Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!

 



Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 

 



 

 www.CustomReportSharing.com 

From the folks who brought you High Rankings!



Photo

Need Help Preventing Seo Abuse


  • Please log in to reply
7 replies to this topic

#1 DWJukebox

DWJukebox

    HR 1

  • Members
  • Pip
  • 2 posts

Posted 28 August 2010 - 04:31 PM

First, let me apologize for posting here. I am sure many of you may consider me a troll, but I don't intend to be. I just need help.

I am the owner of a small website with a forum used to provide support for free jukebox software I have developed. 90% of my forum registrations, though, are all from SEO companies creating fake profiles just to put links in the website and signature fields. I spend up to a couple hours a day scrubbing these from my site, and I really don't have that kind of time.

So far, I've been able to positively identify one company (company name removed, I see it is against the rules to name them), and I've sent them a message asking them to cease and desist. More than half of the profiles are easily identifiable as they all have a pattern to the fake username: random letter, random first name, random last name, random letter (like ynancymillerx), so I suspect most of this is coming from just one or two companies.

So my questions are:

- Is this considered a normal business practice for SEO companies?

- Is there a "whitelist" of some sort I can get on to keep SEO companies from trying to build link farms in my forum?

- Does anyone know what company or software is creating these "ynancymillerx" names so I can find a way to stop them?

Again, I apologize for posting here, but it seemed to make sense that since you all know the most about SEO that you might be able to help.

Thank you,
Chris La Mantia
DWJukebox

#2 Michael Martinez

Michael Martinez

    HR 10

  • Active Members
  • PipPipPipPipPipPipPipPipPipPip
  • 5,120 posts
  • Location:Georgia

Posted 28 August 2010 - 10:14 PM

QUOTE(DWJukebox @ Aug 28 2010, 02:31 PM) View Post
So my questions are:

- Is this considered a normal business practice for SEO companies?

- Is there a "whitelist" of some sort I can get on to keep SEO companies from trying to build link farms in my forum?

- Does anyone know what company or software is creating these "ynancymillerx" names so I can find a way to stop them?

Again, I apologize for posting here, but it seemed to make sense that since you all know the most about SEO that you might be able to help.

Thank you,
Chris La Mantia
DWJukebox


You're not trolling this forum by asking for help. The problem you describe is fairly common. I am guessing you probably run a VBulletin-based forum. There is a community of link spammers (mostly NOT SEO firms) who use a small group of software packages to create fake user accounts in forums, mostly VBulletin forums from what I've seen but I believe they can target a few other forum packages as well.

One of the applications these people use is a bridge to random people who break CAPTCHAs, so if you have turned on the CAPTCHAs and the bad guys are still getting through, that is why.

A few people have been sharing ideas on how to stop these spam submissions at the VBulletin forum community. If you're using some other forum software, you'll have to check the support forum to see if your fellow users are trying to deal with the problem.

VBulletin users have the option of adding an anti-spam plug-in that lets you report the spam accounts to a central database. All new registrations are checked against that database and automatically dumped. This works sort of like Akismet on Wordpress and b2evolution's spam reporting database.

On my forums I have turned on aggressive filtering in the User Banning Options, which scans keywords in email addresses. I am also blocking large IP address groups (up to 32,000 in a block in some cases) because most of the IP addresses being used are coming from eastern Europe and Asia, places where I'm not likely to find many people who want to participate in my English-language forums.

Beyond that, there isn't much you can do. You can try to create your own registration screen but because these guys use human intervention in some cases the cheap labor they pay for gets past that.

You do however need to take some measures to protect your forums against the abuse links these spammers drop. They are not really interested in posting messages to your forums (for the most part). What they want are the profile pages, where they can drop links (some of them wait to see which profiles survive forum admin purges and go back later to add the links).

So you need to add code to your robots.txt file to Disallow all your profile pages. That way the search engines won't crawl them and your site won't point any value-passing links to the spammers' Websites.

If your software has the ability, you should also turn on the function to add "rel='nofollow'" to any and all links in profile pages.

Some forum packages allow you to restrict profile pages only to users who have posted a certain number of times. A minimum of 10 posts has been recommended by many people.

And you should also enable email verification of any new registrations. At the very least, if they use fake domains and email addresses to register, they won't be able to authenticate and add links to the profile pages.

I wish I could offer you more advice but these guys are particularly nasty. Their behavior is completely unethical and it DOES present a harmful risk to the Websites they violate because the major search engines (Google and Bing) *may* penalize Websites that have a lot of links pointing to bad domains.

This kind of invasive link building is NOT condoned by the ethical SEO community. It is a completely unacceptable practice.

Nonetheless, spammers are shameless people who lack the moral fiber of considerate people. They're only interested in what you can do for them whether you want to help them or not.

These people are lower than the scum of the Earth.

#3 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 533 posts
  • Location:Colorado

Posted 28 August 2010 - 10:34 PM

What you're describing sounds like a variation of comment form spam. Google "comment form spam". I don't consider this to be ethical behavior, and as such, there is no reason for you to be polite in denying them access to your forum. Just to be on the safe side you should make sure your forum policies (rules) cover this kind of unethical behavior.

