I had been wondering how long it would take spammers to figure this one out. Here is what has been happening for the last week or two.
Spammers have been looking for blogs that do not have any kind of spam protection or are weak and have let some spam links through. They then monitor those blogs for activity to see if they are being used/check often. If they find that the blog is uninhabited, they then start adding links pointing to those spammed posts in their new spam comments to be sent to unsuspecting bloggers. Thus by making the links to blogs in their spam comments look somewhat eligible (and in a foreign language) the spammers are raising the pagerank of those spammed posts in “compromised” blogs and effectively giving their own spam links the attention they need.
I suggest that all bloggers become proactive about spam. Please keep your spam filters updated and actively remove commenting from old posts beyond a certain age (if you are unwilling to weed out comment spam). I suggest an intelligent comment detection mechanism and I believe it already exists for WordPress in some form. If a post is of a certain age and it suddenly receives comments, they deserve to be moderated and then allowed by the blog author.
I see this quickly becoming a major problem since quite a few abandoned blogs exist and some established bloggers still allow comment spam to seep through into their blogs.
Agreed… googling “Respekt! Ein wirlich gelungene Seite” returns 42K results :p
Sending comments on old posts to the moderation queue : Auto Moderate Comments
(I believe this is better than simply *closing* comments on old posts)
On a side note, I’ll add that I’ve been hit by this new kind of spam today, and the first ones let me quite perplex before I understood what it was all about ๐
The sad thing is they are going to be very difficult to filter out (plus, those spammers seem to be a bit less dumb than most and can handle Bad Behavior)
Seems like an even better reason to use Spam Karma 2.
Unfortunately, I’ve been starting to see some spam appear on my blog, but only because my theme is not completely compatible with 1.5.
I have all of my comments come into my email and I check it regularly so that I am aware of all commenters. Thanks for the FYI!!
One guy left an interesting comment that looked very legitimate, until he added in a url at the end. I just removed the url, and kep the comment in place.
Thanks for the comment! ๐
Justin
One thing I noticed on my site is that the comment SPAM was pretty much limited to three or four older posts. I’ve locked down the comments on those posts, and haven’t had a comment SPAM hit my site is several days (as opposed to the several a day those posts were getting).
I have comment moderation enabled on my site, but, once someone has commented and been approved, I assume they’re okay, and don’t moderate their comments, unless links are contained in the comment.
I also receive all comments posted to the site via e-mail, so that I can monitor the comment posting activity, and act accordingly. So far, that’s been fairly effective here.
Justin: Unless you have your site configured to moderate every single comment, that may not work out so well. The spammer is now in your “white list” and can post comments without approval from now on.
i agree with Ozh
I agree with your point whole heartedly. I have a blog with moderate traffic (which I sometimes don’t post to for a week or so at a time). I don’t get alot of comment traffic and keep the settings set to moderate every comment. In the past I have gotten an occassional spam (maybe once every few weeks) which I promtly deleted. But last weekend I got barraged by comment spam. It got to be too much for me to moderate so I started looking for a spam plugin. I ended up installing Spam Karma 2 and it caught 116 spam comments in the following day or so alone. Since then the spam comment traffic has stopped. I’m thinking that I was targeted as a test blog for the scheme you mentioned and they left me alone after 3 days of intense commenting when they realized that none of their comments actually made it through moderation/filtering.
Any protection can be overcome, so I just keep evolving my flagship antispam plugin to cope. WP-Hashcash now blocks IPs after 4 failed computations, so brute force gives a .01% chance to learn the secret code with the integer settings I’m using. I have a few improvements in mind in the future, but for now this will do!
Ummm… why doesn’t popular blogging software give you the ability to “mass close” your posts to comments? Why the heck should I have to page through months of posts, closing them to comments one by one?
No wonder I was getting a surge in spam the past week. I use akismet.. sometimes it eats up legitimate comments too so i usually monitor the comments marked as spam. But now it’s become a chore to scan through the 10 pages of spam everyday. Such a hassle.