Chad Perrin: SOB

25 January 2007

weblog comment spammers are getting better

Filed under: Cognition,Geek,Metalog — apotheon @ 11:26

Today, in my moderation queue for SOB, I found something I hadn’t seen before. It’s comment spam with the following text:

I always have terrible trouble with comment-related plugins that require me to put some line in the comment loop; I can never seem to find the right spot. Can anyone tell me where I should put the php line in my comments loop? I haven not modified anything much, and I would be very grateful. Thanks!

I wasn’t sure at first it was comment spam, even with the suspicious URL used to linkify the username of the “person” posting it (it said something about trmadol, which is awfully close to tramadol, a common subject of weblog comment spam). Any illusions I may have had that it was a legitimate, non-spammy comment, however, were blown away when I noticed that there were about thirty comments to various SOB entries, all featuring exactly the same text, all pointing at the same URL, each of them supposedly from a different “person” (with a different email address). It’s kinda worrisome that it made me pause for a moment and wonder if it was for real, though.

If even a human is beginning to have trouble sorting it out, I imagine automatic spam filters will have a lot of trouble, too. Thus, in addition to the problem of false positives that has caused me to swear off spam filters for the time being, filters will also increasingly fail to catch “true” positives.

The end result of this will, I suspect, not be that spamming businesses get more money. It will, instead, be that non-spamming web publishers of various sorts will be more short-lived, as they won’t be able to cope with the massive influx of spam unless they have legions of employees dedicated to the task of vetting incoming messages by hand. That, or spam filters will become more strict, and as a result we’ll start seeing about 50% of legitimate communications gobbled up as false positives by the filters.

. . . and yet, my Google PageRank is still higher than that of all these friggin’ spammer sites. I guess it would be too much to ask that they learn from their mistakes, and put themselves out of our misery.

7 Comments

  1. I had a similar experience. A comment, asking for advice on managing blog comments, was posted to three different entries on my two blogs. So I sent the commenter an e-mail asking if they were human. He responded that he saw some sort of error when posting and wasn’t sure that the comment got through each time. So it was legit. I nuked the dups and answered his comment. But that sort of filtering chews up a lot of time.

    Comment by Sterling Camden — 25 January 2007 @ 01:10

  2. I got those once in a while, they’re called “original content”. Instead of spambots generating random clouds of links and hoping to outsmart the filter, you get real people writing something that looks relevant, hoping to outsmart the blogger.

    You can too help produce “original content”! Just look for one of those work from home jobs in the classifieds.

    Comment by assaf — 25 January 2007 @ 02:01

  3. Off topic, have you updated to the latest WP? The page you check your AKismet caught spam now allows you to go back as many pages as you need to check out by hand (if you so desire) all the spam it has caught, not just the first 100 or so results.

    Comment by Joseph A Nagy Jr — 26 January 2007 @ 09:26

  4. Sterling: Yeah, the danger of false positives in cases like that is one reason I simply don’t trust filters. I want to make sure I catch instances where a real human being with real, relevant comments ends up looking slightly like a spammer, so that such comments don’t disappear into the lumineferous ether.

    assaf: I’m a little torn, with regards to the balance between automation and human intervention involved in these latest Tramadol-related attacks. I’m in the middle of composing an update on the situation to post here at SOB right now that sheds further light on what’s going on.

    Joseph: Even with the ability to go back through more pages of results in the Akismet filter, its accuracy is poor enough that it doesn’t provide me with any real benefit. I have to go through the entire list whether it appears in moderation or in a spam filter, but with moderation by whether or not the individual has previously made a comment that has been approved I’m assured that all trusted sources get through immediately, and that all untrusted sources get checked before they appear. There are no false positives, as long as I keep up with my spam-checking (which is a limitation of Akismet anyway), and there are no false negatives at all (which Akismet cannot promise).

    Comment by apotheon — 26 January 2007 @ 04:20

  5. […] Apparently, there are real humans behind the spam comments about Tramadol that I’m getting here at SOB. My last entry in this weblog, titled weblog comment spammers are getting better, indicated that weblog comment spam is getting more devious in its ability to fool not only filters but human beings. In a comment by assaf of Labnotes fame, it was suggested that this particular attack might have been targeted and perpetrated by a real human being rather than by an automated script. Considering the sheer number of incoming comments, however, and the number of different email addresses and names employed in the flood of spam comments, I must believe that while a human being created the message it was delivered by some kind of automated script. […]

    Pingback by SOB: Scion Of Backronymics » real humans behind the spam — 26 January 2007 @ 04:33

  6. […] My last two entries here at SOB have focused on the downside of weblogging — most particularly, on spam comments and how good their propagators are getting at slipping them past both software and wetware filters. There’s an upside to weblogs, too, though. It’s time to focus on that a bit. […]

    Pingback by SOB: Scion Of Backronymics » weblog whys/wherefores — 26 January 2007 @ 05:16

  7. […] The spammers have been messing with apotheon’s mind. This is starting to look a lot like what I predicted . […]

    Pingback by Chipping the web - the die is cast -- Chip’s Quips — 26 January 2007 @ 06:29

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

All original content Copyright Chad Perrin: Distributed under the terms of the Open Works License