New kind of spam on WordPress
I’ve recently noticed a new kind of spam getting through Akismet and into my comments. It doesn’t contain a lot of links, doesn’t come from email addresses or URLs containing commercial names, and isn’t full of nonsense strings of unrelated words. Nothing so obvious. Nor does it all appear to come from the same URL, IP, or country. It does, however, seem to contain at least one scrambled/misspelled word (eg, thhogut instead of thought) and appears to be slightly off-topic or refers to something or someone that does not actually appear in the post or other comments. And, so far, most of the names link to seemingly innocuous Facebook profile pages, although never the same one.
The tip-off was that the same Identicon appeared with all of them. Identicons, as well as MonsterIDs, Wavatars, and Retros, assign avatars based on email addresses, IPs, and/or hash values. I don’t understand exactly what hash values are, but the resulting avatars are supposedly unique to each user, just like a fingerprint.
Unfortunately, there is no way to include an image in WordPress’s Discussion settings, where you can list specific IPs or words (Settings > Discussion, Comment Blacklist). If I blacklist “facebook.com/profile” or even just “facebook,” several of my legitimate readers will be blocked. So for now, with apologies to those readers, URLs from “facebook.com/profile” will be held for moderation. (I don’t like to put up impediments to freely commenting. However, if I have to resort to sign-ins or to holding all comments for moderation, I hope readers will understand.)
My suggestion to WP bloggers is don’t use the generic “Gravatar Logo,” “Mystery Man,” or “Blank” for readers without their own avatars. Specify Identicons, MonsterIDs, Wavatars, or Retros (Dashboard > Settings > Discussion, Default Avatar) to “fingerprint” your readers.
With luck, Akismet will soon learn to recognize this spam.
(Note: If I should inadvertently block or delete your legitimate comment, please let me know via the contact form so I can restore it.)
- A Spammy Year in Review (akismet.com)