What is SPAM and How To Protect Yourself
Every internet user gets spam, everyone has encountered it in one form or another. If you do not learn to protect yourself from spam as soon as possible, you could have problems. This is especially true for site owners, as this subject can be more detrimental to them.
In this article, we talk about types of spam, why these messages are sent, and how to effectively defend against them.
Important. In the case of managing a site, spam may go unnoticed, this is often a problem for newcomers because of their lack of knowledge in the area of spam protection and also because they notice the problem too late.
What is Spam on the Internet?
Spam is unwanted messaged that are sent in large quantities. According to the 2011 Kaspersky Lab data, 80% of the total mail traffic is spam. This is a major issue that many major companies are struggling with.
Unfortunately, it is currently impossible to eradicate this phenomenon. The reason for spamming is quite simple, it brings in money for the spammers, which means they come up with ways to circumvent any defensive protection.
But that does not mean that you do not have to fight spam, on the contrary, if all users complied with the basic rules of protection, spam would occur on a smaller scale.
Initially, spam was limited to messages via email; gradually this phenomenon developed and now there are spam comments, malicious links, etc.
Data is taken from merged or sold databases, the distribution itself is inexpensive and there are still people who buy goods and/or services from these messages or are caught in a scammer’s fraudulent schemes.
Yes, large companies fight spam, some measures and innovations are effective, but spam is still advantageous, cold sales with low prices for delivering goods to a user is cost-effective, but only for a business that has no long term plans.
Spam and SEO
Spam in SEO is most often a by-product of Black hat SEO. Such methods are called “black” SEO and I strongly discourage its use.
Some of these methods are still effective, but search engines regularly look for ways to combat “black” SEO. It is only a matter of time before black SEO stops working and people and sites that practice it will be punished by Google or, in time, they will adopt the methods of White hat.
This article is not about “black” SEO, but I will often mention it, as some methods used by spammers are aimed specifically at dishonest promotion on search engines.
You can read more about this in the article about Black Hat vs White Hat SEO.
What Is Spam? Here are some examples:
Spam and Phishing
The difference between spam and phishing is the goals and intent of the person sending the message.
Spam is more of a nuisance, someone wants to sell a product and decided that spam is an effective way to do so. Of course, if this method of sale is chosen, there is a high probability that the product is poor quality or does not exist at all and the fraudster wants to take your money.
Phishing is a phenomenon that is closer to cybercrime: the goal is most often acquiring personal data through fraud or using viruses. In the future, these personal data will be used in fraudulent schemes.
An Example of Phishing.
What are the different types of spam? We will look at 5 of the most common methods that spammers use and how to combat them.
What is a spam message? A spam message is, as mentioned above, an unsolicited message. Google is already pretty good at separating spam from regular messages. Unfortunately, this system is sometimes wrong, and really important messages go to spam.
It is hard to combat email spam if your email falls into any of the spammer databases, the chaos begins.
You can get spam from your contact form, or they will find your email somewhere on a site. More often than not, an email address is listed in a site’s footer, making it freely available.
How to Deal With Email Spam
The problem with the contact form would be solved if you use a CAPTCHA to confirm sending. This can be a little complicated since the email address is published on the site.
You can write the email address so that it would not register as a valid email if a bot were to copy it to a database. For example, you could write the address like this, jack(@)randomdomain.com.
You can also use an image with your email. This method has a serious downside, the site becomes less user-friendly because just like the bots, users are not able to simply copy and paste your email address. The less convenient a site is, the more potential customers you lose.
Why would you do this?
I have to repeat what I wrote at the beginning. Such cold sales still make money because some people buy things from scammers, or worse, they are cheated out of goods and their money.
In general, if you are an experienced user and do not respond to spam, the only harm is that it distracts you and may prevent you from noticing important emails.
This type of spam is used to create backlinks.
Spammers use special software for finding potential spam resources in the comments. Comments are useless for a site, but they help spammers promote by creating links to their resources.
Even if you do not allow the addition of links in the comments on your site, this does not protect you from spam. These people rarely review resources to figure out their particular objectives. They are more concerned with quantity and verification takes time.
The image shows a site whose owner who did not protect themselves against spam in the comments and did not pay attention to it (example of spam).
There are more than 12,000 comments and none of them were authentic, as they were not automatically approved. It is even worse when these comments are approved automatically.
How to solve such a problem?
- Use CAPTCHA. You can use any reputable CAPTCHA plugin (for example, Google reCAPTCHA). This will protect you from some spammers, but it is worth remembering that there is software that bypasses these CAPTCHAs. Also, spammers employ many people from developing countries, who will solve these CAPTCHAs for pennies.
- Use anti-spam plugins. WordPress has Akismet Anti-Spam, other CMS have similar plugins that help combat spamming in comments. But even with these plugins, I recommend you sometimes check them manually.
The most radical solution to the problem is deleting the comment section on your site. This is not the best option since comments have a positive effect on SEO. If comments start appearing on old pages, it will keep the page up-to-date, and given Google’s love of new content, it will have a good effect on the promotion.
Forcing users to register and login to leave a comment will significantly reduce the amount of spam. But it has to be taken into account that this will also deter live users. Not everyone is willing to spend minutes registering just to leave a comment. However, it works well in online stores, where users need to review products.
Why is this done?
This kind of promotion does help in the short term. If you are going to build a serious business, it will bring many more problems in the future.
If a search engine catches you using spam, you will be punished and will not get a chance to be in the top 10 or maybe 100 search results. Google is especially serious in this regard.
Bots and DDoS Attacks
Your site might receive search engine or service bots that analyze the site to give you a report. These do not pose any danger, but spammers have learned to use this tool to attack your site, overload the bandwidth, or firewall.
