Anatomy of a Spam Attack

By JakeMarch 14th, 2009 View Comments

Yesterday, I did some browsing of the web analytics for this blog to get comparison numbers for the browser stats I had for Connect.

Today, I went back to do a little more digging and some navel-gazing :)

We use Google Analytics, which I prefer to Mint for web metrics. It has loads of metrics beyond the standard pageviews and visits. As a side note, now that Feedburner accounts are merging with Google accounts, I’m hoping that Analytics will soon include Feedburner stats too. Seems logical.

Anyway, I like to set the date range to the life of this blog (from June 2007) to get the best snapshot view from the graphs.

What jumped out was the Bounce Rate graph.

Bounce Rate from last week, dropped by 50%?

All of a sudden, our normal 75% bounce rate (I know, terrible) inexplicably dropped to less than 40% a week ago and sustained that rate all last week.

Definitely weird. Maybe after the Batman vs. Superman post, everyone was extra relieved to get back the normal, hard-hitting content we serve everyday. I laughed all the way through that sentence, obviously untrue.

I relish a data anomaly, as a recovering economist, especially if there are graphs to show the patterns. I am an unabashed data pr0n dork.

Accompanying the drop in bounce rate, there were, not surprisingly, corresponding jumps in pages per visit and pageviews over the same time period. Makes sense, the longer people stay on your site, the more pages they are likely to view.

Average pageviews per visit, also up last week . . .

Logically, you would also expect to see a rise in time spent on the site, as people read more. Not so much. In fact, Saturday’s average time on site was 19 seconds; that same day, the bounce rate dropped to 36% from 69% and pages per visit jumped to 2.41 from 1.64.

Time Spent on Site *drops*, thank you spammers

All this points to comment spammers.

Exhibit A: Looking through the WordPress and Disqus comment logs from the last week, there was definitely a rise in comments on old posts, definitely a sign of spam. And these aren’t old posts that come up on the first page for common keyword searches, like “oracle iphone”.

Exhibit B: The spam comments are borderline, with plausible names and comments, not the usual link spam left by Monster Truck Rally. This tells me spammers are modifying their behavior slightly to get past the measures Disqus has taken.

Exhibit C: The pattern of multiple comments onm different posts from the same account backed up the web metric data.

So, I accuse Colonel Mustard, in the Study, with the lasso.

I know, as a naive kid, I thought that was a lasso. Ah, innocence.

Comment spamming has been on the rise this year, at least the spam that gets past spam filters. Disqus noted that the recent rash of spam comes from real people, not bots. The assumed goal of comment spam is to bump SEO for the spammers; I firmly believe this is a new cottage industry, operated Mechanical Turk style.

A crappy economy opens up a larger pool of people with computers who are motivated to earn easy money, and how much easier does it get than comment spam? Find a blog that allows unverified or anonymous comments and drop three comments on three posts. In and out in a matter of seconds. They probably get paid for the gross number of comments with the spammer’s link.

This might even be that job advertised on the TV. You know the one that says you can make thousands in a week, tens of thousands in a month, working “on the Internet” from home. All those smiling people tell you nothing about what the job entails. There’s always a shady URL that tells you nothing about the company.

Anyway, I’m not really bothered by comment spam, but I know people are, e.g. Bex, who uses a comment captcha process that makes me want to cry it’s so frustrating.

Does it bother you? What do think of my analysis? Did you enjoy the web analytics primer?

Sound off in the comments with something useful, like “I will give it a try for sure !”.


Possibly Related Posts

  • Sarah Smith
    Hi Jake,

    See the comment above from "David Dorf" starting with "I recently...".

    I had a comment from "Valonia" on my website.

    Try searching on Google, for the *exact phrase" in the "David" comment. Also check out "his" website.

    What I mean is paste the whole thing from "I recently... " thru to "...very often", and put quotes around it so that it searchs for word for word matches.

    I did this and got 249,000 results. So clearly its some kind of automated process.

    I'm quite annoyed by this.

    My blog uses a "captcha" so that supposedly only humans can leave comments.

    But somehow, someone is getting around this.

    All so that they can have their URL in as many places as possible. Your website being one of thousands pointing to theirs.

    They're doing it because they want to publicize their sites. And its at our expense.

    So I have a plan.

    What I am going to do is contact blog authors who have these comments on their sites, suggest they delete the comment spam, and maybe contact a couple of other blog authors themselves.

    Spread the word and we could remove these 249,000 spam comments.

    So, what do you say Jake? I'd like to encourage you to at least remove the spam comment. Please also consider running the Google search and contacting a couple of the folks out there who believe they have a unique comment, but are actually helping promote a spammers website.

    Note that I'm not asking you to link to my site (you can find it if you like by Googling for sez.so) - and I have not linked it in the comment box.

    Thanks,

    Sarah
  • Hi Sarah. I can assure you David's a real person and not a comment spammer.

    I agree comment spam is annoying, and as I mention, I've been told by the nice people at Disqus that these are *people* spamming, not bots, which is why your captcha isn't working.

    I do remove the spam as it arrives if it escapes Askimet and/or Disqus.

    Thanks.
  • I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.

    j/k

    I've seen a similar trend on my blog as well. I just recently started using Google Analytics so I'm still learning. I found a cool Adobe AIR widget/gadget for Google Analytics that seems to work well -- http://www.desktop-reporting.com/.
  • That's great. I really did lulz. Your comment is way too long and well-written though.

    I've seen that AIR app too, and I used it for a while. Nice, but AIR uses a lot of memory, even more than Firefox. Plus, I got out of the habit of checking it and eventually dumped it. I do like the implementation, and it's very good for people who are looking at detailed stats every day.
  • bex
    fine fine... I changed my captcha to use the phonetic alphabet instead of Klingon... now it should be a tad easier for y'all.

    Happy???
  • Heh, I was exaggerating a bit of course. A captcha won't protect you against spam comments left by humans, but it would slow the person down enough to keep you safer.

    I'm fascinated by the human element here. I can't wait for the real story to break. "I didn't know I was a spammer" tonight on 60 Minutes.
blog comments powered by Disqus