Akismet & Your WordPress Contact Forms

We often hear from Akismet users on WordPress that, even after activating our plugin, they are being flooded with spam via their contact forms. While Akismet will automatically begin checking all comments submitted on your post and page comment forms, we can’t simply hook into any contact form plugin (or theme) and handle those submissions, as well. The good news is that there are some really great (and free!) contact form plugins out there that include Akismet integration, and we thought that we’d let you know about them in case you’re in the market.

Jetpack by WordPress.com
Although Jetpack brings you a ton of other features that are native to WordPress.com, it includes a simple and powerful contact form module that is automatically integrated with the Akismet service. You’ll also notice that the submission queue has been designed to mirror the native WordPress comment queue as closely as possible to ensure ease of use and moderation. What’s more, Jetpack and Akismet are developed under the same roof by Automattic, which means that you can rest easy knowing that the integration is as tight as possible.

Contact Form 7
Another powerful – and ever so popular – option is Contact Form 7 by Takayuki Miyoshi. It boasts a great amount of flexibility, some really nifty features, is surprisingly easy to configure, and has been downloaded over 12 million times. Setting up the plugin to send data to our service will take some manual configuration, but the steps are fairly simple and are clearly outlined here.

Fast Secure Contact Form
If you’re looking for an incredible amount of options and still wish to have the peace of mind that Akismet is checking form submissions, Fast Secure Contact Form by Mike Challis may be a plugin to explore. The plugin even allows you to customize how Akismet handles spam submissions and includes customizable CAPTCHA as an additional line of defense.

Note that, with all of the plugins mentioned above, you will need to have Akismet installed and activated for the integration to work. And while we are unable to provide technical support for Contact Form 7 or FS Contact Form, we’re always more than happy to help you through any potential problems with Akismet functionality. Give us a shout!

Akismet 2.5.9 Released for WordPress

In case you haven’t noticed from within your WordPress dashboard, Akismet 2.5.9 is now available. It introduces the following very minor fixes:

  • Update the ‘Already have a key’ link to a redirect page rather than depend on Javascript (within the activation flow)
  • Fix some non-translatable strings to be translatable
  • Update activation banner on ‘Plugins’ page to redirect user to the Akismet configuration page

You won’t notice much of a difference, but please make sure that you update to the latest version. If you experience any problems with the upgrade, please don’t hesitate to get in touch with our team.

And don’t forget – WordPress 3.6 “Oscar” is also now available!

Cheers!

High Levels of Spam Continue — What We’re Doing and How You Can Help

In our 2012 year in review post, we explained that, without surprise, spam levels were greatly on the rise. We are a bit beyond the halfway point of 2013 and wanted to post an update on what we’re currently seeing and to show just how true that ominous statement has turned out to be. We also wanted to share what we’re doing to combat the problem and how you can help.

How much (more) spam?

We have seen some significant year-over-year increases in the numbers of spam filtered by Akismet. Here is an illustration breaking down the daily averages by month for 2012 and 2013:

Akismet Daily Spam Averages by Month, 2012 - 2013

As you can see, successfully combatting over 100 million daily pieces of spam is the new normal. As general spam levels rise, so may the chance that some unwanted items will squeeze through our filters to hit your dashboard and comment queues. This is where we need you to ensure that you mark any such comments as spam so that they’re reported back to Akismet. This helps our software learn, evolve, and make better decisions moving forward. Because spammers evolve just as often.

What kind of spam?

All kinds, of course. But if we had to pick a winner so far in 2013, we would probably go with the compliment spammers. There are lots of variations within this category, sure, but the overall tactic remains the same. And unfortunately, we often see that folks are actually recovering comments like this from their spam folders. On this front, Mark’s post from 2007 is still very relevant and worth a read. Here are some samples of compliment spam, if you’re curious:

Interesting Findings of the Blog World » Chuck Norris wants a Bible Curriculum in the Public Schools (Gasp!)
[...] Read the rest of this great post here [...]

Very interesting… as always!

For the most part I agree with you and enjoy reading your posts.

Hi, you have a jolly good post here, thanks for the good read

[...] Check it out! While looking through the blogosphere we stumbled on an interesting post today.

What should you do?

