’s #3.
  3. What I know about Google bots is they can parse words in URLs better when you separate them with hyphens. So social-media-university-global.org is easier than socialmediauniversity.org, because you’re coaching the bot as to where one word stops and the other starts. A URL like mikeisnowhere.org could mean mike is now here, mike is nowhere, or perhaps mikei could be an adjective modifying snow. For more discussion of this, see Blogging 201: Google Loves Blogs.

The results I get when I search (and the fact that I get traffic based on search terms like blue shirt nation) doesn’t sound to me like I’m being penalized in Google’s search results.


But who knows? Maybe Google adjusts the results when I’m searching because it associates my computer with my blog, and therefore considers my blog more relevant to me.

So here’s your SMUG assignment:

  1. Open click here to do a Google search for blue shirt nation, followed by a search for best buy blue shirt nation (no quotes around either phrase.) Note the highest position at which you see a social-media-university-global.org search result.
  2. Enter your results in the comments on this post.

I’m looking forward to learning through this SMUG research project, and hope you’ll take a couple of minutes to participate.