Terence Eden. He has a beard and is smiling.
Theme Switcher:

Sneaky spam in conversational replies to blog posts

· 2 comments · 350 words · Viewed ~1,764 times

I'm grateful that my blog posts attract lots of engaged, funny, and challenging comments. But any popular post also attracts spammers. I use Antispam Bee to automatically eradicate a couple of hundred crappy comments per day.

Graph showing 272 comments blocked in a single day.

Nevertheless, some get through. Here's a particularly pernicious one - it appeared as three comments ostensibly in reply to each other.

First "I read that article about why it’s so hard to passively track friends’ locations, and it actually makes sense. It talks about wanting automatic alerts when friends are nearby, but no app really does it well because of privacy and social awkwardness." Second "Yeah, and even if the tech exists, people don’t always want to share their location 24/7. It’s like checking promos on spam domain promotions you might see potential, but there’s always uncertainty behind it. You’re kind of taking a chance on incomplete info." Third "Exactly. Most location features are opt-in for a reason. Apps require consent because constantly tracking someone without them knowing would feel invasive, even if the intention is harmless."

At first glance these look like normal comments. They each address the content of the blog post albeit somewhat superficially. The first comment looks like it was from a social media post sharing my link - I get a lot of those as pingbacks, so it initially didn't trigger any suspicions from me.

The second is ostensibly a reply to the first and continues the conversation. Again, a bit shallow, but seems to be engaging in good faith.

The third looks like yet another reply. They all have unique email addresses, none of them have set their username to anything overly odd, and none of the users have filled out their URl.

But notice, in the second one, there's a link to a dodgy casino! There's no https:// so it didn't jump out as a link.

All three came from the same IP address in the Philippines, so easy to block for now.

Each reply is spaced exactly 3 minutes apart which, in retrospect, looks a little odd.

Re-reading them carefully, they all look like AI slop. A plausible sounding summary, written in a casual style, but with very little semantic content. Seeing them as replies to each other primed me to think they were genuine because I'm used to spam coming in individual replies. Having the spam in the middle comment made it easy to glaze over.

Remember, there are no technological solutions to social problems. Sticking more and more barriers in the way of commenting only discourages genuine replies while the profit motive incentivises spammers to work around them.

Share this post on…

2 thoughts on “Sneaky spam in conversational replies to blog posts”

What are your reckons?

All comments are moderated and may not be published immediately. Your email address will not be published.

See allowed HTML elements: <a href="" title="">
<abbr title="">
<acronym title="">
<b>
<blockquote cite="">
<br>
<cite>
<code>
<del datetime="">
<em>
<i>
<img src="" alt="" title="" srcset="">
<p>
<pre>
<q cite="">
<s>
<strike>
<strong>

To respond on your own website, write a post which contains a link to this post - then enter the URl of your page here. Learn more about WebMentions.