Referrer bombing… Another spam explosion!

25 September, 2009 By 1 Comment

A couple of weeks ago I found a form of spam I’ve not seen before. I know some SEO’s know everything… But this was news to me, so I have posted details here!

I’ve seen several of the sites I manage get a sudden bit of traffic from the URL: http://thebesthosting.org this showed up in Google Analytics as a big spike in traffic from a URL I’d never seen before. I then went and visited the URL which showed the page was under construction.

Referrer Bombing

Referrer Bombing

As the sites I manage personally and professionally are in various different areas (SEO/online marketing, Aerial surveying, 3D mapping and more) it seemed very strange. Why would a hosting website be referring traffic to all the various sites I have?

I figured out a couple of scenarios:
Maybe if on my LinkedIn profile I had details of all the sites I’ve worked on, and someone had kindly linked to them all…

How/why else would someone decide to find out all the sites that I manage and link to them? Seemed a bit odd that. Imagine finding all the websites managed by a certain person, and then linking to all of them, no matter what. Strange.

The other scenario is spam. Spam doesn’t care who you are or what you do. It’s a means to an end. Plus the Adsense on the site in question gave it away a bit.

So after some research I found out about Referrer bombing. This is different to a Google Bomb, and less fun. Basically, the spam site automatically visits lots of different websites many times, but when this visit is logged by the stats package on the victim site, it is recorded as a “referring website” (the same as a website that links to you).

The aim of this is simple, when the owner of the site looks through their stats, they see a big spike in visits from a URL linking to them. Overcome with joy, they venture off to look at this new site
they’ve never seen before. They are greeted by a spam landing page with bad Adsense all over it… D’oh!

Other issues
As well as getting the spam site some visitors (and potential Adsense revenue) this can skew statistics on the victims site. For example, this blog now has a load of visits from Brazil (the location of the spammer) which is just wrong!

Spam site 2 Victim site 0

It is possible that Google Analytics IDs have been harvested (not difficult to do, right click view source, search for Google and look for a number a bit like this one:UA-9445317-1)

Once a few thousand of these are found, add the tracking on separate pages on the spam site and send someone clicking around it. This will look like lots of traffic going to other websites via a link. The site owners will then look at the referrer and bingo, the spam site gets another visitor.

Here is a referral controller plugin. I’m not encouraging anyone to do this because it’s annoying! But in the words of Sun Tzu “Know your Enemy!”.

The only way to defuse this referral bomb is to block the spam site from your stats package once you’ve identified them. Even Microsoft’s Bing has been referrer bombing too! Blocking them is not ideal, prevention is better than cure and all that. Make sure you never click on their Adsense though, that’s just feeding the beast!

Filed Under: Link Building, Search Engine Optimisation Tagged With: , , ,