Sending large amounts of fake traffic within a short time frame is called a DDoS attack. Avoiding DDoS attacks is extremely difficult because there are no obvious errors to avoid preventing an attack, but there are still ways to protect from this.
How to protect yourself against this?
You can use CloudFlare, which is a service that provides effective protection against DDoS attacks. CloudFlare conducts your traffic through its filters and only passes what it considers to be good traffic.
When users go to your site, they will see this window:
The significant drawback of this is that it causes your site to slow down, and Google likes fast sites and slow speed negatively affects conversion.
A Compromise is to use Google Analytics to track unhealthy traffic flows and enable Cloudflare if you notice something suspicious. Google Analytics lets you set up alerts for strange traffic increases.
Suppose your site is visited by 2000 people daily. You can activate the alert in the case that more than 2600 people access the site. If such a surge occurs, you will receive a notification and then you have to figure out what is justified. If it happened for no apparent reason, you should enable Cloudflare.
Why should this be done?
As with backlinks, it is a way to get customers. If your site does not work or works poorly, the client will quickly return to the search bar and find the next store on the list.
A tracker is a useful tool, it is designed to notify webmasters when their site is linked and create a backlink to this resource. To put it simply, you quickly discover who is linking to your site and you can connect with the webmasters who mention you. This is useful for SEO.
Unfortunately, spammers have quickly learned to use this tool for their purposes. If trackbacks are not controlled, the fraudster’s site creates a link to your site, and it automatically creates a link to a scammer’s resource.
Next, the link to your site is removed from the spammer’s source, and to a search engine, it looks like you are linking to its resource, which gives it credibility in the eyes of a search engine.
How to Solve this Problem
You need to disable automatic trackbacks and pingbacks. After disconnecting, you will no longer be able to see who links you. To do this, you will have to use additional resources that can analyze backlinks.
This can be helped by using SEMrush, Ahrefs, and Moz. You can read more information about site analysis services and specifically the resource’s reference profile in the article Best SEO Tools.
Blackhat is one of the “black” SEO techniques that is aimed at harming competitors’ rankings in search engines. It is essentially an attack on your site to cause harm.
These attacks can take different forms:
- Hacking and gaining access to your site
- Eliminating your backlinks
- Creating bad links to your site with negative keys
- Cloning your accounts on social media or creating fake profiles on platforms where you do not have an account
Negative SEO attacks are a real threat and an unfortunate experience for websites that have faced them. The primary mistake of website owners who have encountered this is thinking that it cannot happen to them.
Preventing such an attack is much easier than having to repair the damage.
How to Prevent an attack
Let’s start with the easiest way, you need to turn on the alert system in Google Webmaster tools.
The system can send you email notifications for such circumstances:
- Problems connecting to the server
- When pages are not indexed
- Your site is attacked by malware
- When you are penalized by Google
This is an easy way to immediately detect and issue and not waste time, but it is often overlooked.
To enable notifications, you need to go to your Google Webmaster tools account and find the “Webmaster Tool Settings” page.
Moving on to procedures that are a little more complex, like tracking your backlinks.
Probably the most common way an SEO attack is launched on your site is with the creation of bad links. This is why you need to know about spam backlinks as soon as possible to prevent the attackers’ plans.
How do I check my spam backlinks?
The most effective way to find and identify malicious links is to manually audit the site. It takes a lot of time and effort to do this, thus I recommend using specialized tools, such as SEMrush, Ahrefs, Moz, etc.
How can you tell if a link is bad?
If you do not know how to determine which links are malicious, you should use special services.
Each of these tools has its system for evaluating domain authority. Based on this assessment it is necessary to determine whether the link is harmful (do not worry, the service will tell you).
What to Do with Detected Links:
I recommend creating a document and adding the bad links to it to make it convenient for you to send them to Google. For starters, try to find sites that these links are posted on and ask the site owners to remove the negative links. If you do not receive a response or it is negative, you need to use the Disavow Tool. You can find this tool in your Google webmaster console. This is where you can upload a file with the list of negative links.
Some tools automatically create a disavow file. All that is left is to upload it to this tool.
The search engine will process the links, and they will not harm your site anymore. Inspection should be done regularly because it is quite difficult to find the attacks like this on your site. Prevention is the best cure.
Spammers copy the content on your site and upload it wherever they can. If too much of the content is duplicated onto other resources, Google might place sanctions on your site.
Google has a good tool that allows you to effectively deal with content copying Google Alerts, unfortunately, attackers have learned to use it too.
This is an extremely important factor, if you suddenly notice that your site is slower for no obvious reason, you need to use scanning software to find suspicious activity.
If nothing is found, chances are that you have fallen victim to a forced scan. This creates a high load on the server, which means your website is becoming slower. In this case, you need to contact your hosting or webmaster and find out where the extra load on the server is coming from. Malefactors may be involved.
General Anti-Spam Tips
You can get fines from Google without spammers and intruders being involved, by falling victim to your SEO strategies if you lack sufficient knowledge.
Some advice on what not to do:
- Do not link to sites that have been fined by Google.
- Do not buy links for SEO.
- Monitor the quality of guest posts that posted and do not publish too many of them.
- About 60% of your backlink anchors should use the site name. Using negative anchors can hurt you.
- It is a bad idea to market many links without a “nofollow” attribute on your site.
I am sure that spam is a relic of the past and is living out its last years as a phenomenon. We all should learn how to fight it and when it stops being a profitable business, spam will be extinct.
Pay attention to emails in your inbox, audit your resources, check the links and files in emails (and it is better not to open them if you do not trust the sender), and we will soon get rid of this phenomenon.