Jump to content

Strange yet innocuous blog comments - very probably spam


Recommended Posts

I think this might have been brought up here a year or two ago; at the time I didn't quite understand the problem, and paid it almost no attention. It seems a lot (lot!!) of blogs are getting spammed with pleasant, but completely content-free comments. I never approve them, so they don't appear on my site, but they appear at lots of other sites.

 

They make no reference to the actual blog posts, and sometimes don't fit the post at all. Some typical comments:

 

"Hi there, the whole thing is going well here and ofcourse every one is sharing information, that's truly fine, keep up writing"

 

"Excellent article. I will be dealing with a few of these issues as well"

 

"The details mentioned within the report are a few of the very best readily available"

 

"Excellent way of explaining, and good post to take facts"

 

Well, they could be innocent quick replies, right? let's look closer. If you copy one of these exactly, including the quotes, and paste it into a google search, you can find dozens, and sometimes hundreds of exact copies of the comment in other blogs. They will even reproduce the same typos (the 'ofcourse' in the above sample is faithfully repeated over and over...) If you go to some of the actual  blogs listed in the google search results, many are glutted with these meaningless comments, sometimes with two or three identical copies, supposedly from different posters. If you put their meaningless comments into a google search, you'll again find hundreds of duplicates.

 

It looks like we can test for these kinds of posts to our own sites by taking the quote or a portion of it, and surrounding it in double quotes, before pasting it into a search. The quotes tell google to find only the exact same phrase in its searches. These spam comments can go back for years.

 

I've wondered why someone would do this, and have noticed that every (every!) one of the comments has a URL specified for the commenter. Sometimes, the same URL shows in many comments, supposedly by different people. I suspect that these posts come from "services" that promise to bring traffic to your website, so they spam every blog in the universe with fake comments that carry their customers' URL. From the blogs glutted with these meaningless comments, I'd suspect that if they find their comments on your site, they'll spam you even harder, as you've shown yourself to be receptive to them.

 

Just wondering if others here are wondering about these things.

Link to post
Share on other sites

Yup. I used to get these on my site years ago. I never approved them either. Sometimes, I wonder if it's not a ruse to suck one into a conversation that might lead to "getting to know you" type of thing. Like a precursor to those emails asking for money or telling you they need your credit card number for something. Who knows anymore?! People are too weird and will do anything! 😵😒

Link to post
Share on other sites

Quite simply these comments are often from bots, it's rarely humans actually doing the comments unless captcha is turned on. So they can crawl the web looking for blog posts to comment on and fill in the forms automatically that is why when you search for the comment as a phrase you find so many hits on the results. It could be done by paid services promising to get more traffic or just by hackers who put malware on the the site that the URL points to.

Link to post
Share on other sites
2 hours ago, Amosathar said:

Quite simply these comments are often from bots, it's rarely humans actually doing the comments unless captcha is turned on. So they can crawl the web looking for blog posts to comment on and fill in the forms automatically that is why when you search for the comment as a phrase you find so many hits on the results. It could be done by paid services promising to get more traffic or just by hackers who put malware on the the site that the URL points to.

 

Yeah, the vast number of duplications screams that it's from one or more bots. It's just a question of why. I don't see them being able to put malware on the site by just sending plaintext; it's not like the submission forms allow javascript or anything. It's all filtered down to plaintext.

 

The fact that every single one of these comments contains a commenter's reference to a URL goes beyond coincidence, though. Lots of people commenting don't have websites of their own, so just by the law of averages, there's something about those links.

 

Because my post was already too long, I left out lots of other info. I sometimes use a version of Firefox that's loaded-up with protective plugins, like things that won't allow javascript to run without my permission, so they can't open up new tabs, redefine & disable keyboard keys, etc. Then, I can copy and paste some of those links into the Firefox instance, and see the sites safely. Many are just simple little business websites, of the kind who would be customers of the "services" I'd suggested.

 

I get in and get out very quickly, so their Google Analytics will record me as "bounce" traffic, rather than as an interested visitor. Otherwise, I might be helping the spam sites build up their credibility, by looking like someone who actually counts as increased customer traffic. I wouldn't want my visit to help cause these people to pay more money to the spam sites.

Link to post
Share on other sites
3 minutes ago, Wes B said:

I don't see them being able to put malware on the site by just sending plaintext; it's not like the submission forms allow javascript or anything. It's all filtered down to plaintext.

I mean the actual destination of where the URL points to, not the comment or on the page of the blog. If someone visits that URL, the javascript on the site may contain or load malware onto the person's computer. That's actually why I use an extension/addon called No Script so that I can block all javascript on websites and only turn on the ones that won't cause harm.

 

Hackers do try to use SQL hacks in comments in order to try to infiltrate blogs especially if it is a wordpress site as I am in charge of many wordpress sites for other people and have a security addon called wordfence that shows all the attempted hacks that people try to do through comments.

 

 

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.