Oh, That’s Just Charming

Sometime last night I got slammed with comment spam — more than 250 comments before I was able to stem the tide — all of which were ostensibly advertising a series of blogs. Here’s the cute thing, though: many of them were positively self-referential, sort of meta-spam. A choice quote:

Wow, the spam on your page has gotten out of controll. I don’t even know if you’ll get this comment or not, but I guess I’ll try posting it for the heck of it…They say there’s strength in numbers, so I get a couple of others I know to come here and comment, too.

There’s something both irritating and ingenious about this: spam about spam; targeting blogs to advertise blogs. My favorite of the comments, though, is the one that advertised its own undoing:

I don’t know about you, but I think the MT spam filter has to be updated constantly. It DOES, however, work pretty well. I’ve tried it on my own blog and uploaded it into the new plugins folder that came with the lateset release of MT 2.44. I think this guy has the most up to date filter: [URL deleted]…I think that’s the address…He’s got a download set up so its super convenient. Personally, I think MT should be taking the lead in this, but that’s for another post :).

Nice to have the reminder, I suppose, to keep the blacklist updated.

[UPDATE, 1.58 pm: If you want to update yours, here’s mine.] [UPDATE, 5.27.04: Post-site-migration, mt-blacklist no longer in use.]

7 thoughts on “Oh, That’s Just Charming

  1. What is the purpose of this spam? I tried to check out a couple URLs (didn’t click directly, since I would hate to make you look like a good target for this sort of thing) but only found skeletal sites with MT documentation on them.

    Anyway, this spam was a lot more interesting than the usual “click here for free viagra” nonsense, if only because it acknowledged the context in which it would be read. Maybe they shouldn’t have put “blog” in the name field for every single entry, though. And getting someone literate to proofread wouldn’t be a bad idea, either.

  2. Is your blacklist currently updated to include what hit you last night?

    I ask for two reasons – first, b/c I’ll use it to update the herders list.

    And second, I wonder if spammers are going to hit with random and innocent spam for a while in order to force blacklists to adopt profiles that accidently block regular users as well. Break MT-Blacklist by making it harder to distinguish b/w spam and innocent content, hoping the inconvenience will force people to remove the blacklist software. That’s how I’d try to break it.

  3. I’ve just added a link to my blacklist (which includes last night’s spammers). I kinda agree with you about the spammers’ possible tactics, except that these messages were so prolific, so overwhelming, so rapid, and so repeated, that they couldn’t be mistaken for non-spam. All 250+ came from the same IP address, and all used the same email address, though there were perhaps 10 or so different messages and URLs.

    I’m beginning to think, though, that we may need to go in the direction of a variant on the “whitelist” route that George suggested. Not demanding comment registration but rather some sort of security code entry aimed at ensuring that the commenter is human rather than an engine…

  4. Alex Halavais, on my blogroll, uses this technique. I imagine he could give you some clue about its effectiveness.

    I’ve been getting some weird referrer log spam recently, too. Besides the usual hotel heiress “performance art” websites, for some reason I’ve been getting quite a few hits from the Cuba Central site (of course, this could be because I mentioned Castro in one blog entry).

  5. What I’m getting is a random assortment of hotel-heiress or putatively-virginal-but-Madonna-kissing-pop-star or breast-exposing-pop-star or amateur-adult-performer or… or… or… blogspot or blogdrive sites that are popping up as having linked to my referrer log page, which of course (a) they have not, and (b) makes clear that they’re just spamming me, as there are no links to my referrer logs anywhere on this site. So I’ve attempted to configure my referrer log software (Dean Allen’s Refer) such that it ignores any hits on the referrer log page. We’ll see if that helps. But I hate to think I’m now going to need a refer-blacklist plugin…

Leave a Reply

Your email address will not be published. Required fields are marked *