Sun 8 May 2011
Desperate?
Posted by anaglyph under Hmmm..., Spam Observations, Web Politics
[31] Comments
For most of you, Tetherd Cow is an unfolding story of antics in Cow World that plays out on a fairly linear daily or weekly basis. You know how it goes – I post a story, you comment, we have a some fun repartee and then we move on. Very civilized. But because I have an expansive overview of The Cow (a Cowish ‘omnipotence’ as it were) the Cowiverse looks somewhat different to me. I see a whole lot of stuff to which you are not privvy. There is, for example, activity that occurs way back in time, in posts that have had their moment in the sun and are never visited again except by the occasional lost web traveller. Or by spammers. Spammers discovered long ago that the vast hinterland of forgotten blog comments provides another fertile venue for their pathetic attempts to hawk various car insurance/viagra/cheap mortgage/locksmith ((Yes. A New York locksmith and his pals were, apparently, touring the blogosphere and leaving comments in an attempt to boost their linkability. Rather sad, really.)) schemes. Because visiting millions of blogs and posting comments is (quite obviously) a tedious and time consuming task, the spammers have mostly relegated this drudgework to bots. Sometimes very clever bots, but bots all the same. Bots are mostly pretty easy to defeat, and these days most bot comments get swept up by blog spam utilities and never see the light of day. ((My spam tools automatically shift such comments into the spam graveyard without me even being aware of them. On average, TCA gets about forty of these a day.))
Recently, though, a new spamming ruse appears to be on the rise. This technique requires real people to spend time browsing around blogs and posting comments and linking their names to some crap or other. ((The technical reason they do this is to increase the number of legitimate websites ‘linking’ to their garbage product. This, in turn, increases their search ranking in various engines. Search engines find it easy to defeat standard spambot link farming, but this kind of ‘human’ bot requires (so far) human brains to intercept. And not only that, human brains that understand the context of their own blogs.)) Here’s one that I got yesterday:
This was a comment left on my post Ooze which you may remember concerned the curious fungus that once appeared in my backyard. On the face of it, ‘Jeff’ appears to be taking an interest in the post and leaving a pertinent comment – he is obviously not a bot.
What the spammers don’t appear to understand, though, is that when a commenter leaves his or her mark on TCA comments, I can tell all kinds of things about them other than just their email address and their name. I know, for instance, that while Jeff Morgan is (most likely) a real person, with a real Bigpond email address, it is not the real Jeff Morgan who has visited my blog. Someone has stolen his name and email address for the purposes of making their spam look legitimate. The clue to Fake Jeff’s real agenda is written clear in two places – one is in his IP address which comes out of Pakistan, and the other is in ‘his’ website which is easily recognizable ((By a person, at least.)) as a ‘front-door’ for a spam operation linking off to various kinds of crummy products. ((Typically, these ‘front’-door’ sites are set up as link farms into products that the spammer has been paid to ‘advertise’. They are disposable sites that will be abandoned as soon as they are busted, only to spring up somewhere else in a matter of minutes. The spammers probably have thousands of them on the shelf, ready to go.))
As is usual in these cases, I leave the comment intact and ‘repair’ the weblink to take it somewhere a little more useful. ((I usually redirect it to the JREF, because I think if there’s one thing we could do with a whole heap more of in this world, it’s some rational thinking. Can’t ever have too many links to the JREF. Did I mention the JREF?)) This morning though, I got a rather intriguing one of these ‘comments’ from ‘Mircea’:
This one appeared in my post We’re All DOOMED! as a reply to Cissy Strutt. Unlike Jeff’s comment, it only half makes sense, but I have had far more incomprehensible legitimate comments in my time. ‘Mircea’ evidently thinks that by embedding it in the flow of commenting (he/she would have to have physically clicked the ‘Reply’ button) that it would go unnoticed. ((And I guess on a lot of blogs maybe it would have.)) But I don’t see comments the same way as commenters do, and for me it’s a trivial exercise to spot it as spam. Here’s part of what I see:
Did you see the very interesting thing here, Cowpokes? ‘Mircea’ appears to be spamming for Microsoft. Oh, I’m sure that Microsoft would deny having anything to do with such a practice. They would, most likely, claim that anyone can type any URL in the web field and that they can’t be held responsible for random punters being fans of their search engine. But It is easy for me to see that ‘Mircea’ is not a legitimate entity: she/he has an IP in Quebec and an ISP in Germany – a very curious and probably impossible combination. Additionally, this is not the only one of these I’ve had in recent times.
