Compliment Comments and Spam

Because of a standard configuration of many WordPress blogs, it’s not uncommon to get comments containing nothing but a generic compliment. These frequently also have a site like google.com listed as the commenter’s website and/or an email address from China (.cn) or Russia (.ru).

These generic compliment comments are part one of a two-stage spam attack.

WordPress (and possibly other blog platforms) can be set up so that comments from first-time commenters must be manually approved, but after that first comment is approved the commenter (based on email address) is free to make additional comments. Those additional comments will be automatically posted unless they violate other rules such as having two or more links/URLs in them.

The basic sequence then is something like this:

  1. Spammer posts a generic comment complimenting the post. Nothing objectionable here.
  2. Blog owner says “Awww, they like me! Approved!”
  3. Spammer says “Great, now I can post spam to the blog!”
  4. Spammer posts many spam comments with one link to their website or to whatever website they’re being paid to ‘advertise’ for. Comments show up immediately.
  5. Blog owner doesn’t pay much attention.
  6. Someone points out spam to blog owner.
  7. Blog owner says “How did this happen???” while deleting spam comments
  8. Spammer comes back again. If the blog owner didn’t block the email address, continues to post freely.

So, if you’re running a blog and see comments like that, don’t blindly approve them.

If you’re reading a blog and want to post a comment, please make it a comment about the post you’re responding to rather than a simple “I liked your post.”

3 comments to Compliment Comments and Spam

  • As an example, I have a comment blocked as spam with just the content

    Hi,
    Interesting, I`ll quote it on my site later.
    Thank you
    Elcorin

    Nothing really notable, except the return address is @mail.ru and it’s a comment on my post Article on Open Source vs. Proprietary EMRs and Stimulus which is unlikely to be of much interest outside the US. I predict that if I approved this comment I’d have a large number of spam comments show up within hours.

  • manitoito

    Authentic words, some truthful words man. Totally made my day!!

    Edited by Alan:
    Here’s a perfect example of such a comment, and so appropriately placed. I’ve changed the email address to prevent further posting and removed the website URL from this message.

  • I do agree with all the ideas you have presented in your post. They are really convincing and will certainly work. Still, the posts are very short for starters. Could you please extend them a bit from next time? Thanks for the post!!

    [Here’s an excellent example of the genre! I’ve disabled the email address used, but it’s a seemingly-harmless post with a URL link back to a Discover Magazine article. The only reason for someone to post something like this is to get the email address “approved” for posting to the site so it can be used for automated posting of spam in the future. –Alan]