Signs When Blog Comment Spam is Incoming

Published by Torry Crass on

One day recently, I was looking through the management tool of a site that had quite a few comments.

Great news right?

Unfortunately, no… all spam…

As I began to look further into where the spam was coming from it became quite clear that the initial onslaught actually started out with some manual testing. They were probably just testing out their script and figuring out how they needed to customize it to achieve the 200+ comment spam messages they managed to enter by bypassing multiple comment security checks.

Even so, I felt it could be beneficial to others that there's definitely a tell tale sign that you're about to wind up with a massive amount of spam on your site. Be on the lookout for things that contain words and phrases like testingjust checkingthis is just a test, and so on. For instance, the comment below which was one of the originating comments:

Adotinetttt
google.com
[email protected]
109.254.19.34

Submitted on 2012/10/18 at 13:00

Hello. And Bye.[url=http://google.com][b]best search[/b][/url]

This precious little gem preceeded the rest of the spam by a few days. There were a few more variations of it which I presume were used to tweek the script to be more on target.

Unfortunately, the war on spam is a moving target and even though you might prevent it one day, the very next day someone else might come out with something more ingenuitive to bypass any measures you've put in place.

If you see this happen and you have a anti-spam measure implemented, you need to update them and address what's coming through.  Sometimes this might even involve searching out and replacing anti-spam measures with new tools.  If you don't resolve the problem, you can be assured that more will follow.  If you don't have any in place, you definitely want to get some in place right away to try and prevent more from happening.

Traditionally, you'll want to look for tools that can do some (or all) of the following:

  • Javascript Bot Checks (These can help reduce the amount of spam since many bots use various javascript signatures)
  • Math Checks (Where you have to do simple math problems)
  • Word Checks (Where you have to pick the nth word out of a phrase)
  • Letter Checks (Where you have to pick the nth letter out of a word)
  • Image Checks (Where you have to identify or drag a graphic into the correct location)
  • Block Lists/Bot Check Lists (Some will provide checking the poster against known-spammer lists)
  • Any other creative way to make this happen

If you have the skills to do it, you might even consider writing your own tool to use privately.  Most of the spam that gets through is because the spammers have access to the source code of the plugins and are able to cater their spamming to suit getting around any anti-spam measures that as site has implemented.  Thus, why it's very important to keep tools as up to date as possible.

In future articles I might provide some recommendations but for now I just wanted to share this general information.

I wish you the best of luck in your future spam slaying quests!

Categories: Technical

0 Comments

Leave a Reply