Too Legit to Flag as Spam: How Comment Spammers Trick You Into Keeping Their Spam

Spammers are getting clever. Lately, I’ve had comments left on some of my posts which, at first glance, appear very legitimate. The comment itself contains no links, and it appears to be an actual reply to what I have written.

It’s when I look at the name, website, and e-mail address associated with the comment that I get suspicious.

The website? Typically a commercial site. Ordinarily, that’s fine. If you’re commenting here, and your website is commercial, that’s fine. If you’re Chris Pearson and want to stick in as your website, that’s cool. If you’re Mark Zuckerberg and want to use as your website, go for it.

So what’s the big deal? The problem comes when I look at the name of the commenter: it’s not a name! Or even a nickname or recognizable online identity, for that matter. Chris Pearson wants to identify as “Pearsonified”? I’m hip with that. I sometimes use “KingdomGeek” when I comment on others’ sites. (And by “sometimes,” I mean “increasingly infrequently.”) The point is that legitimate comments have legitimate names associated with them — notwithstanding anonymous trolls who don’t spam but do lower the quality of the web for everyone.

But if you’re posting a comment, and you set your website to something like “,” and then sign your name as “Chicago Bankruptcy,” I call spam on you!

Spam... but with a Real Comment? Say it ain’t so!
Spam... but with a Real Comment? Say it ain’t so!

Bottom line is that my blog is not your community board; free advertising isn’t what I want to give away, no matter how much you’re paying those foreigners to hash out thousands of legitimate-looking comments on blogs every day. I applaud the effort: using humans effectively circumvents every anti-spam measure, but I assure you that I will diligently mark your faux comments as spam in Akismet as oft as you make them. Over time, Akismet will learn, and even your handmade spam will lose its effectiveness.

I want to ask all of my fellow bloggers to take care when going through their comments. Not all that glitters is gold, and not all that appears like a real comment is. Somewhere in the world, someone is making a barely livable wage to craft comments tailored to your blog. They don’t care what you blog about. They don’t care what the comment says. All they care is that it looks real enough to stay there so that their website link and keyword-focused link text (read: username) stays on your blog for as long as possible.

So I implore you, hit that “spam” button! We must get Akismet trained to block these miscreants!

10 thoughts on “Too Legit to Flag as Spam: How Comment Spammers Trick You Into Keeping Their Spam”

  1. What do you think about this situation?
    about 1-2 lines comments that just compliment the post and say thank you,
    use the nickname not the keyword, but when I visit their site I think they just comment to promote their site. I guess they’ve not read my post
    I mark them as spam.
    some commentors leave worse meaningful comment than above, but they’ve not leave any url – I approve them

    1. The generic “thanks, your article really helped me learn about this subject” comments are not only spam, they are usually an affront to worthwhile conversation. Definitely mark those as spam!

      Those are the previous generation of spam comments, I think. They aren’t as obvious as older spam that includes product ads and junk directly in the comment, but they aren’t as custom as modern spam that is written just for a particular blog post by a real life human.

      Any number of programs can scour the Web and post “thanks, awesome” spam on comments. Again, this is intended to trick bloggers into keeping the spam there for as long as possible. Nuke ’em!

  2. Rick,
    Here’s my mindset: Every person who tries to post a comment on my blog should be someone I want in my community, someone with something to contribute to other members of my community. This makes it easy to sort out the fakes from the friends. And unless it’s a friend, someone I already know, who posts that basic ‘Great blog’ message, the comment has no chance for airtime.
    I didn’t use to moderate comments, but I do now. Dang spammers have futzed things up bad for free expression. All that said, my wife would put it this way – if you’re getting spammed, it means your blog is drawing some attention! So I feel better even as I nuke em.
    Thanks for your help with OpenHook, btw. Still learning to make sense of it all, it’s so much easier with the kind of generous support you offer.

  3. By utilizing the NoFollow attribute to your comments, you will effectively decrease the amount of spammers that come to your site for links after it gets out that your site is now NoFollow. However, DoFollow should be utilized for your legitimate readers or “regulars” as to reward them for their continued involvement. I would do this manually although I know how hard it is to regulate everything. I would also use discretion when instantly spamming a question because there are some out there that genuinely want to learn more from you about a subject.



    1. Actually, spammers don’t care whether you nofollow or not. WordPress has done that to comments by default for years now, yet the spammers keep on coming.

      Also, as a policy, I don’t “DoFollow” legitimate commenters (including my own). I’ve seen some good arguments for not DoFollowing, but for me it boils down to that if you add the incentive of a “DoFollow” link, you’ll start attracting not only legitimate commenters who are commenting because they really have something to say… but also the riffraff who are commenting just to get their link DoFollowed. “Community” is the only incentive for commenting here, and it’s worked pretty well so far, I think.

  4. Thanks for sharing these comments. I seem to get automated bot type spam comments or comments similar to the ones you pointed out. Askimet helps and I am thinking of adding Recaptcha for comments. What do you think of that ?

    1. Recaptcha or any other CAPTCHA-based plugins are just going to annoy your users, perhaps even discouraging legitimate commenters. Search for the “Raven’s Antispam” WordPress plugin, and it’ll largely put an end to your automated comment woes. I have to deal with probably less than two spam items in Akismet’s queue per month. Without Raven’s Antispam, there’s hundreds to thousands per month!

  5. Thanks for the nice article, but i have a problem..

    Aksimet had been flagging my post this past two days as a spam and Im not really sure why, how does aksimet work anyway?

  6. Akismet works by examining comment content, patterns, and so on. If you’re having consistent trouble with their system catching legit comments, it might be worth getting in touch with them to see what’s up.

  7. Virtually all of the spam comments I have received are bot-generated. If you ever examine your log files, you will see the entries as two or three lines from the same IP address, with one of the lines being the POST command for the comment page. None of the graphics or other files associated with your blog’s theme are read in. It is an entirely automated process.

    In a diabolical twist, some of the spammers do not want their comments posted, and even say so in their posting, the comment they submit is just an advertisement intended for the eyes of the moderator. Usually these are from SEO companies trying to drum up some business, and usually say something to the effect that your web site or blog was examined and deemed deficient by their SEO staff. Nothing was actually examined, of course, everyone gets the same message.

    Have you thought about using the trivial math form of captcha, i.e. 2 + 4 = ? where the commenter enters the solution.

Leave a Comment

Your email address will not be published. Required fields are marked *

Use your Gravatar-enabled email address while commenting to automatically enhance your comment with some of Gravatar's open profile data.

Comments must be made in accordance with the comment policy. This site uses Akismet to reduce spam; learn how your comment data is processed.

You may use Markdown to format your comments; additionally, these HTML tags and attributes may be used: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.

the Rick Beckman archive
Scroll to Top