Let Akismet work its magic and correct it only when you need to. If you do, at any given time, experience a small influx of missed spam, there’s no need to become alarmed. Take a look at the number of comments that Akismet did successfully catch during that same timeframe and examine the accuracy rate (this will help determine whether or not there is a technical problem). Then, of course, mark the comments as spam so that Akismet can process the data. Do not place the comments in the trash — if you find something incredibly out of place, please feel free to get in touch.

Finally, and most importantly, always remember that Akismet learns from user feedback via missed spam and false positive reports. This means that, when you see something that Akismet has flagged as spam, know that other bloggers have agreed with its opinion. Have you ever seen those advertisements that claim “9 out of 10 cats prefer this food!”? Well, when you notice a comment in your spam folder, think of it as “9 out of 10 bloggers say this is spam!” Don’t get fooled by the bad guys.

In the meantime, our awesome (and growing) team will continue working magic behind the scenes and ensuring that Akismet is your best weapon against spam.

University Site on WordPress? Let Akismet Kill Your Spam

Much like the peanut butter and chocolate, Akismet and higher education are a match made in heaven. If your college, university, or higher educational institution’s website uses WordPress, Akismet is the best, most cost effective solution to keep your site’s forums, comment boards, and blogs free of spam.

Over 150 colleges and universities trust Akismet to keep their sites squeaky clean. In fact, each month, Akismet prevents over 25 million spam comments from sullying higher education blogs and forums. That number gets bigger every day, but we’re constantly fortifying Akismet to stay one step ahead of the bad guys to kill spam dead, before it reaches your site.

The benefits of an Enterprise Akismet subscription

We believe in higher education and we like to give colleges, unis, and other higher ed institutions a break. For large multisite networks, we recommend the Enterprise subscription, and happily waive the limit of 80,000 API calls each month. Akismet itself is made of algorithms and love, though you’ll get great priority support from nice humans should you have a question or concern. Do your site, your students, faculty, administration, and school community a favor: get your Akismet API key today.

Sign into Akismet with WordPress.com Connect

With the new year upon us, your friends here at Automattic have resolved to make it easier to manage your accounts across all our services.

Maybe you’re using Akismet to stop spam in its tracks, VaultPress to keep your site safe and secure, and Polldaddy to find out what your readers are thinking. Maybe you’re using WordPress.com to build a fancy new site, or Jetpack to supercharge your self-hosted one.

Now you can sign into all these awesome services, including Akismet, with just one account — your WordPress.com account!

Signing into Akismet

Starting today, you’ll be required to sign into Akismet with your WordPress.com account.

The good news is, if you have an Akismet account, you already have a WordPress.com account! Simply sign into Akismet with the credentials you’ve been using all along.

Don’t have a free WordPress.com account?

There’s a good chance you already have one, and don’t realize it! Try signing into Akismet with the credentials you’ve been using all along.

If you really don’t have a WordPress.com account, it only takes a few seconds to sign up and is totally free! Simply click “Sign in with WordPress.com” on the Akismet account page, and then click the “Need an account?” link.

signin1

Already have a WordPress.com account?

You’re all set! Go ahead and sign into Akismet with your fancy WordPress.com account. You might be asked to “authorize” Akismet to access your WordPress.com account.

signin2

Not sure if you have a WordPress.com account?

No problem! If you use VaultPress, Polldaddy, Jetpack, IntenseDebate, or Gravatar, you can just sign in with the same account you use for them. Otherwise, just go ahead and try signing into Akismet with the credentials you’ve been using to sign into Akismet all along.

If it turns out that you don’t have a WordPress.com account, you can sign up for a free account in a flash! Simply click “Sign in with WordPress.com” on the Akismet account page, and then click the “Need an account?” link. We’ll let you know if we find one that’s tied to your email address.

Have any questions?

Learn more about how we’re making it easier to manage all your accounts here at Automattic, or drop us a line.

A Spammy Year in Review

It’s that time of the year again.

Time for family members to joyfully gather for the holidays. Time to work on those ill-fated New Year’s resolutions. Time to relax and reflect on the past year and lessons learned.

Here at Akismet, we proudly work year round to protect millions of sites from comment spam. To date, in fact, we have eliminated over 65 billion (yes, with a ‘b’) spam comments, and we saw many interesting — and nasty — things in 2012. Make no mistake about it — spam levels are certainly on the rise.

