Is anyone else getting attacked by dumb ass comment spammers?
I don’t mean people that are dumb because they engage in comment spamming – I mean they are dumb because they seem to have forgotten something in their spam – a link to their sites.
Today I’ve been hit with hundreds of them – inane messages like ‘I love your site – I’ll be back’ that have no link in the URL field or message itself. They all are of course from different IP addresses with different email addresses and all come in bursts.
Only frustrating thing about it is that because they don’t leave a link some of them don’t get picked up by my spam killer plug-in and need manual deletion.
Update: I have to say – thank goodness for the ‘Spam Karma’ plugin for WP. I just checked to see how many comments its deleted today. The count is over 2900 so far (15 minutes to go)!!!!
Most of them are these stupid linkless comments. Only a few get through thank goodness or I’d be losing a battle to keep up with deleting them all manually.
Most often this is due to the spam script sending a Website field which has the wrong name and therefore does not get picked up. Some also send links in the text where it is filtered by some comment scripts.
The text sounds like the last wave of a couple of thousand poker spams I received, but they had URLs. (All caught by my filters.)
I’ve seen this done by non-idiots once before – the idea is that they spam tons of blogs with no URLs, see which ones actually show up, and return to those sites with real spam.
Also, the default in current versions of WordPress is to moderate only the first comment from each party, so they may also be hoping webmasters will approve their “love your site” comments and inadvertently approve the spam later.
But there’s no shortage of dumb spammers, so that’s probably what you’ve got on your hands…
picked up last week, eventually they sneak in URL’s.
Darren,
I get spam all the time , I currently delete them by hand, is there some sought of spam filter I can get that deletes them automatically?. I have movable type where can I get this spam plugin.
Thanks Paul
I have been doing some research and came upon a site where all of the comments were from casino spammers. Not just a few comment spams but thousands and on each and every post.
Not every blog uses anti spam preotection techniques to reduce or eliminate the spam posts. One thing spammer hate and that is work, so make it slightly harder to post a comment and they give up.
At least I know I am not alone. During the daytime, I get the poker spam and at night, they send me the sex spam. And I fight and fight – heard that MT is building something to block spams in the Trackback. You can manipulate the comment script, so that one who is posting a comment has to preview first, before publishing. A wo step process, that basically eliminated spam from my comments. BUt Trackback spam is still there.
After a quiet few days the spammers are back but still with links. Thankfully there’s a moderation.
Unfortunately, though it may at first appear to be dumb, the spammers are not stupid – there must be some rationale behind it. I would agree with Michael, though I’ve no evidence for it.
I think those inane stupid spams are shots accross the bow. In other words if they don’t get deleted, the “real” spam starts coming. Also look for gibberish. Those are so they can search on the gibberish later via google or whatever to find the sites that don’t clean up. Then they get added to the priority attack queue.
At least that’s my theory.
Yeah,
Spammers are a pain. I got hit hard a few months past at lumpyscorner. I use Movable Type for that site. I now use MTblacklist and spamlookup plugin. Jack Vinson recommended the spamlookup to me. I have written a number of post at lumpysconer on this subject. If you are using Movable Type you may want to stop by and search my site for it.
and Anrreas, MTblack list does monitor the trackback…
Exios and I use WordPress for radiostatic.am. I am sure we will experiment with the plugins you suggest here. I will likely post a blog or two about it.
The bottom line is that this is an ongoing war. As soon as something is written to fix it, they will try and figure out a way around it. Based on my dealing with this issue, my opinion is that the best defense is to use the plug-ins available AND make your forms unique in layout and name. The more generic your templates and file names are the sooner a bot will find them.
I managed to go weeks spam free by just rearranging forms and changing names…
Unfortumately, nothing is bulletproof…
Could this be a way to do referral spam? If they’re not linking in the content of their message, they may be doing it in your logs.
Darren, if you have deleted 2900 spams today, you’re already losing the battle. Break out the heavy artillery: Bad Behavior
[…] acks enabled and that’d be fine and glorious to me except for the existence of these dumb ass comment spammers. Yes I could put up moderat […]
Jason Calacanis, on his personal blog, which uses BlogSmith (in-house, I think), gets you to validate a comment by clicking on an email to your given address. It seems to work quite well. Another step in the process, I know, but if a site is worth commenting on, not that heavy.
I am hiding the discussion and trackback part of my blog in a different site mirroring all posts. That way I get a zero pagerank for that shadow blog and the comment and trackback spammers don’t even try to get through my defenses (even if I beat back every attempt, that causes a load on my server I would rather avoid in the first place).
I guess a dumb ass spam comment without a link is one that is irrelevant (as opposed to irreverent) to the blog post topic. Such a working definition would be fair enough even if the occasional comment of a naive innocent gets deleted for expressing their love for your site.
Vraiment tres beau site et surtout tres utile,j’ai decouvert ici les Dolls et c’est genial. Merci a vous. Site de qualite.
I got hit with what looked like nonsense spam a couple of weeks ago – legit looking names with no website attached, obivously random e-mail, and a single nonsense text string of about 20 characters. It seemed pointless, but I suspected someone was testing something, so instead of deleting them I just left them in the askimet queue.
Sure enough, a couple of weeks later I got blasted from the same IP address with spam that DID have multiple links in it. I’ve since added their ip addresses (there were only three, all from the same source) to WP-Ban, which has kept them at bay.