header thumbnail image

Dealing With Spam Comments – Our Favourite Methods

January 19, 2016 - Sam Doyle

What Is Spam?

If you’ve spent any length of time on the internet, answering emails, reading blog comments – either on your own or on other people’s blogs – then you’ve seen spam comments and email addresses and you know what it is.

For brevity, however, the ‘official’ definition of spam is included below.

“Digital Technology. disruptive online messages, especially commercial messages posted on a computer network or sent as email.”

Right, are we all on the same page? Sitting comfortably? Good. 🙂

Why Does It Happen?

A lot of spam is perpetuated automatically, that is, programmers write a program which gets lists of websites and email addresses and writes nonsense comments to those websites and email addresses. The crux of it is that these nonsense comments which the program is sending to the websites have one or more links to other websites embedded somewhere. This is designed to trick the user into clicking the link. Upon clicking the link the user visits a site which may have one of 3 main goals:

  1. Download and Install Malware into the users computer which could even be the same program which created the spam, so that the program is self-replicating.
  2. Money making, the site may be plastered with advertisements which can earn money simply by being viewed or clicked.
  3. Phishing / Credit Card scams. The link which you visit from a spam comment could be pretending to be a site like Amazon. You may not notice, and log into the site using your credentials for Amazon and voila, the owner of the fake-amazon site now has your Amazon details, which gives them access to all sorts of personal information which can be used in malicious ways.

These programs (bots) can hit thousands of websites an hour. However, as they are automated, if they fail they simply move on to the next target.

But how did they find me?!

Probably through some seemingly innocuous site which you gave your information to. Often you’ll tick a box which says something to the effect of “I agree to the terms and conditions”. We rarely actually read the terms and conditions and just tick ahead. Sometimes, those tick boxes do not say anything about terms and conditions, and in fact, give your consent to share or sell your details, but you tick it as that is what you have been trained to do. This “Tick box blindness” is a topic for another article, though.

Another way which you can find yourself a target of spam is by running a certain version of software on your website which has been identified as vulnerable to spam, or as an easier target with very little anti-spam measures.

How Can I Fix It?

Sure, spam is annoying, but it’s not the end of the world if you’re hit by spam on your blog or website. There are several easy ways to fix it.

The first, and most obvious is to disable comments entirely on your blog. This is amazing if you mainly post informational articles and news.

Secondly, you can use some form of Anti-Spam plugin or software which will stop the automated bot in its tracks, and stop you getting spammed, as it will simply move on. Our favourite plugins for WordPress to achieve this are as follows:

  1. iThemes Security. This is an all round Security plugin, but it does include some anti-spam measures which do help quite a bit.
  2. reCAPTCHA. This is provided for free by Google and can be added to any form on your website quickly and easily, stopping spammers in their tracks. As it is provided by Google, it is one of the most comprehensive anti-spam databases around.
  3. Akismet. This is provided for free by Automattic (the creators of WordPress) and does ship by default with WordPress; though it does need some configuration and we would recommend using it in tandem with other anti-spam plugins.

Some good non-WordPress tips are to keep your website up-to-date. If you’re using reCAPTCHA then keep that updated as it may change in the future, and any forms which you have to secure using some form of security challenge or CAPTCHA.

Goodbye Spam

If you use all of the methods listed above then you’re pretty much on the right track to stopping spam on your website completely!

Sam Doyle

Sam Doyle

Technical Director

view full profile
Back to Blog

Need protection from spam?

Fifteen can analyse your needs and implement preventative measures in order to eliminate spam on your website.

Get In Touch!
Footer Call to Action