Web 1.0 gave us email - and all the spam we could stand to go with it. Web 2.0 gives us blogs - and comment spam, splogs and clever (and not-so-clever) blog phishing expeditions. While most of the time, spam is fairly harmless, it can also be used as a delivery mechanism for all kinds of nasty viruses and computer attacks. This lesson will give you a quick overview of the "2.0" spam that is out there and how to avoid it.
Comment SpamThis form of spam is basically a response to a blog post that either 1) has nothing to do with the post and is just a way for the commenter to get his URL out or 2) is a laundry list of links to porn, gambling, drug or malware (bad software that carries a virus) sites. Many of the more popular blogging platforms already do a pretty good job of screening out that kind of spam, but some will get through - just like email spam. You can set comments to moderated so that you have to approve all comments, but that is time-consuming for you and can put a damper on the conversation if people have to wait a while for their comments to show up. The "best practice" for blogs is to allow unmoderated comments, but pay attention to what is coming through and ruthlessly delete any that aren't on-topic and useful!
SplogsSplogs are blogs that are in exist
only to make their creator's some money. The creator "scrapes" other blogs for content - basically copying and pasting whatever is said on another blog to their blog (sometimes this can be automated) and sticking advertisments on it - hoping to get traffic that may have been headed to your blog to come to their blog instead - where they can then show them a bunch of ads and make some money! This is, of course, a violation of copyright, usually. Depending on the copyright license you choose (see the Creative Commons lesson earlier in the year for more on that), just attributing the post to you - and not all of them do that - is not enough for many licenses. Even if they do attribute, they aren't adding value, or ideas, just copying and nobody likes that. The bad news is that there isn't much you can do about them. You can complain to Blogger or Wordpress.com and get them shut down, but they'll be back very quickly. You can also take the fact that they are copying your work as a compliment. They wouldn't do it if they didn't think it would get them some traffic!
Blog PhishingThis is a fairly new phenomenon that puts links to phishing sites (see Wikipedia's definition of
phishing if you aren't familiar with the term) into either your comment area of your blog, wiki or "comment wall" or into your referrer logs (the statistics that show who is linking to you and that some Web 2.0 services offer - such as Wordpress.com). These links will take you to a site that you may think is one thing, but is actually something far more malicious and dangerous.
Twitter Attacks
Recently, there was a news story on the
BBC website that documented the first known Twitter attack.
The account's profile link went to a site that attempted to download a fake version of Adobe's Flash player, which then went on to steal data off of your computer. Other Web 2.0 sites, most notably MySpace, have fallen victim to malicious profiles as well.
Protection
How do you protect yourself from all of these attacks? The easiest way is to use a browser or operating system (OS) that is more secure than the standard (Microsoft) options. The Firefox browser and the Linux, MacOS (based on Linux) operating systems are currently more secure than most versions of Microsoft's operating systems (including Vista and XP). Most of the security, however, comes from the fact that they are relatively unused and so virus/malware writers don't target them - the MS world is a much bigger target. Not all of us have the option of choosing our OS and browser, anyway, so if you have to use IE and XP or Vista, you can still take precautions.
Paying attention to what you are clicking is key - note whether the URL (the website's address) has funny characters (ones (1) instead of lowercase Ls (l) or zeros (0) instead of lowercase Os (o)) and be careful when clicking on URLs that are shortened with a service such as
tinyurl or
is.gd. Those URLs don't give any clues at all about what lies behind them! Make sure you know who is sending you a shortened URL before you click!!
For the spam issues, you can also use a good spam filter that is built into most blogging platforms to help cut down on the comment spam that you get. Wordpress uses the Akismet filter. I'm not sure what Blogger uses, but it isn't bad... This will help you keep the comment spam under control and your blog far more useful for both you and your readers!