User-Submitted Spam

I’ve recently started seeing a new type of spam. It only appears on posts with images. The content of the spam appears to be innocuous, but the Name and the URL of the commenter are both spammy. The content of the post, although innocuous, appears to be a description of the image. For example, if the image was that of a cat, the comment might be:

“This is a cute picture of a cat stretching out his legs.”

What’s going on here is likely the sort of thing that spammers use to defeat CAPTCHAs. They’re presenting the image in the post to a user who wants something, and the user is providing innocent, human and relevant text to help the spam slip by the filters. Then, a spam comment is submitted on behalf of that user, using the text they provided. Heck, the user may end up submitting the spam themselves, in order to get a nice innocent-looking IP address and user agent. I’ve seen a few of these spams slip by both Bad Behavior and Akismet.

Has anyone else seen spam like that? If you have posts with an image, check them. The comment might have looked innocent enough to slip by you!

5 thoughts on “User-Submitted Spam

  1. Seen a few like that, but because I have the “Comment author must have a previously approved comment” option enabled none of them have gotten pass WP spam filtering.🙂

  2. I have comment moderation on too and I’ve seen these spams as well on both my photoblog and http://ocaoimh.ie/ – the spam will generally be on-topic and it’s obvious that the author has read the post but will have a link to a commercial site.
    I even tried emailing the author of one because he provided some useful information but he failed to reply so I zapped his comment, and his spammy wordpress.com blog🙂

Comments are closed.