stop referer spam

types of referrer spam




It is a sad state of affairs when there are several different types of referrer spam, but that is unfortunately the type of world we live in today.

There are individuals and groups out there that have nothing better to do with their time, than to be become irritants or try to use illegal means to do nothing other than to make money.

what types of referrer spam?

In this post I will provide an explanation and advice on how to identify the different types of referrer spam that could be affecting your blog or website search engine performance or traffic statistics.

  • Phantom Referer
  • Illegitimate Bots and spiders
  • Language Spam

Phantom referer

If you go through your Google Analytics report and you find that your site is attracting a lot of visits from sites like;

  • darodar.com
  • econom.co
  • ilovevitaly.com
  • priceg.com
  • blackhatworth.com
  • hulfingtonpost.com
  • humanorights.org

Check out a detailed list of referrer spammers

Your site is more than likely being spammed by a not so clever script. This script basically , spoof visits to your site by not actually visit your website at all.

An automated bot may have at some point visited your site and actually harvested your Google Analytics ID.  Once they have retrieved this they actually send fake visits using Google Analytics ID.

I have compiled a guide to help you to learn how to start blocking referrer spam

Bots and Spiders

The internet is invested with a number of bots and spiders, some are good and some are evil.  I have simply called them legitimate and illegitimate bots

Legitimate Bots and Spiders

Legitmate bots and spiders are the good guys, typically these will be Search Engines;

  • Google
  • Bing
  • Duck Duck Go
  • Baidu
  • Alexa

Typically they crawl the web collecting information about websites and indexing them.   It is a good idea to let these bots crawl your site, and most legitimate bots adhere to standards and principles defined by the web community.

Some standards have been put in place to enable these bots to identify themselves to analytics applications so they can easily be filtered from the traffic reports .



Illegitimate Bots and spiders

illegitimate bots are usually developed by organisations for nefarious  reasons. These bad boys don’t identify themselves and follow the rules like their good cousins. 

Illegitimate bots tend to disguise themselves by pretending to be a web browser or traffic coming from a legitimate site so that your security system fails to recognise them.

They trawl the web collecting information about sites for some dubious reasons.

In a number of cases these scripts are developed by some so called Search Engine Optimization (SEO) companies,  who claim they are just collecting information to improve their SEO services.

One such notorious organisation is Semalt who claim to be an SEO agency. However, after some investigation on my part, they have some very dubious links.  Whatever you do, Do not use their website and ask them to exclude your site from their crawler.  It just leads to even more spam!

If you notice a large number of visits to your site from a specific URL, especially one with a name you don’t recognise or totally unfamiliar with.

Do not visit the URL

The best thing to do is conduct a web search for the URL using your favourite search engine,  don’t click on the any of the links of the sites and try determine from the meta descriptions presented, the true nature of the site in question.

If these sites are not used for any evil nature, they are typically used by some shady back alley SEO consultancy to instantly redirect you to a legitimate company website, which they have been contracted by to increase site traffic

Language Spam

Language spam can be seen in Google Analytics on your dashboard or under the Audience > Geo > Language section.

“Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!”.

Although this my seem to be a outdated, considering the legacy political message it contains, it is still prevalent and spammers have obviously identified a weakness and will be continuing to exploit it.

other examples include :

  • Vitaly rules google ☆*:。゜゚・*ヽ(^ᴗ^)ノ*・゜゚。:*☆ ¯\_(ツ)_/¯(ಠ益ಠ)(ಥ‿ಥ)(ʘ‿ʘ)ლ(ಠ_ಠლ)( ͡° ͜ʖ ͡°)ヽ(゚Д゚)ノʕ•̫͡•ʔᶘ ᵒᴥᵒᶅ(=^ ^=)oO
  • o-o-8-o-o.com search shell is much better than google!
  • Google officially recommends o-o-8-o-o.com search shell!

Some sites have been hit worse than others, some sites continue to being hit, for others it is going away on its own.

Google are actively working on measures to help combat Language Spam, but as with all other forms of spam the perpetrators seem to evolve a lot quicker than the organisations working to stop them. So it may still be a while before we see a complete solution to this problem.

Summary

There are two ways referral spam gets sent to a website. One is through bots that are programmed to visit a site and appear like a legitimate visitor. The other way is through bots that are programmed to send artificial hits to Google Analytics servers.

Referral spam can never be permanently removed because spammers will keep coming up with new ways to get around the latest filters.

It is important to monitor your Google Analytics account regularly for any oddities or inconsistencies.




Gary Woodfine

Freelance Full Stack Developer at threenine.co.uk
Helps businesses by improving their technical proficiencies and eliminating waste from the software development pipelines.

A unique background as business owner, marketing, software development and business development ensures that he can offer the optimum business consultancy services across a wide spectrum of business challenges.
π