They could be bots or in some cases cheap labor responsible for the attacks. If your forum software is able to capture the IP address you will commonly see that they originate in foreign counties. Rather than constantly fighting the battle you need to implement or perhaps enable a program that identifies the bad behavior and prevents this from occurring.

I manage a national non-profit site that used to get regular, daily, newsletter registration spam attempts until I implemented a script that trapped them (also recording the patterns), and sends me a daily report by email. You'll see the likes of: Kicaaudisense, watch free movies website, somantos, etc... in username and name fields. There was one that I monitored and periodically would make attempt every 9 minutes over the course of a day.

Visit http://projecthoneypot.com/ to read more about spammers. To track an IP to the originating country go to http://www.countryip...select-formats/.

Take a look at your forum administration panel and see if you can enable IP recording. Also, some forum software includes options to ban specific phrases. There is, of course, the possiblity that if you blacklist an IP that you lose potential business, but the probability is really very, very low.

#4 DWJukebox

DWJukebox

    HR 1

  • Members
  • Pip
  • 2 posts

Posted 28 August 2010 - 11:06 PM

Thank you both for your considerate and detailed replies.

I am glad to hear that this is not considered a normal or accepted practice. Michael, I am using SMF, but I think SMF and vBulletin are pretty similar. I have blocked wide swaths of address space.. I think I have a couple of entire countries blocked at this point, not to mention an entire particularly troublesome hosting company. I also block all .info hostnames or E-mail addresses, since I have never had a valid user from those addresses.

It feels like cheap labor plus bots. I get a lot of account creations that never complete, they just sit forever waiting to be activated. I sometimes look up an IP and see one completed acount and 4 or 5 incomplete accounts from that address. Then the account usually sits for 3 or 4 days before the links start appearing. So it feels like bots are creating the accounts and then handing off to human cheap labor, or perhaps vice versa... but if it was all one or the other I wouldn't expect that delay.

I did put up a robots.txt today to make any profiles that get past me useless. Thank you for the "nofollow" advice Michael, I wasn't aware of that one.

I wouldn't mind the spam if it was at least on-topic... I actually have an entire sub-board set aside for any competing jukeboxes to spam away at their will. Ironically, this sub-board has only had one thread posted in it.

Thank you again for both your help!

--Chris


#5 Jill

Jill

    Recovering SEO

  • Admin
  • 32,961 posts

Posted 29 August 2010 - 08:29 AM

We have the same problem here. First post moderation helps. That way if they post links the post never sees the light of day.

Also, make you signature links so that the bots can't see them by having only registered users see them. It doesn't stop everyone because many are too dumb to realize it and think their sigs count anyway. But the smarter ones won't waste their time.

Blocking whole countries does help too.

#6 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 533 posts
  • Location:Colorado

Posted 29 August 2010 - 09:20 AM

Looks like Michael either writes faster than me, or started earlier. Good stuff. Jill, can we push you to top 30,000 posts today? It's actually rather sad that the world is in a state that companies can hire out to cheap later to do this type of nonsense.

I don't know whether it's available for vBulletin or similar forum apps, but there is a plugin which you might also look into called "bad behavior". Visit: http://www.bad-behavior.ioerror.us/.

In my case on sites where I could not employ this or similar I collected the patterns then wrote a PHP app that addresses the patterns. One such bot (every 9 minutes - that ain't human) used asdf**** in every email address. A technique on my todo list which I have not employed yet is the hidden field. Bots may find and fill something into hidden fields - if it's filled in, gotcha. Somewhere well down my todo list is adding a function to auto-report spammers.

SMTP type email validation, like Michael said, is also helpful, but some major email services aren't set up so that you can fully qualify both the username and domain fields. I'm not network savvy, so don't know if you can do better. See an example at: http://www.dottedi.b.../test_email.php. Too bad it wouldn't work to SPAM these monkeys and if their address is valid flood them into oblivion. Call it back at ya. So much for ethics.

For the less technically savvy admins, I think one element that is currently missing in many administration configuration panels, is the ability to employ customized pattern-matching or prevention techniques. i.e name fields must always contain 2 dissimilar strings, etc... Still though, cheap labor is tough to combat.

Imagine a world without spammers!

#7 Mooro

Mooro

    HR 4

  • Active Members
  • PipPipPipPip
  • 157 posts
  • Location:Loughborough, Leicestershire

Posted 29 August 2010 - 01:24 PM

Use the same proxies these scum suckers use and blacklist those ip ranges


#8 bobmeetin

bobmeetin

    HR 6

  • Active Members
  • PipPipPipPipPipPip
  • 533 posts
  • Location:Colorado

Posted 29 August 2010 - 02:01 PM

How would you do this? Typically the website is hosted; is cPanel going to have a function to do this or would you ask the tech staff for assistance? Secondly where do you find this proxy information?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

SPAM FREE FORUM!
 
If you are just registering to spam,
don't bother. You will be wasting your
time as your spam will never see the
light of day!