Preventing "Spammers" from being notified of new Posts

  • Author
    Posts
  • #1217472

    bitemefanboy
    Member

    I’ve recently begun to receive lots of notifications that so & so is now following my blog. Unfortunately many appear to be spammers. Today brought the following notifications.

    cruz_orell​ana474@133​.cashadvan​cezip.com is now following your blog
    brooke_cor​dova4518@1​32.cashadv​ancezip.co​m is now following your blog
    brenda.coo​n4375@131.​cashadvanc​ezip.com is now following your blog
    raquel.str​auss4614@1​30.cashadv​ancezip.co​m is now following your blog
    dorthea.ty​ree7756@12​9.cashadva​ncezip.com is now following your blog
    autumnflem​ming5138@m​ailnesia.c​om is now following your blog

    Sure sounds like spam to me, but Is there anyhting I can do to prevent this from happening? Is there any way that when I do post that these “people” are not notified?

    Thanks!

    The blog I need help with is bitemefanboy.wordpress.com.

    #1217582

    raincoaster
    Member

    You can’t prevent people from being notified of public posts, but you can report them as spam. This thread has already been marked for staff attention.

    #1217677

    macmanx
    Staff

    More than likely, they have blogs, which will be listed in the follower notification. When you receive that, please report the blogs via http://en.support.wordpress.com/report-blogs/

    #1217755

    bitemefanboy
    Member

    Macmanx,

    I’ve gone throught my list of Email followers (it continues to grow daily) but none of them appear to be blogs. As of tonight I have 90 email followers: 21 from @mailnesia.com, 7 from @oldcelebrities.net, 3 from @coolmailer.info, and 6 from @###.cashadvancezip.com (numbers are sequential). There are also a number of hotmail accounts that just smack of spam.

    It would be helpful if WordPress allowed users to delete any email follower they suspected of being spam. The ability to create filters (like most email programs) while not entirely stopping situations like this would, if caught early, would allow a user to create a filter thus limiting the amount od spam.

    Thanks for getting back to me so quickly!

    #1217764

    macmanx
    Staff

    Thanks, we’re aware of it.

    We’re still trying to figure out a motive for these fake email subscribers so we can actually target the motive itself and put a stop to it. So far, we’re running a bit short.

    They have nothing to gain from reading your blog and nothing to gain from affecting totals. Unlike WordPress.com (non-email) followers, where you receive a notification email with links to their blog and Gravatar profile, there’s really nothing for them to gain.

    Once we can figure out a motive, it’s pretty trivial to stamp out the behavior for good. If not, we’ll look into a better way to manage subscribers overall.

    #1217765

    raincoaster
    Member

    Is it not simply to facilitate blog scraping? I encountered an outfit recently that wanted ten articles a day from their writers, a pace nobody could keep up, and they took pains to explain that they wanted good material “wherever it is on the web” so might this not be where some of those criminals are getting their articles?

    #1217767

    macmanx
    Staff

    That could be, but RSS feeds (which are freely available on all public blogs) would facilitate much easier scraping than emails.

    #1217768

    raincoaster
    Member

    Yes, but you have to be SMART and KNOWLEDGEABLE to know how to use an RSS feed. Most of the people I’ve encountered are of the “how do i put adsense for get villa in france” level.

    #1217774

    macmanx
    Staff

    True, it is “easier” to copy and paste from an email than parse an RSS feed, but once you setup an RSS parser, it’s fully automated wholesale copying. Copying and pasting emails is an insurmountable task, especially at the levels of blogs that some email-only accounts are subscribed.

    I monitor my blog for a variety of things so I can shut down spammers on this end (it’s oddly therapeutic), but I haven’t noticed any sort of wholesale content theft that I’d expect if even a quarter of my email subscribers were just scraping my blog, in fact I haven’t seen any at all over the past few months.

    It’s a very odd case. I mean, I admit that it’s frustrating, but it’s very odd. Without a clearly obvious motive, it’s nearly impossible to be sure if an email follower is truly fake. Fact-wise, they have absolutely nothing to gain. Speculation-wise, we can say that they’re doing it to copy and paste our blog content, but I’m not seeing any evidence of that trend.

    I’m not sure how much ground we can gain campaigning on that level, since RSS feeds are freely available and offer more automated scraping.

    Regardless, without a clear motive, this may result in more blogger-facing subscription controls sooner rather than later.

    One thing to keep in mind though, if email-only followers have absolutely nothing to gain except the ability to read your posts via email, how can you be sure that they’re fake?

    #1217776

    ismailimail
    Member

    Fact-wise, they have absolutely nothing to gain

    @mcmanx, isn’t above contradicting this:

    We’re still trying to figure out a motive for these fake email subscribers

    If you do not know their motive, you cannot tell factually what they’re trying to gain.

