Trojan Blog Comments – “Nothing seems to be easier than seeing someone whom you can help but not helping.”

So, I get a fair number of comments on various articles I write here, and also a fair amount of comment spam (about 100-150 comment spams per day) which Akismet dutifully protects me against 99% of the time. While Akismet is an impressive and highly functional tool – it certainly is not (and should be) the only tool in your arsenal to protect your blog from comment spammers.

WordPress has various mechanisms available to prevent automated (or human) spam bots from overrunning your site.

One of them is to place comments in a moderation queue automatically if they contain certain keywords – you can fill in the obvious keywords that you wouldn’t want to be arbitrarily approved in a visitor

comment.

Another option offered is that only commentators with a previously approved comment (based on their IP address and other parameters) can have their comment immediately published. Then there is the option to put any comments with more than a certain number of hyperlinks in the comments to be moved into the moderation holding pen.

Most blog administrators use a combination of the above mechanisms.

So the spammers have naturally adapted to all these counter spam measures and attempt to circumvent them. One way is to have an initial post that seems as innocuous as possible, contains no hyperlinks whatsoever. The idea being that the blog owner will approve that initial comment, which then theoretically enable the spammer afterwards to bypass the “must have previously approved comment” option… (if the other mechanisms were not enabled)

Here is one example of a comment from a new visitor on this site I just looked at:

Nothing seems to be easier than seeing someone whom you can help but not helping.

I suggest we start giving it a try. Give love to the ones that need it.

God will appreciate it.

Now, that seems like a fairly innocent comment… the user left no hyperlink to any spammy site anywhere in the comment. The IP address of the poster was 194.8.75.60 and his email (which I never disclose, although you have to provide one when leaving your comment,) was a relatively benign looking Gmail account.

What really caught my attention was that the comment was added to an article I had published about a SEO tip for Invision Power Board… now, I don’t think that divine intervention was really relevant nor appropriate for that post.

I went a quick step further, just out of curiosity, and did a Googled for the comment sentence “Nothing seems to be easier than seeing someone whom you can help but not helping.”

Hmm… 327 results for that exact sentence in quotes – most posted to a plethora of online communities and blogs in the last 24-48 hours.

PWNED. ;)