We all know spammers change their methods frequently. But there are also some broader trends that slowly emerge over long periods. The economics of spam has changed considerably since Akismet first started back in 2005, and that has led to some new trends and changes in spam patterns recently. Here’s a quick summary of some of the most important changes in web spam we’ve seen over the last year.
- Human‑posted spam has been on the rise for some time. Low‑paid workers are hired by “SEO” firms to post comments on blogs and forums, advertising their clients’ web sites (typically small local businesses). The workers generally operate out of internet cafes and universities, particularly in India, South‑East Asia, and Turkey. The quality of comments varies, with the best written spam usually coming from SE Asia. There are now sophisticated marketplaces set up specifically for hiring manual workers to do this kind of spam.
- Good old‑fashioned pill, porn and malware spam continues to center around Eastern Europe and the Russian Federation. They have well established willing hosts in the Netherlands, Latvia, Russia, Germany, and the USA, and hacked servers elsewhere.
- Several Eastern European spammers control large ranges of IP addresses. One in particular has dozens of /22 and /21 networks. These are rented out to spammers as a distributed proxy network, or in some cases sold as a hosted spambot service.
- Chinese wholesaler spam is becoming more frequent and organized. In addition to the usual comments and forum posts advertising counterfeit fashion and miscellaneous goods, the spammers are now creating networks of fake blogs and web sites on free hosts including Blogspot.com, Weebly.com, Tumblr.com, Ning.com, and WordPress.com.
- Other spammers are abusing proxies at ISPs and universities, and national censoring proxies such as those in Saudi Arabia and Singapore. They do this to mix their spam with legitimate traffic and thus make IP blacklisting impossible. (Akismet, of course, is not a blacklist).
- Autoblog pingback spam is now so bad that many blogs are refusing to accept any pingbacks at all. There’s no single source or group behind this – rather, gullible people are following “make money on the internet” instructions that recommend creating fake blogs on discount shared hosts and running ads. They use packages of WordPress plugins that copy content from other blogs or article publishing sites, and send pingbacks to many blogs try to get backlinks and traffic. There are large numbers of people doing this, and most of them have many such blogs. Needless to say it doesn’t work — the only people who make any money from autoblogs are the ones who sell the “make money on the internet” scams.
- Some well‑meaning but careless bloggers are unwittingly annoying other blogs with large numbers of pingbacks. They’re using plugins that add “related links” sections to each post, with an automatically generated list of links to posts on other blogs, and send a pingback to each of them. Unfortunately the plugins usually do a poor job of selecting relevant links, and the recipients of those pingbacks often regard them as spam (which is not unreasonable as the pingback is often totally unrelated, and autoblog spammers use the same plugins). Some bloggers have configured their plugins to include 50, 100 or more of these links in each post, which is further exacerbating people’s frustration with pingbacks.
(For an example of a related‑link plugin that does a good job of selecting relevant links and limiting pingbacks to a reasonable number, give Zemanta a try)
- Trackbacks have become so unpopular that even many spammers have abandoned them.
- Parasite hosting – such as hacked wikis, forum profile spam and hijacked blogs – used to be solely the realm of porn/pill/malware spammers. But recently Indian and Asian SEO spammers have adopted the same tactics – so where it used to advertise penis pills or bogus antivirus programs, now it’s dentists, roofing, and pet food.