kasia in a nutshell: Spam breeds more spam

« Gmail is an anonymous mailer | Main | The end to slacking »

Spam breeds more spam

As an experiment, I left two typical comment spams in one of my entries (now deleted) only long enough to be archived by Google. I was curious what would happen. In less than 24 hours since the original comment spam arrived the entry was spammed, nay, bombarded with 356 brand new spam comments.

The spammer found my entry via google searching for one of the couple dozen urls spammed in the comment body. Here is a screenshot of what google cache was still showing today. (The spam was actually removed already).

That was pretty fast, wasn't it?

In other words:

Unremoved spam + fast google caching = lots more spam.

Obviously just removing the comments is no longer good enough, time to work on preventing them from arriving in the first place (I have a hangup about using mod_perl, so no mt_blacklist).

Posted by kasia on January 8, 2005 09:13 PM | Permalink

TrackBack

Listed below are links to weblogs that reference Spam breeds more spam:

» Using mod_rewrite against stupid comment spam bots... from Jeremy Zawodny's blog
You'd think the comment spammers would be a bit smarter, but apparently not. Over 80% of all attempted spam hits on my site provide no HTTP Referer data. None of them work, of course, because my MT install isn't quite what they think it is (they don't ... [Read More]

» i miss the days when spam was lunch meat from angiemckaig.com
Not that I ever ate the stuff - erg - but really, you have to feel for the poor company who makes Spam. As though there weren't enough negative perceptions towards their product, the digital revolution had to happen and now everyone's talking about Spa... [Read More]

» Broken Window Theory from The Luney Bin: H. Wade Minter
If you have a blog, then you've certainly experienced comment spam. The same fuckwit spammers who hit your inbox are also going after weblogs, flooding open comments with their wares in an attempt to get their websites highly ranked in... [Read More]

» Spam Target from eclinkticism
Spam breeds more spam Unattended comment spam will attract more as spammers search for common spam strings.... [Read More]

» Links for 2005-01-10 from plasticbag.org
What happens to the water-cooler moment when TV is consumed on-demand? Michael Sippey on the creation of episode-based micro-communities for people who consume TV episodes after-the-fact... (categories: michaelsippey postbroadcast television tv tvseri... [Read More]

» Spam breeds more spam from MT-Blacklist/Comment Spam Clearinghouse
Although it's been said here numerous times, it's always worth another reminder: If you leave spam spam on your site, you will get a lot more spam. Kasia writes about her experiment to prove it. In essence, by leaving spam... [Read More]

» Well, There's Spam, Egg, Sausage And Spam. That's Not Got Much Spam In It. from This Space Intentionally Left Blank
This following link is for those who don't regularly check Jay Allen's MT-Blacklist/Comment Spam Clearinghouse: If you're getting comment spam, the fastest way to get more comment spam is to fail to remove it. In other words, what I'm trying... [Read More]

» valykitės ūkelius from blog.hardcore.lt
čia ir čia: kuo daugiau paliekat, tuo daugiau blogio ir nervatriopkės ateina :)... [Read More]

» Spam lockt Spammer from larfs Weblog - oder ists ein Blog?
Und gleich noch etwas zum Thema "Spam in Weblogs" hinterher: ein Test von "kasia in a nutshell" zeigt es recht eindrucksvoll: sie hat zwei Spam-Kommentare absichtlich so lange in ihrem Blog gelassen, bis sie bei Google zu finden waren. Das... [Read More]

» Unremoved Comment Spam = More Comment Spam from A Welsh View
For those who are unlucky enough to receive comment spam in their blogs, how many remove it within 24 hours? If you ignore it or don't remove it quick enough, maybe you should take a look at this post to [Read More]

» Spam Begets Spam from readme.blog
Spam breeds more spam. As an experiment, I left two typical comment spams in one of my entries (now deleted) only long enough to be archived by Google. I was curious what would happen. In less than 24 hours since... [Read More]

» Why you should delete comment spam asap from beancounters
Apparantly, they breed like rabbits. [Thx, Robert] [Read More]

» Spam by any other name ... from ***Dave Does the Blog
So, a somewhat disturbing evolution in the War on Comment Spam -- the stealth URL. And it shows why blacklists will only ever be of limited use as time goes... [Read More]

» nofollow from 90% Crud
nofollow seems to be the name people are giving for the new anti-PageRank tool, and it's been pretty well received but there has been some criticism. nofollow is not a panacea. Large-scale social problem don't have easy answers, like stopping... [Read More]

» Google的“破窗” from 车东Blog^2
其实可以用破窗效应来解释：被侵蚀的Google | 破窗理论：如果有人打坏了一栋建筑上的一块玻璃，又没有及时修复，别人就可能受到某些暗示性的纵容，去打碎更多的玻璃。类似的：Spam breeds... [Read More]

» Google的“破窗” from 车东BLOG
其实可以用破窗效应来解释：被侵蚀的Google 破窗理论：如果有人打坏了一栋建筑上的一块玻璃，又没有及时修复，别人就可能受到某些暗示性的纵容，去打碎更多的玻璃。类似的：Spam breeds m... [Read More]

Comments

Eeeeks, that's scary! Maybe something like MT-Moderate, set to only 1 or 2 days??

Posted by: Tricia | January 8, 2005 11:54 PM

Interesting. This confirms something I've suspected for a long time now.

Posted by: Jeremy Zawodny | January 8, 2005 11:55 PM

This is really interesting feedback, we'll take this into account. And I'll give Jay some more grief about Blacklist not running under mod_perl on your behalf.

Posted by: Anil Dash | January 9, 2005 03:19 AM

Thats actually pretty smart thinking on the part of the spammer. Being cached in google must of flipped on the "spam more!" light for them.

Posted by: david | January 9, 2005 06:12 AM

This sounds like the Broken Window Theory[1] applies to web sites just as much as neighborhoods. Comment spammers will gravitate to poorly tended blogs...

1: http://www.cityofseattle.net/police/prevention/Tips/broken_window.htm

Posted by: George Hotelling | January 9, 2005 11:03 AM

It only kind of makes sense to me. I mean you'd expect them to conserve resources if they're running a script on a computer used for other stuff. But realistically that can't last, surely? Where's the benefit for them in only spamming places where it definitely gets through when the cost of spamming everyone drops?

Posted by: Tom Coates | January 9, 2005 05:48 PM

I think that just blocking domains isn't good enough.
There are virtually millions of spam domains. I believe they use some automated software to post on all the blogs they can reach.

The only reasonable option can be authentication. TypeKey is one of them.

Posted by: Schlank Jetzt | January 11, 2005 07:13 PM

If i remember correctly, I had gotten mt_blacklist mostly working with mod_perl, and was surprised nobody else tried.

It looked, to me, that it was purely because he was trying to use the CGI module with the Apache object already taking over or something like that.

Posted by: Gavin | January 12, 2005 04:49 PM

I'm convinced that public proxy servers are responsible for 95%+ of all comment spam. If we determine accurately that a comment has been submitted via a public proxy it should help to avoid those 95%+. I'm testing a much better version of http://www.kahunaburger.com/blog/archives/000191.html right now and it looks very promising. As soon as it had a burn-in on my site, I'm gonna post it. It'll run under mod_perl, because it runs under mod_perl on my site :-)

Posted by: Tobias Hoellrich | January 14, 2005 07:19 PM

kasia in a nutshell

Crunchy on the outside, sarcasm on the inside

Spam breeds more spam

TrackBack

Comments