I’ve long ago gotten used to the near-constant comment, trackback, and referrer spamming that comes with running a blog—trackbacks got so bad I turned them off rather than have to clean them up every day—but now there’s two new tactics spammers have been using that are annoying as hell. Or at least they’re new to me.
First up is member account spamming. This is where they register an account on your blog and then put links to their sites in their member profiles and signatures, but they don’t leave any comments so you don’t necessarily see the links unless you check their profiles. SEB allows you to automatically register by responding to an email and then it sends me an email notice that you’ve registered. I’ve had to resort to checking every newly registered account to see if it contains spam links as I get the notifications. I only noticed this trend because some of the spammers use link-back checkers to make sure the member account exists and the hits to those accounts show up in my referrer log. It’s awfully strange to see hits on member accounts for people who have never left a comment on the blog. You have to admit that it’s a pretty clever way of circumventing the spam blockers most blogs run these days as member profiles aren’t typically checked and yet member lists are often crawled by Google.
The second method is even more annoying. It’s similar to the one above except that they don’t put any spam links in the member profile at all. Instead they target sites, like SEB, that have their own wikis setup. Any registered member can edit the wiki and wiki entries are not subject to spam scanning. So they register an account, activate it, and then go into the wiki and add pages in that look legitimate, but contain spam links. Just today someone registered an account and made a new “cetinionism” category page in the SEBPedia then used a copy and paste job from the Talk.Origins site to do a brief overview, followed by a link to another page within the wiki and then a link back to their “academic paper writing service” for “more information.”
The only reason I caught onto this is because some of the spammers pushed their luck by registering account names such as “AcademicStudy” and “WritingStudy” which are obviously spamish account names to begin with. When I didn’t see any spam links in their profiles I grew suspicious and started poking through the user activity log and noticed they all were editing pages in the SEBPedia. Sure enough when I checked the wiki whole new pages were in place that looked like a lot of work went into them, but which contained spam links. When I deleted the accounts the wiki pages went with them.
So if you’re running a system like ExpressionEngine and you’re using the wiki module (or you’re running a stand-alone wiki on your site) then you might want to examine your recent changes log to see if anyone is using it for spamming purposes. What boggles the mind isn’t that they’re clever enough to find new ways to spam your site, but that they’re still dumb enough to use account names that are obviously for spamming.