If the phrase does not mean anything to you, this post will be of no interest. I described the problem on this post a while back. Yesterday I received a notification from Mark at WordPress (it may also have gone to others) which I thought I’d reproduce here. It is very informative and tells us that WordPress is actively countering the spamming. Here is the essence of Mark’s message (slightly edited):
While we cannot stop referrer spam at the points where it originates (thus outside of wordpress.com) we do take this problem seriously and block reported domains from stats. Of course the spammers know that we block them and, to continue, they just get another domain.
This is a very hard problem to deal with. Based on my experience dealing with spam over the last five years, here is what I think is happening:
1. A spammer finds a lax domain registrar or makes a deal with a less than scrupulous one.
2. Spammer buys a large number of sites.
3. The spammer then fills those spam sites with ads or possibly malware or hate content (the hate content is a new tactic).
4. Spammer then spams thousands of websites. — Thus far he will have bought the domains using a program (electronically, automatically) and put all the ads on using the same technique. His cost is therefore minimal.
5. Spammer hopes people will follow those links back to his site, thus that they will click on them. — Because his costs thus far are small, it only takes a few purchases (from those whose ads are also clicked in that process) to make money. If the site is serving malware, the spammer is paid for each site infected.
6. Spammer then returns the domains back to the registrar within the accepted time-limit and gets a full refund. Thus he doesn’t even pay for the domain! — If you buy a domain through wordpress.com, for example, you can cancel within two days. A dodgy registrar might provide a longer period, but it will still be a short amount of time. That’s why spammers appear and then rapidly disappear again. So it’s all profit.Can we stop it? I’m afraid we can’t simply because it is outside of our control. No blog within wordpress.com is engaged in such spamming. But while we cannot stop it, we do block every domain that gets reported—and, again, thanks for reporting the scams. Doing so helps everyone, not just you!
You can detect spam by looking in the Referrer box on your Site Stats page. The spammer will be a referrer you don’t recognize producing an unusually large number of hits. These are phony hits. Nobody is actually visiting your site; it’s automated. If you detect such spam, Mark advises doing as follows:
1. Copy the spammer’s url (highlight and then Ctrl-C).
2. Go to the WordPress Support site here.
3. Fill in the blanks of the questionnaire. Blog URL will let you pick your own blog. Subject should be “Referrer Spam”. Topic: Select “Traffic”.
4. In the message block, underneath the preprinted I did: I saw: and I expected: lines, simply insert the spammer’s url (Ctrl-V).
That’s it. Mark requests that you enter nothing else. It speeds up their processes, and they recognize what you are doing if you follow the rules above.
That’s it. Please cooperate. Many visitors to my site have done just that, and the more of us do it, the more rapidly this attack will be foiled. All for one and one for all!
Like this:
Filed under: Crime and related Tagged: | Blogs, katakphuru, Malware, Referrer Spam, Spam
thank you for posting this – I was about to message wordpress about this, as i’m getting so much spam traffic i’m on the verge of freak out!