    The fact of the matter is that these fake-followers are playing with and gaming the software platform by utilizing another software. The sheer number and the widespread corruption, only suggest that very few miscreants (people) are behind the scenes but they are using some form of software/script etc to mess with WordPress software. You on the other hand, as a responsible party for protecting WordPress, is looking to circumvent this situation by finding out the people and their motives. People and their motives are behind the scenes. What you have in the front is two software. In my opinion, your first attempt should be to defend your software through machine defense, i.e, find weak entry-points and stop the weak links in your own software. As a second defense, you can then look into figuring out why and who is trying to play with your system.

    Your last paragraph suggest that you are still not convinced that we are reporting a real problem here. Many of us have already reported that we are seeing suspected looking email addresses subscribing our blogs. I even gave a screen shot example on another thread. Tell me, does “katrice5365” AT “cashforsurveysreview” DOT net sounds legitimate? It doesn’t take a rocket scientist to see an email address and tell that it is a fake.

    We are more concerned about loosing sight of our legitimate followers due to the aggressive number of fake ones in the mix.

    #1217777

    macmanx
    Staff

    If you do not know their motive, you cannot tell factually what they’re trying to gain.

    Actually, yes I can. Fact = evidence. We have no evidence to the contrary, so fact-wise they have nothing to gain, which is why we’re still trying to figure out their motive.

    On the other hand, what you have said above is wildly unsubstantiated speculation.

    gaming the software platform by utilizing another software . . . using some form of software/script etc to mess with WordPress software . . . find weak entry-points and stop the weak links in your own software

    These folks are subscribing via email just like any other person would. The only other software they’re using is a web browser, and the only mess they’re causing is establishing themselves as a subscriber. There is no “weak entry point”, simply a subscription form that anyone with a browser and an email address can use.

    You’re trying to make this sound like a security issue. It’s not, and it never has been.

    Let’s stick with what we know is true and avoid speculation.

    If we attack the behavior, we stop the problem. If you all you do is spread fear, uncertainty, and doubt, it only serves to cause a panic and distract from the real issue at hand.

    #1217779

    ismailimail
    Member

    With regret, I have temporarily disabled Email Subscription box and Follow box-for-logged-out-users, at my blog for now. I am not seeing hopeful sign of acknowledgement of a problem by WP staff here as of yet.

    #1217780

    windwhistle
    Member

    @macmanx — I suggest their motive could be simply the satisfaction they get from knowing they’ve annoyed someone. Sort of the reverse of the satisfaction you get from shutting them down.

    #1217781

    raincoaster
    Member

    It’s worth mentioning that the blog “writing” conglomerates have been required to provide proof they’re not using software to scrape blogs; their solution is to force the individuals to make posts manually. Easier to do from an email than an RSS feed, no?

    #1217782

    auxclass
    Member

    @RC – easier to copy an email when the blogger sends out the whole Post in the email – also copy off a web page is easy – the only RSS thing I use is the Reader here so I am a bit limited in experience with RSS stuff

    #1217783

    macmanx
    Staff

    True, with the crackdown on automated scrapers, it’s safer to just go manual, but then there’s Google’s heavy penalties on duplicate content. Of course, I’m assuming that they know or even care of such things, which I already know is wrong. :)

    Anyway, this is definitely a problem, and one which we have been working to find the best way to counteract.

    #1217785

    auxclass
    Member

    @macmanx – I doubt a scrapper really cares – the original blog if the scrapper is quick enough the scrapped content is up quickly and the original blog never knows they are penalized because search engine traffic starts low (new Posts take a bit of time to be indexed unless they are on a site like CNN or Huffington Post) – the scrapper does not care – after all the cost of the content was a few minutes for someone to copy and paste into a scrapper blog – and if they have many scrapper blogs low search engine traffic would not be a big deal because they have a lot of sites –

    Proof of my hypothesis? If the scrapper sites all lost money they would go away quickly not continue to ramp up –

    #1217786

    ismailimail
    Member

    Could someone please tell me how can anyone follow a blog when there is no Email subscription widget, nor a Follow box, enabled on the blog?

    I am still getting email notifications from junk/spam followers even though I have disabled all options from anyone to subscribe my blog via email.

    #1217791

    macmanx
    Staff

    Could someone please tell me how can anyone follow a blog when there is no Email subscription widget, nor a Follow box, enabled on the blog?

    If they’re logged in to WordPress.com, they’ll see “Follow” in the admin bar. They can also follow a blog from the Reader.

    #1217792

    ismailimail
    Member

    It seems the Followers have slowed down. No fake follower today and yesterday except for the few yesterday morning (when I made the above post). The Likes through the Reader is usual and I don’t yet see any suspicious one (I am fine with Reader being a separate entity and generating whatever activity it does through my blog).

    I hope to bring back the Email Widget in a day or two, after watching how the Follower count, through the use of WP Reader, behaves for next two days.

The topic ‘Preventing "Spammers" from being notified of new Posts’ is closed to new replies.