There is a bit of discussion going on about this elsewhere, and one suggestion has been that the Bing URL is being truncated in some way and that Bing (and Yahoo as it turns out) ((I’ve also had several linked off to Yahoo.)) are just victims of a software snafu. But I want to point out that the way these blog commenting systems work does not support that conclusion – if people are physically reading the posts and entering comments, they are also physically entering the URLs they have been given to promote. To put it in clear terms, ‘Mircea’ is a fraudulent identity who has visited an historically distant Tetherd Cow Ahead post with the sole intention of leaving a link to Bing.
31 Responses to “ Desperate? ”
Trackbacks & Pingbacks:
-
[…] June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 Tetherd Cow RSSDesperate?Bun in the Oven?NitWitsConfundo!Underbtandasle Mibtake My AbbShoo!TAG: Crime Against HumanityDo: A […]
You should redirect them to JREF! ;-)
You’re not reading my footnotes dinahmow!
Or maybe… you are!
BING THE BISMARCK!
HAHAHAHAHA
I hope Bill is paying you well RT.
Buy yourself a penis-bot,
And then begin your crowing:
“Now my dick goes everywhere,
Without my even knowing.”
Spam is what
He hates the most
Yet still the Rev
Lets Malach post.
Yet to block his comments,
Now THAT I would forbid!
‘Twould be like taking toys away
From some retarded kid.
Letting Malach Comment?
Well the choice is up to you.
But if you like the stuff he says
Then you might be retarded, too.
Malach might be Folly’s King
But at least he’s not promoting Bing
Thing is, you’d expect that the search engines would know, being in the business, that this will get them no extra google juice. Search engines don’t use incoming links as a metric any more: they’ve got way more sophisticated since the “Google algorithm” in the 90s.
Since they know that, and know that spamming blogs with links to themselves does nothing to generate google ranking, and everything to annoy people… why would they do it? Why would *both* of them start to do it at the same time, and with the same MO?
Perhaps it’s not them. Perhaps it’s some other org with an intimate knowledge of search engine fu, and a dislike of Bing and Yahoo?
It’s puzzling, I’ll admit. These things for sure:
•’Mircea’ is a person, not a bot
•’Mircea’ uses stolen identities (I checked with Jeff Morgan – he was unaware that his email address was being used in such a manner. In fact, he was outraged – but as I told him, anyone can plug your email address in anywhere they like. Not something you can stop)
•He/she spent at least a minute or two reading and typing
•She/he physically entered data in the ‘Email address’ and ‘Website’ fields (although I guess some kind of macro might handle that)
•This is not a single instance of this phenomenon (using exactly the same Bing link)
If, as you say, the search engines are not relying on link volume it’s hard to figure out exactly what kind of process is going on. How about link credibility? Is it possible that newer algorithms assign some kind of ‘legitimacy’ to sites and the way they link, making links off them more valuable?
How about this kind of thing though:
This was left this morning as a reply to one of the comments made by a ‘Binger’ (as I will call them from now on). The links (both the URL and the embedded one) and the email address are all complete garbage. Again, it’s tempting to say it’s just an aberration but I get these all the time too.
What’s going on?
Here’s a thought:
Suppose you are a spam czar and you are paying these hordes of human spam trolls (spumans?). How do you keep track of whether or not they’re doing their job? You’re certainly not going to bother checking – you have babes and champagne to attend to. But you are paying them money, so you need some kind of barometer of their worth, right?
Probably the easiest thing to do would be to hire bosses to check the browser logs of the spuman army to make sure the spumans had spent their time visiting and commenting on blogs. But the bosses wouldn’t bother reading every comment themselves, so the spumans figure that the best way to make up some territory is just to quickly leave garbage comments. Spot checks might catch them out, but maybe they know their bosses are too lazy to do that?
That would explain the garbage comments at least…
Oh, and here’s another piece for the puzzle: posts that get spammed in this way, frequently get spammed multiple times over many months. So, for instance, the mushroom post that ‘Jeff’ spammed has had several spuman comments. Likewise, my first Steorn post. It’s like they are little spam gravity wells.
I was disappointed with the discussion link since it just leads to a Google search page with only the first two items on that page having anything to do with this topic, and those items weren’t really a discussion, they just report the same thing as you.
