Usually, when you get blog comment spam, the link given in the spam leads directly to the spammer’s advertising web site. That’s often the way you can identify blog comment spam. If the comment’s link goes to another blog, you tend to think it’s OK. But today I got spammed in a new way: the comment’s link leads to a blogspot blog–but when you go to that blog, it’s a false front, a blog filled with obscenities and links to the actual spam site. Fortunately, the comment in my site was easily identifiable as spam, from the email address given and the short, generic and unrelated content of the comment itself. Still, an interesting wrinkle.

I also just realized that I never gave a completely clear definition of “blog comment spam,” and such a definition may be hard to find. So here it is:

Many blogs allow visitors to leave comments. When leaving the comment, one may (or may be required to) leave one’s name, email address, and web site. When the comment is automatically posted on the blog, the web site given in the comment automatically becomes a link to that site. This is intended to allow people to see where the poster was coming from, or which site they want you to look at. Additionally, some blogs allow HTML coding in the comment, so that further links can be created within the comment text. This is usually allowed so that visitors can point to interesting new web sites.

Spammers take advantage of these allowances. Spammers want their own web sites to be widely advertised, but more importantly, they want their sites to show up as close as possible to the top of search engine listings. For example, if you go to a search engine and look for “real estate,” you will likely look only at the first several listings that pop up. So the spammers want to be at the top of that list.

But how do they do that? One answer is to get linked to. Google and other search engines keep track of how many other people’s web sites make links to your web site. After all, making a link to a web site usually involves a conscious decision and some effort on the part of that person; therefore, the more links there are to a web site, the higher chances are that this web site is a really good one, and the search engines bump up the site’s ranking. So the spammers know that if a zillion sites make links to theirs, they’ll be in spammer heaven.

And one way to get that done is blog comment spam. The spammer finds your blog. The spammer leaves a comment. The spammer leaves their web site address, which is automatically made into a link to their site. Presto! They get an ad posted on your blog and a link to their site which increases their ranking, hosted by you–and they didn’t even have to ask you!

Of course, writing real comments to thousands of blogs can be time-consuming and expensive. The first spams I got were hand-made, but the spammers soon tired of that. So they turned to automated scripts. Instead of having any one person sit down, search for blogs, and enter comments, they created software which would automatically scour the web for blogs, or more specifically for the parts of the blogs which create comments. These programs can find thousands of blogs quickly and efficiently. Once they find a blog, they leave an automated comment. Again, presto! Now within a day or two, you have thousands of links pointing back to you, and you are the Spammer King!

Of course, most bloggers despise such spam. They usually delete it on sight. And since automated programs usually cannot read a blog entry and reply intelligently like a human being, the comments they leave behind must be either (a) carefully generic, or (b) obviously spam. Some spammers are obvious, but most want to disguise themselves as real people so they won’t get deleted. They use a few tactics for this.

One tactic is to be complimentary and short. “Great blog! I really enjoy this one, and will be coming back to read it often!” Flattery will get you everywhere, right? Sometimes, it’s just “Great blog!” and that’s it. However, these comments can be easily caught. Most blogs will send all comments to the owner in the form of email, so they can be screened. Any blog comment which is not specific in answering the blog posting is suspect, and all one has to do is look at the link–and if the link is to “pornpornporn.com” or the like, then zap! Dead spam. So spammers disguise their links, too; they will leave an innocuous-sounding link, like “fuzzykittens.com” or something, but when you go to the given site, it immediately redirects you to a godawful porn site.

Bloggers fight back, using a variety of tactics; a popular one for those who use the “Movable Type” weblog software is called “MT Blacklist,” which automatically scans blog comments for offending or spamlike text or web site addresses. This software has blocked a couple thousand spam at least from entering my own site, and catches about 95% of what comes in. But as you can see from the top of this post, spammers are constantly finding ways around these defenses. And as much as we diligent bloggers are erasing the comments as soon as they appear, a large number of lazy or clueless bloggers do nothing, and so the spammers win–and are encouraged to redouble their efforts.

So if you run a blog, fight back.