SEB is getting hammered with comment spam lately.

Here’s a graph showing all the spam SEB has received since the start of September of 2009:

Graph of spam sent to SEB.

It's like a SPAMQUAKE!

We jumped from a low of 23 last October to a record high this month of 2,056. I just cleaned out another 154 from the spam queue and there’s already 3 new ones back in there.

On the plus side, the WordPress implementation of Akismet is damned impressive. Almost all comment spam is caught by the filter with only a couple ever making it through and with only a handful of false positives. Even then the ones that make it past Akismet never see a live page as they get stuck in the moderation queue due to having an unknown email address. It works out to a 99.377% accuracy rate which is nothing to sneeze at.

On the negative side, it doesn’t look like the WP-reCAPTCHA plugin does jack shit in terms of stopping spam bots as most of it is clearly not being typed in by hand. Having said that I must admit that I’ve not turned it off yet to see if things get worse or not, but I’m tempted to try it and see. If things are about the same then there’s little point in using it as it just annoys non-registered commenters.

So while there are aspects of WordPress that annoy me – large number of plugins to recreate functionality found in other systems, annoyingly complicated template system – I have to give them big props for an excellent comment spam solution.

20 thoughts on “SEB is getting hammered with comment spam lately.

  1. Akismet is indeed impressive. I used to get 5-10 pieces of Russian spam/day. After activating Akismet I get zero. I still get spam, of course, but the largest source of it has been wiped out.

  2. The most common spam for me at the moment is that “I really enjoyed this post… look… Viagra!” style.

    I got one that I actually considered approving for the humour value. It said, and I’m quoting accurately, “This post was very informative. I used it to teach my five year old about this subject.”

    It was on an old post about a joke I’d read from a porn mag when I was a kid, and concerned a disastrous anal-bead incident between a guy and his girlfriend.

  3. Frac,

    I’m getting that nonsense too. It seems the spammers realized nobody was falling for spam with just links, so they decided to put in phony comments in an attempt to fool bloggers. I’m sure some people fall for it, but those who pay attention don’t.

  4. See, that’s what happens when you get some PageRank. As soon as you get above 2 or 3, the SEO garbage from Eastern Europe and India begin flooding in. Your site is PR5, so I can understand how it becomes a target. My site is only PR2, so the spam is minimal. But Akismet catches it all.

    BTW, did you set up your robots meta as “nofollow” or “dofollow”? If it’s the latter, it gives everyone you’ve linked to some Google juice, but the downside is that the spammers target you even more. I’ve heard there’s even a Firefox plugin that automatically displays the robots follow status of each site – no doubt every SEO hack on the planet is using it.

  5. The phony comments aren’t designed to fool any bloggers (or readers). The spammers post them to get backlinks to their sites, to boost their Google PageRank. Since SEB is is PR5, it becomes a lightning rod for comment spam.

    As for ReCAPTCHA, I have been putting email links for my sites behind those CAPTCHAs for quite some time now, with very good success. No spam…until about a month or so ago. Now I’m getting a small trickle of spam passing through those. Either the spambots are getting better at solving the CAPTCHAs, or spammers are doing them by hand. Or both.

  6. I have folks who intentionally don’t register for my site because they think the whole idea behind reCAPTCHA is cool.

    I’ll say that between Akismet and that (and it’s hard to say how much is “and that”), I get maybe a single spam message … getting tossed into moderation … a week. Which is pretty cool vs. the old MT world.

  7. Why does the SEB spam diagram have entries for “ham” and “yummy pie”???

    Captcha: “Dreams the”

    Dreams the what? The mighty Cthullu?

  8. Why does the SEB spam diagram have entries for “ham” and “yummy pie”???

    Akismet tracks comments as spam or ham (ham being legit comments). The yummy pie is a pie chart in the Akismet dashboard that shows the two categories.

  9. Mmmmh, what food group is “False positive” then? I mean, all others are at least potentially edible.

    [Thanks ***Dave, BTW]

  10. That’s the stuff you throw away because you think it looks bad and your spouse glares at you and says, “That was a waste of perfectly good food, and I was planning on cooking it up tonight.”

  11. A false positive is when Akismet flags something as spam that isn’t. I have to manually move those out of the spam queue when they occur, which isn’t very often.

  12. For example, Akismet suddenly decided that ***Dave’s last two comments were spam and I had to mark them as not spam and then approve both to be posted to the site. ***Dave’s comments were false positives.

  13. I read an interesting tid-bit. It wasn’t specific to reCaptcha.

    It said that one spammer trick is to script a registration process. When the Captcha is displayed, grab it and present it on something like a porn site. The, uh, sleezophile enters the captcha and is rewarded with porn. A script then quickly takes that reply and pastes it into the real form.

    I think the reCaptcha passphrase might thwart that, but really don’t know.

    Et voila. Distributed human labour.

  14. “Et voila. Distributed human labour.”

    Smart. And here’s my idea foiled to lord it over a million minimal-wage slaves in China constantly entering captchas for spam!

  15. Well, all of my comments have been considered false positives recently, and it seems my website is the cause. I don’t understand, it’s just a blog with drawings.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.