A spammer’s playground

Tom Lee writes at Manifest Destiny about his discovery that spammers were abusing a full-text RSS tool he developed.

The self-described black-hat search engine optimization crowd — the folks who assemble sites peppered with ads that are designed to attract search engine traffic, aka “link farms” — had been using my script to steal other people’s content and republish it on their own sites.

Spammers call those link farms “autoblogs”. They’re a popular fad among black-hat SEO consultants (which is what spammers generally prefer to call themselves). His description is correct: they use automated tools to copy material without permission and re-publish it on fake blogs covered with ads. Typically they also send high volumes of pingback or trackback notifications to try to trick naïve bloggers into linking to them (thus boosting the spammers’ search engine rankings – often at the expense of the original authors of the stolen material). They rip off both the bloggers whose material they’ve stolen, and the advertisers who are paying for worthless ads run on bogus sites.

It’s a pattern of behaviour we’re all too familiar with at Akismet.com. Spammers take advantage of trusting (and trustworthy) bloggers, web sites and online services. And it’s the innocent operators of those services who, ultimately, are harmed the most.

Tom’s experience demonstrates an unfortunate modern reality: that spammers will take advantage of trust and openness. If you own any web site that allows users to consume resources – that is, any web site that allows users to perform an action – you need to monitor it for signs of abuse. An unsupervised or abandoned web site is a spammer’s playground.

6 responses on “A spammer’s playground

  1. Sad fact is, that these rogue copycats are largely funded by Google AdSense, and Google shows little intention to shut down affected AdSense account to dry them out.

    From my own experience, DCMA AdSense complaints seem to either vanish in the GOOG haze or hit a low-priority queue.

  2. These so-called ‘Black-hat SEO consultants’ are nothing more than a bunch of thieves. Why give them credit and call them anthing more than spamming punks?

  3. Would it be inappropriate for a plugin developer, who discovers spammers using their plugin, to add a new feature, and update the plugin. That would cause the users of the plugin to more-than-likely update.

    If these spammers updated, and the new feature added the ability to spam-the-spammer, we could be in for a sweet spam war!

    I’m just suggesting an alternative method of offering up to a spammer some of their own medicine.

  4. Yep, it’s true. Google Adsense is actually financing those hooks. And they love WP, use many powerful tools for grabbing and publishing content, like WPT.

  5. There’s a lot more people that are spamming that don’t even realize it, they are just doing what they are trained to do. Internet marketing is basically just one large exploitation of one loophole or another. There are very few people who do it legitimately.

    Great rule of thumb here – “any web site that allows users to perform an action – you need to monitor it for signs of abuse.”

    sort of off topic -

    Thank you guys for this great plugin. I was looking at the stats and 99% accuracy is pretty crazy, and the best part is I am never alerted that I have spam… it just – goes away!

    Rock on!

  6. I agree. Advertising revenue is what fuels this problem. Take away the money, and the problem should go away.

    Google has another product that encourages anti-social behaviour on the Internet – “Google AdSense for Domains” encourages people to squat on domain names that they are not using.

    To truly follow their motto of “do no evil”, Google would drop their AdSense for Domains product, and police the sites that run Adwords more actively.

    Cheers,
    Stu.

Comments are closed.