A few days ago I started getting attacked by Trackback spam.
You know, I’ve gotten used to spam in many forms… I’ve been getting junk mail since the mid-1990s, and even good junk mail filters don’t quite get everything out of my mailbox. I’m relatively unsurprised, though still annoyed, by most email spam.
When I started my blog, I didn’t quite realize that I was opening the door to additional types of spam.
Early on I started noticing “referrer spam”, which basically attempts to exploit administrative curiosity about who is sending visitors to your site, producing clickthroughs to sites which are actually scams for debt reduction or body part enhancement or whatever. With the aid of a slightly jaded eye, I can pretty much identify most of these referrer spams right off the bat and I almost never get suckered into visiting such sites.
But later I started facing “comment spam”, which were created by automated scripts. The motivation would appear to be to get users to click on such spam messages, but for the most part the spammers target older messages that only get sporadic reading, and so it turns out that what they were really trying to do was exploit Google PageRank algorithms to get people to go to pay-per-click or pay-per-lead sites. Basically, the more links to a particular site, the more highly ranked it will likely be for a particular keyword, and people searching for gambling or pornography or various misspelled male impotence drugs are more likely to find some spammer’s site and he’ll get a few cents for each clickthrough; well worth the effort of distributed spamming of thousands of blogs.
I got rid of almost all comment spam by implementing a slightly finicky Human Interface Proof technology on my blog (if you mistype the HIP text the comment goes to a bit bucket). So that disappeared, and, with a few small probably manually plotted exceptions, very little comment spam appears.
I still get referral spam, and this will likely never go away, even though it doesn’t really help the spammer much.
But more recently, I have been getting inundated by Trackback spam. A trackback is basically a ping that is sent when someone links to an article on my blog site. Most of the time, their software sends a ping request, and it magically transforms into a mini-post that looks similar to a comment on my web site. Well, spammers can exploit this also. They use it for the same purpose as comment spam, and somehow since June 7 I’ve been targeted with about 200 trackback spams. In my massive deletion of bogus trackbacks I probably deleted some legitimate ones. I may disable the display of trackbacks just to avoid the benefit to spammers… I would actually like to see who is referring to me for real, but if the order of magnitude of spam trackbacks increases I’ll not really have the energy to keep up with the deletions.