While what you wrote about Mircea is a plausible explanation, unless someone finds some real evidence it will remain at best an educated guess and doesn’t warrant the certainty that you seem to express.
Um… I believe I said:
…and backed it up with pretty sound logic. I figure it’s a reasonable assertion. Feel free to show me where I am in error. If you have a better hypothesis, let’s hear it – I’m not a pontificator here on TCA, everything is up for discussion.
As for the link you mentioned, well, it was meant to show you two things: one is that I’m not the only one who has encountered this phenomenon, and two, that there’s an acrimonious Google/Bing search engine rivalry. I believe the link to the Google search does exactly what I had intended. Please note: I rarely use such a reference, and when I do, it’s for exactly the kind of reason I’ve used here; to give you a jumping-off point if you wish to dabble further.
Maybe I’m misinterpreting what you wrote, but it seems to me that you’re trying to make a case that Microsoft and Yahoo are responsible for these comments based entirely on the fact that Bing and Yahoo URLs are used. Since you don’t provide direct evidence to link the companies to the comments and you don’t know what they would have to gain by doing this, I see equal plausibility in DewiMorgan’s suggestion that it might be someone who dislikes Bing and Yahoo. Without direct evidence there’s nothing to distinguish one reasonable explanation from another, and even if only one reasonable explanation is on offer, that still doesn’t mean it’s the correct explanation.
Well, look at it from my point of view: every single day I get dozens, sometimes hundreds of pieces of spam. Almost every single one of those is an SEO grab. If I look back over the last week’s worth of spam I can see that 99.9% are linked to websites promoting some crap or other. Here, take a look at the kinds of things I see.
In other words, despite what Dewi says, the spammers still think that link profile is important.
So, given this behaviour from the spammers, when I see links to Bing or Yahoo, what is the most logical conclusion I can draw? That those links are not following the rule? Why should I think that? Just because the links are to Bing and Yahoo? What gives them a special imprimatur of holiness?*
And the suggestion that it might be someone who has a dislike for Bing and Yahoo requires yet one further piece of explanation: how would such link spamming be detrimental to Bing or Yahoo? Given that (as I can easily demonstrate from my spam logs) spammers have not eased off in the slightest on attempting to get link profiles onto blogs all over the net, it seems to me that there must still be some desirability in having numerous links. Additional information is required to show that it is, in contradiction, a liability.
Of course, the evidence is circumstantial. Just because my speculation is logical does not make it true. I may be completely wrong, and like a good skeptic, I am prepared to be proved so. (Indeed, if this is not link spam, I’d LOVE to know what this bizarre behaviour means! How intriguing is that?!). In that case, we’d need a viable hypothesis.
All suggestions welcome!
(*We know as a fact that Microsoft is not averse to using ‘innovative’ techniques in blog land.)
Heh. Check out the latest developments in my new post! I think you’ll be amused:
The Game Is Afoot!
I spent a while Googling,
But then I changed my mind;
And once I started Binging,
I gradually went blind.
Of all the weird things in the world
There’s some I can explain
But sometimes I just cannot stop
The binging in my brain.
HAHAHA poor Karen K!
Karen K is a
slutnew supporter of the JREF!BTW, how many blessings have you given out so far?
Only 2148. People don’t click on it anymore. To get an accurate way of how this works, I think I’d need a ‘plate’ at the end of every post. Unfortunately, due to the script I’m using this slows down the site very badly so I can’t implement it like that. Maybe I’ll think of another solution when I have the time.
You will notice I have abandoned Flattr. It was unsuccessful here for the reasons I outlined a ways back. Flattr are trying to address it now through various methods, but I still think it is destined to fail.
I dunno. I wouldn’t worry. Giving out over 2000 blessings seems alright for a small fundamentalist church of aetheist god-abandoned YouWillBurnInHellAndNot ExperienceTheRaptureSoMwahahaha heathens.
Yes, but I expect that about 1500 of those clicks are from you.
I like my morning blessing.
I’ve heard / read about a theory that the spammers are including occasional links to “legitimate” sites amongst the comment spam to their target sites to somehow confuse the spam-detection algorithms used by comment-spam blocking services such as Akismet or, indeed, Google or Bin themselves. Or something. I’m not explaining it well, but apparently the game has a couple more layers to it.