Ghost Spam – Understanding and Blocking
Understanding and Blocking Ghost Spam
A new type of spam has recently begun aggravating website developers and SEO marketers. This is a variety of spam known as ghost spam. In many circles, it is also called referrer spam. Unlike keyword spamming, which is otherwise known as keyword stuffing, ghost spam will not involve the spammer paying visits to the victim’s websites or email accounts. Instead, the Google Analytics statistics will show hits that did not actually take place. Google Analytics users are finding evidence of this in increasing numbers lately, and seeing it has prompted questions about how it works and how to deal with it.
Spotting Ghost Spam
A frequent indicator of referrer spam is the presence of odd keywords in organic search. Random phrases strung together are common, and they often resemble the unusual strings of phrases that are typical of keyword stuffing. Developers see these keywords and wonder why the analytics show hits for those odd phrases. The hits, however, are not real. They are the result of machinations by spammers that only make it appear as though the site has logged the hits.
Clues are also found by viewing other referrer information, and that is where some unknowing webmasters will fall prey to ghost spam. One of the reasons spammers engage in ghost spamming is to drive traffic to the referrer sites. Curious webmasters often visit websites listed as referrers. Naturally, they have an interest in the websites driving traffic to them. Note that the tactics work similarly to phishing schemes. One of the domains often spotted in ghost spam, for instance, is hulfingtonpost.com. The hope is that webmasters will see that domain and mistake it for huffingtonpost.com.
Ghost Referrals vs Bots
Before digging in to tackle ghost spam, it is helpful to be clear on the difference between bots and ghost referrals. They will present themselves differently within Google Analytics, and they must be handled differently. Crawlers tend to identify themselves correctly, but the ghost referrers tend to obscure their presence with fake host names and page titles in the referral details. Bots will also not leave the unusual keyword strings that are common with ghost referrals. Adjustments to .htaccess files are effective in dealing with bots, but they fail to take care of ghost referrals because only the bots will have actually crawled the sites.
How They Do It
The spammers manage the ghost referrals by spoofing the details of a GET request for reporting page view information. The spammers only need to have the Property ID of a site to spoof the remaining details in any way desired. The Property ID can be found with ease in the tracking code of any page running Google Analytics. The ID is publicly accessible to anyone through the web pages of any potential targets.
Seeing ghost spam in a site’s referral information can be alarming, particularly when the presence is indicated by unusual keywords. The good news is that this type of spam presents no security concerns for web developers. Aside from pulling the Property ID from the page targeted, the spammers need not visit the site again at all. They typically have no reason to try. The spammers can use their scripts to spoof page views without clicking onto any of the site’s pages. Data from Google Analytics is not used for page ranking, meaning site administrators have no reason to fear repercussions of inaccurate statistics.
Ghost spam can, however, cause other problems. Most notably, the presence of spoofed page views can mislead webmasters and marketers about the legitimate traffic their sites receive. Sites relying heavily on Google Analytics for their continued SEO efforts find the ghost referrals particularly troublesome. Assessing the success or failure of an SEO campaign is complicated a great deal by unreliable site statistics.
Blocking Ghost Spam
Filters are the best line of defense against ghost spam, but there are limits to the effectiveness of the tool. A webmaster can create an exclusion filter for a specific keyword that has signaled the presence of ghost spam. This blocks referrals from displaying in the statistics if they contain the matching keyword. Filtering for host names that are seen to be offenders will also block those referrals from the display. Care should be taken with filters, though, because data is irretrievable once filtered.
Webmasters, marketers and developers must keep in mind that there is currently no way to prevent spammers from making these attempts. Because spammers can send these page view reports without actually visiting the targeted sites, there is nothing a site maintainer can do on the site to block the attempts. As long as accurate statistics can be made available as needed, however, it is safe to ignore the attempts and concentrate on more vital business tasks.