Clever Referer Spam

Update (2/26/06): Someone associated with the ‘nipple huggers’ site has written to complain about my accusations here. She also has left a couple of comments below. Just to be clear, there is no evidence that the site sends email spam, uses obtrusive popups, or installs spyware/adware, etc., on your computer. It appears simply that someone has attempted to optimize their position in search results by generating HTTP requests to other popular sites with their domain name in the referer field.


I used to have a big problem with “referer spam.” What is referer spam? My weblog lists “inbound links” on the right column so visitors can see who else has linked here. Since many weblogs provide a similar list, spammers began to create “spurious” inbound links so their URLs would appear in the right column of many weblogs, thus boosting their Google PageRank·. Usually, if you went back to the site that ostensibly linked to my weblog, it would be a porn or gambling site with no true links to my weblog.

This was easy enough to fix: I wrote a handmade filter that regularly checks all the putative inbound links and verifies that they do, in fact, link to my site.

Just today, I found my first instance of a spammer adaptation: the inbound link came from a site selling “nipple huggers” — some sort of jewelry that I don’t quite understand. I was curious how the site escaped my “referer check” script, so I checked it out. It turns out the “nipple hugger” site does link to my blog, with the link text “PopUp Scam – Click X to Close.” The linked page on my site has nothing to do with popup scams, but it is an interesting workaround to my filter. Rather than generating fake/spurious links, apparently real visitors to the “nipple hugger” site click on the link to my blog, and generate “real” referer links. Just today, I received inbound links from ten different hosts from the “nipple hugger” page.

I can’t think of any clever way to automatically filter these sorts of inbound links, because they really don’t look any different from genuine inbound links. At this point, I’m just inserting a keyword filter for known bad referers (just the “nipple hugger” at this point). Suggestions for more clever ways to escalate this arms race are welcome.

(I really hope my site doesn’t become a top search result for “nipple hugger” now. If it does, please, look elsewhere, I don’t even know what they are!)

8 comments

  1. Luke Schierer Jan 28

    Oh, that is a neat idea, I’d like to implement something like that (the list of links), do you have your script up somewhere so that I need not re-invent the wheel?

    On a side note, gaim-encryption should no longer require openssl support in gaim, which makes life easier, as fewer people are creating undistributable versions of gaim.

  2. Anonymous Jan 28

    To be honest, I’d suggest just removing the inbound-links list. But one possible further escalation would be to ensure that pages have a valid RSS feed.

  3. Steve Laniel Jan 28

    I’d have to agree with the anonymous poster: I think the inbound-links column is pretty useless for visitors to your site. It’s useful for you as an admin, but not for us. “Oh, really? People got here from Myspace.com? Fascinating.” It’s just not gonna happen.

  4. bignose Jan 28

    I’m also a bit mystified why you would automatically put referer links on the page. Depending on the purpose for putting them there, you might just ‘rel=”nofollow”‘ all the links, and state that so the spammers can see it.

  5. Dave Jan 28

    I would be inclined to show the referer links as plain text. No hyperlinks == no PageRank, a fact that should be readily apparent to spammers. In my experience, most people don’t actually want to follow the links in a referer list anyway; reading them is just an idle-curiosity sort of thing.

  6. CLAUDIA Jan 28

    I just found the post… I have no idea what your referring to. We have no popups and we are not spammers, although several spammers are using varing names@nipple-huggers.com as the “sender” of spam mail. Something I can only report & but not stop…. I will be more than willing to forward any suggestions to my IP.
    Respectfully,
    Claudia

  7. Claudia Jan 28

    Please remove this “Clever Referer Spam”. We do not link to you and would have no reason to link to you since your blog is no relation to our product in any way. So what good would it do us?

    We also have “NO POP UPS”….

    We strive to be what I believe is called white hats(?) at least vs Black Hat SEO.

    Please check our site – there is NO SPAM of any kind.

  8. Claudia Jan 28

    Thank you for the clairfication. …and yes we do have a lot of porn sites and others taking advantage of the trademark “nipple huggers” and our rankings, but to my knowledge there is nothing I can do about it. I someone can advise us, it would be greatly appreciated. We do not spam anyone, period. We get enough our selves. Plus some of the links that claim t o be Nipple Huggers are in your face porn and download lord knows what to your computer. It may be done in our name, but my IP can (I think) prove it is not us.

    Thank you very much for the retraction…

    Sincerely,
    Claudia

Leave a Reply

(Markdown Syntax Permitted)