How to Identify Blog Comment Spam

by Jennifer Mattern
Source link

Whether you run a niche blog, a personal blog, or a professional freelance writer blog targeting clients, you’re bound to come up against blog comment spam at some point or another. If you open your site to comments, this is simply a reality you have to deal with.

That doesn’t mean dealing with the comment spam problem has to be difficult. Yet I frequently read blogs where bloggers not only let comment spam through, but they actually respond to it as if these are legitimate comments.

Let’s talk about that — how you can tell the difference between legitimate comments that should be approved on your blog and spam-style comments that need to be dealt with. Then we’ll look at what you can do to avoid or eliminate some of the most common types of blog comment spam.

Why Freelance Writers Should Care About Blog Comment Spam

Addressing blog comment spam before it can go live on your site is especially important when it comes to your freelance writer blog — the blog on your professional site that you write for clients and prospects.

Here’s why:

  • Having blog comment spam on your blog simply makes you look bad to the people you’re hoping will hire you. It looks lazy and irresponsible. Those aren’t traits clients seek out.
  • Blog comment spam can hurt your site in search engines. While relevant, thoughtful comments add valuable content to a post (which can help your rankings for that page), comment spam often features irrelevant content and links (and you’ll often be left with a mess of broken links to clean up later as these spammed sites frequently disappear before too long).
  • You could accidentally expose your readers — who are your potential clients — to malicious links included in spammy comments. .

If you use a blog to build visibility in your specialty area, to communicate with freelance writing clients, to market your services, or to improve your professional site’s search engine rankings, spam comments aren’t a problem you can afford to ignore.

Types of Blog Comment Spam

Now let’s take a look at three common types of blog comment spam you might come across, how you can tell them apart from legitimate comments (it’s not always easy), and how you can prevent them from going live on your freelance writer blog.

Automated Blog Comment Spam

This type of spam makes up most of the spam comments I get on my blogs. They can be one of the more problematic types (and they can be combined with other types listed below). But they’re also one of the easiest to prevent.

Automated blog comment spam is when someone uses a spam bot to automatically post a lot of comments on blogs. This can mean posting a lot of comments all at once on a single blog. Or it can be mass-posting a single comment on many blogs (meaning you might only see one from them).

How to Identify this Kind of Blog Comment Spam

Spam bots are often used to mass-post short, generic, or copy/paste comments, so those are red flags to look for.

For example, “Great post!” is a comment that has absolutely no value. Spammers post comments like those not to flatter you (they don’t give a rat’s furry little behind about your blog and have never read it). They do it to get a link for an approved comment. This is the most common type of spam comment I see people respond to. Don’t fall for ego-bait. If they really think highly of your post and want to bother commenting, they’ll add to the conversation.

You’ll also see generic comments come through. This can happen when unethical SEO folks try automating semi-relevant comments. So they might try to comment on this blog with a general tip or quote about freelancing or writing, but it’s not relevant to the individual post.

Other generic spam comments are in line with the “great post!” short comments, but they say more. This is becoming increasingly popular, where spammers praise a post without actually saying anything about the comment. Again, it’s just ego-bait. Even if you fall for these once, you’ll learn to identify them quickly as they use very similar templates. For example, one sitting in my spam folder here right now is:

It’s hard to find knowledgeable people on this topic, but you sound like you know what you’re talking about! Thanks

That’s a spam comment. They posted it multiple times, so it was easy to spot. But the generic nature alone means it adds no value and doesn’t belong on my blog. They likely posted this to dozens or hundreds of blogs at once. If you’re unsure, Google the comment’s text (in quotes) and see if it shows up on a lot of other sites. The one above does.

I also mentioned copy-paste comments. These are when spam bots try to make comments look relevant by literally copy-pasting a paragraph from your post into a comment form. So if a comment sounds oddly familiar, that’s often why.

What’s the point of these mass-comments? It’s usually about links. While you might filter comments before approving them, not everyone does. So spammers target a large number of blogs hoping at least some of those links go live immediately and stay on poorly-maintained blogs.

How to Prevent this Kind of Blog Comment Spam

One option for dealing with automated blog comment spam is to use a captcha — making people type what they see in a picture or having them do a math problem.

But the best way I’ve found to counter this kind of spam comment is by using a honeypot plugin. What this does is put an invisible field in your comment form. It can be set so the comment is never sent or is marked as spam if the commenter fills out that field.

Legitimate commenters never see that field. So their comments go through, and they don’t have to worry about things like captchas.

Bots try to automatically fill out all fields they see, and they see the field in your site’s code even though it’s visually hidden from your readers. When they fill it out, their comment is rejected.

The best plugin I’ve used for this, and the main spam plugin I use on most of my blogs, is Anti-Spam.

Malicious Blog Comment Spam

I’m not talking about “mean” comments that you don’t like here. When I say “malicious” I mean the spam comments will contain malicious links.

You’ve probably long since learned to be careful about clicking links in emails. Spammers can create spoof sites that look like they’re from your bank, PayPal, insurance company, or other sources you would normally trust. The emails contain a link to take you to the spoof site where they either download malware to your device or get you to use their fake login form so they have your real credentials and can access your accounts (the latter is called “phishing”).

To avoid those malicious links, you can simply hover your mouse pointer over the link so the address appears at the bottom of your page or email software (in every one I’ve used at least). So it’s clear if the link will take you to the legitimate website or a fake.

Malicious links in blog comments are similar. They’ll often lead your readers to malware.