Akismet saved the web from over 25 billion pieces of spam content this past year alone (and December is not over yet!). Toward the end of the year, specifically, we began seeing alarming and heightened levels of spam. Our daily totals — starting in early December — began topping 120 million spam comments per day, a trend that appears to be continuing into the new year. To add some perspective, these numbers are roughly double what we were seeing in previous months. We also topped the 3 billion spam mark in November:

Akismet Spam Totals By Month, 2012

The chart above contains both current (C) and projected (P) December figures.

More troubling in terms of trends, there has been an unfortunate increase in compromised sites, wikis, and forums. We come across these after a hacker takes over a site, sets up their payload, and proceeds to spam a great number of sites with their malicious links. It is clear that spammers are increasingly willing to use illegal methods, such as hacking and exploiting these vulnerable websites. We have even seen these tactics used to advertise otherwise-reputable and well-known websites, a trend that suggests some marketing firms are outsourcing work to black-hat spammers.

Further noticeable increases in spam include elevated traffic from China, as well as the promotion of Chinese knockoff fashion sites. If you happen to regularly check your spam queue, we’re sure that you’ve seen at least one offer to purchase discount Christian Louboutin shoes or “authentic” Michael Kors purses. Also steadily on the rise has been spam content promoting TV streaming, payday loans, and “Get rich by working from home!” sites and programs. Sure, we have all seen this garbage before, but its recent increase is something to still keep in mind. Here are some example sites, all of which were created on free blog hosts:

Spammers have also taken a liking to the abuse of reputable affiliate and referral programs.Their goal is simple: set up a free blog or site (example shown below), publish oodles of product listings including specific affiliate URLs, and spam the rest of the internet. You may notice that many of these spammers plant their payloads on free site hosts. Luckily, on WordPress.com, Akismet is actively working to combat the creation of these spam sites. We would love to see such integration on other hosts.

Affiliate Spammer

A spammer abusing Amazon’s affiliate program. A prominent form of spam in 2012.

Recent streams of human-generated spam are also worth mentioning. These campaigns tend to focus on more difficult targets, such as forums, third-party commenting platforms, and social networks. Such spam can be more difficult to systematically neutralize, which is why Akismet continues to develop and employ refined tactics against it.

Rest assured, we are always hard at work to make sure that any global increase in spam does not mean an unfortunate rise in unwanted comments getting through to your posts or moderation queues. Because we know that you have far more important things to do than sift through trash.

As always, our resolution for the new year is to continue making Akismet better, faster, and more accurate. As spam evolves, so will Akismet. We sincerely thank each and every one of our users for trusting us to defend their sites against the web’s underbelly.

Happy Holidays to you and yours,
Team Akismet

Akismet WordPress Plugin 2.5.7

Version 2.5.7 of the Akismet plugin for WordPress is now available. This is a maintenance release that fixes various minor bugs and includes some proactive security improvements. Changes include:

  • Fix a bug displaying the Stats page in some versions of FireFox
  • Fix mshots previews when using https
  • Add .htaccess to block direct access to files
  • Prevent some PHP notices
  • Fix Check For Spam return location when referrer is empty
  • Fix Settings links for network admins
  • Prevent some prepare() warnings in WordPress 3.5

To upgrade, visit the Plugins page of your WordPress wp-admin dashboard and follow the instructions.  If you need to download the zip file directly, links to all versions are available in the plugins directory.

Please note that Akismet 2.5.7 requires WordPress 3.0 or higher.  We recommend all users of older WordPress versions should upgrade as soon as possible.

Over 60 billion spams squashed

It works while you work, it works while you sleep, during your vacation, your weekends, and never takes a day off. Akismet, the best way to protect your online properties from spam, recently hit an incredible milestone we’re delighted to share: over 60 billion spam comments, forum comments, blog posts, pingbacks, trackbacks, and tweets squashed on sight. Boom!

118million

Just how many is 60 billion? Well, let’s say we equate one spam to one mile. 60 billion miles would take you to the sun 645 times. Akismet continues to squash more and more spam by the minute. In fact, back when we hit our 50 billion spam milestone, we were catching about 700 spams per second. In November 2012 alone, we caught three billion bits of spam, which is 100 million spams per day. Per. Day. That’s 1200 spams per second. Blink: Akismet just nabbed 1200 spam. Incredible, yes?

Akismet works with WordPress and many other platforms. If you don’t see your platform on the list, all you need do is grab an API key and get coding.

Akismet is 100% free as in air, free as in birds for individual users’ personal use. Check out our professional / business plans: sign up and say adios to spam.