Comment spam.

Defining comment spam

Although there is no technical definition for what is and isn’t comment spam, a spam post is widely considered to be a message that does not relate to the associated content in any meaningful way. It’s often believed that comment spam only takes the form of links placed to an external site, however, overtly promotional messages or posts that are designed to gain links from host websites also fall into this category.  

Generally speaking, comment spam is exceptionally easy to spot. Most links are posted by automatic programmes known as spambots, which at their most basic level, will simply post a direct link back to a source. Slightly more advanced spammers won’t overtly push a link but can be spotted through their awkward and often bemusing use of the English language, take the example below; a strangely poetic piece supplied by the museum of spam:

“Let me tell you, the best Homemade ice cream recipes, is one that you’ll often use.

The one that is worst is the one which collects dust

and remains in the garage.”

If it looks as though it has been put through a thesaurus that’s because it probably has, one of many ways in which spammers look to get their posts under the radar of spam filters. Many sites often apply settings to remove well-known spam phrases, forcing the spammers to generate vague sounding text built on the synonyms of legitimate comments. Thousands of these messages are generated at once, and though 99.9% will be turned away at the gates, enough will make it through to make it a worthwhile enterprise in the eyes of scheming spammers.

How does it work?

A link from a website effectively acts as a vote of confidence, propelling the linked-to site up the search rankings. By posting links in the comments section of a blog, spammers can up the authority of their own sites, in much the same way an unwanted parasite leeches from a larger host.

In addition to changing text structure, spammers have a variety of tips and tricks they use to fool both automatic and human moderators. Like any con artist, the methods they use are constantly evolving, part of an arms race between spammers and cybersecurity. One such ruse is to include a one by one-pixel transparent gif image as an accompaniment to a post. Housed within it will be a link back to the spam site. Another will be the classic long-con (relatively speaking), whereby a spammer will post a seemingly legitimate question such as:

“Where else do yellowball you have information?”

Even if the English is poor, it seems like a genuine concern and therefore may well be left alone by moderators. However, a day or two later another user (often one and the same) will answer their query with something like:

“Hey, I found a great source you might want to take a look at [link to spam site]. It could really help answer your question!”

At first glance a human moderator may be excused for thinking this seems like a helpful exchange, however, it not only promotes poor content elsewhere, it can seriously damage the position of the host website too. If you looked at it for more than just a glance though, it becomes very apparent that this is just spam.

Why is it harmful?

Comment spam is harmful for a number of reasons, firstly it disrupts the usability of sites – preventing real users from having productive interactions and building a community. In the long term this can act as a deterrent for new and existing users. It can also directly impact on a website’s spam score, a metric created by MOZ to indicate the probability of a site incurring an algorithmic penalty.

As it turns out, a high external link to content ratio happens to one of seventeen ‘red flag’ signals that feed into this spam score. It can be helpful here to think of Google as an angry bull – while waving a red flag might not attract it’s wrath, waving five of them just might. In our opinion, it’s probably best just to leave the flags safely at home.  

Spam can also falsely drive up relevance for unintended keywords. Should a user stumble on a site as a result of searching for a term only mentioned in spam posts the chances are they will leave straight away, increasing the bounce rate for the aforementioned site. Repeated enough times, it’s likely that the site will begin to rank lower overall.

Every now and again comment spam can be more than just a nuisance though, sometimes it’s a very real security threat too. Linking to an infected site is a common tactic used by malicious spammers, often triggering the hidden installation of a Javascript keylogger – a means of obtaining usernames and passwords by tracking which keys a user presses on their keyboards. Needless to say, it should be taken very seriously and offending comments removed as soon as possible.

Avoiding comment spam

Fortunately, there are a number of ways to reduce comment spam. The most effective of these is to simply disable comments, instantly reducing cases of comment spam to a sweet-sounding zero. That said, this method also denies genuine users the ability to discuss and provide great feedback for content, a less than ideal scenario.

Another option is to install spam filtering tools, readily available as plugins from most CMS providers, these prevent most generic spam and can be set to remove particularly common phrases or keywords that pop up time and time again. Of course, as mentioned beforehand, some spam may well find its way through, and even if only 0.1% of attempts successfully get through, the number can still be significant.

Perhaps the most effective way of preventing comment spam is combining the use of filters with Captcha, a piece of software that can tell human users apart from the hordes of spambots trying to gain unsolicited access. Unfortunately, none of these solutions deal with determined human spammers hell-bent on hijacking the discussions taking place. Laying down clear guidelines and regularly removing content that falls short of these is the only real way in which to deal with this kind of spam – after a short while most spammers will give up, fully aware of which sites aren’t worth their limited time. When all else fails, remember the time-old adage: “If in doubt, kick it out”.

*comments for this article have been disabled*