How to Identify this Kind of Blog Comment Spam

The big difference between malicious links in blog comments and malicious links in emails is that the blog spam doesn’t use spoofed sites as often.

It’s not like a spammer thinks you’ll believe someone from a major bank is commenting on your blog. So there’s no well-known brand to compare the links to.

How can you tell then?

Well, you don’t want to go clicking on links from unknown commenters, and stumble into some malware yourself. So for this, I highly recommend installing a security plugin.

The Wordfence Security plugin is a good bet. I can’t recall who first recommended it to me (either Cathy Miller or Sharon Hurley Hall), but it’s what I use on this blog. Among other security features, the plugin can scan the links your commenters leave and alert you to possible malicious links.

How to Prevent this Kind of Blog Comment Spam

Install the Wordfence Security plugin if you use WordPress (or another security plugin if you use a different blog platform).

SEO / Link Blog Comment Spam

You’re probably familiar with this kind of comment spam. It’s what many of us traditionally think of — garbage content posted only for links. While SEO spammers are getting more clever, most of this is still easy to identify.

How to Identify this Kind of Blog Comment Spam

A dead giveaway for this kind of comment spam is when the commenter includes a keyword phrase in your name field. That’s because they’re following old school SEO rules, trying to build quick and easy links using their target keyword as their anchor text (the text that’s linked to their site).

Looking through my spam folder for this site right now I can see I was hit by one of these folks using a spam bot (this kind is often automated). I was hit with over a dozen comments where the username is listed as “Pandora Charms,” and the comments link to an e-commerce site selling them. My spam plugin caught them in this case.

The SEO spam comments posted by bots are often easy to find. You’ll see a lot of them repeating, and they’ll use the same link or name repeatedly in a short period of time. But these can also be some of the trickiest spam comments, especially for newer bloggers who aren’t used to manual spam yet.

This is when SEO folks (the ones who suck at their jobs) manually enter comments on your blog for their clients. Your honeypots and captchas won’t stop them because it’s a person commenting just like a legitimate commenter.

Sometimes they’ll even try to post a legit-looking comment. It’ll be niche-appropriate. It might even be on-point. A few months back I had one here who got a comment by me until I noticed a trend.

That trend was a sudden increase in comments. So I looked into them more to see who they were coming from and where they might have found the blog. Every new comment was relevant, though quite short. They were posted under different names. But then it jumped out at me. They were all coming from the same IP address (which should be listed with each comment in your blog’s admin area).

So basically this was someone who wasn’t a real reader of the blog. They were being paid to post comments to build links for their clients.

With something like this you have to decide on your personal limits. I have a no tolerance policy. If I catch an SEO person or marketer posting on behalf of others, they’re deleted. Then I ban the IP address and every email address used by them so far. For your freelance writer blog where your concern is prospects and clients, I’d suggest the same.

How to Prevent this Kind of Blog Comment Spam

You’ll be able to block most of these spam comments using honeypot plugins like the one I mentioned earlier. That’s because much of it is automated. But for manual spam, you simply have to pay attention. If you suddenly see increases in comments, take a closer look.

WordPress itself has some great built-in tools that help here too. For example, there’s a blacklist feature (under Settings > Discussion) where you can blacklist names, email addresses, and IP addresses. There are two options — block them completely so their comments are automatically deleted, or blacklist them to a moderation list so their comments will always have to be manually approved. The latter is a better option for problem commenters you don’t actually want to get rid of. I recommend the former for SEO spammers.

Some anti-spam plugins also do a good job of blocking these. I’m using CleanTalk now, which is a premium plugin. I’m not a big fan of it for this site in particular, though for most WordPress blogs it should be a good option. They’ll send automated spam to your spam folder, and a lot of manual spam is also caught based on spam reports from their other users.

My Preferred Anti-Comment-Spam Strategy

While I use CleanTalk here now (due to compatibility issues with my former plugin and another tool I’m using here), my preferred system on most of my blogs looks like this:

  • I get rid of Akismet (which might have been pre-installed in your WordPress installation). It is woefully inadequate and I’ve had issues with it preventing legitimate comments from getting through, even to the spam folder.
  • I leave comment links nofollow so spammers don’t feel incentivized to build links using my blogs. (That should be your default in WordPress.)
  • I use the Anti-Spam honeypot plugin. This stops the vast majority of spam, as most of it is from bots.
  • I actively use WordPress’s built-in blacklists for any manual spammers. Spam once, and they’re filtered. (WordPress Admin > Settings > Discussion)
  • I also use a built-in WordPress setting that requires approval for a commenter’s first comment. The first goes to moderation. Once I’ve approved them, their future comments go live automatically. This makes sure I see all manual spam before it has a chance to get on the blog. (You can choose to always moderate all comments, but that feels like overkill to me, and a waste of time.)

Almost no spam has gotten through here. The worst came years ago from a colleague who was overly aggressive their own SEO and marketing, spamming their link all over the place on other writing blogs. Those you can deal with manually, and they don’t happen often.

A perk of the Anti-Spam plugin I use on all of my other blogs is that bot-posted spam doesn’t go to your spam folder (where you would need to sort through them periodically to make sure no legitimate comments got caught up in the mix). They never get into your site’s database in the first place.

That’s it. It’s a simple system. That plugin is free. The WordPress default settings are easy to change. And by doing this, not only can you protect your professional freelance writer site from spammers, but you can save time in managing your blog. Give it a try.

Do you have favorite tools or methods for dealing with blog comment spam? Tell me about it in the comments. Just, you know… don’t spam.

Leave a Reply

Your email address will not be published. Required fields are marked *