Tim Flight

A couple of weeks ago I wrote about fighting comment spam and how people are searching for things like “leave a comment” to find blogs to spam. I had another interesting piece of comment spam today which showed another interesting tactic people are now using against comment spam.

I use a captcha script… one of those “type the letters you see in the image” type challenges. This basically says “prove you are a human and not a bot”. Well, this does work if the comment spammers are bots, but there are an increasing number of comment spammers that are humans. They can bypass the captcha tests.

Now here is what I found really interesting. Comment spammers are now specifically looking for blogs which have captchas installed to spam! Why? The answer took me a few minutes to figure out, but if you install a captcha then you are likely to turn off other forms of moderation. They know if they go to the site and pass the captcha that their spam is more likely to not be looked over by other moderation filters. Pretty clever.

How do I know this? I just received a huge comment spam and the person came to my blog by searching for “leave comment security image”. Clever indeed. Too bad I was smarter than the spammer and my other spam prevention scripts blocked the spam before it ever appeared on my site.

I performed the same search and found other posts where the same comment spam was added, but not blocked. The irony is most of the posts where this spam appeared are talking about how to block comment spam.

This entry was posted on Monday, March 13th, 2006 at 12:33 pm and is filed under Computer Technology. You can subscribe via RSS 2.0 feed to this post's comments. Both comments and pings are currently closed.