A load of “Gobbledigook” from an online form

You have Spam!

Web content editors, designers and developers have all worked hard to make their website interesting, attractive and functional.

A lot of time and money is spent promoting the website. People find the website talk about it and link to it from their website, blog, wiki, bulletin board ect.

Search engines then trawl through the internet looking for links and keywords (among other things). The more links the search engine finds the more interesting the target website must be (all these people linking to it, it must be good)

The search engine goes away tots up all the scores. The one with the most incoming links is the winner. They will be at the top of the search engine ranking for that month (Its not really that simple but I think this is basically what the spammers tell their clients).

The Gobbledigook you receive from the form submission always contains links to websites. The spammer is not trying to get you to click the link. Spammer wanted a link published on a website by filling in a form that would update the blog, wiki ect. Spammer is trying to get as many links as possible pointing at the clients website, increasing the site’s search engine ranking. The results can then lead to the site being listed ahead of other sites for certain searches, increasing the number of potential visitors and paying customers.

How is it done?

A computer programme is used this searches for publicly accessible forms. Once a form is found it adds content into all text fields, a non existent email address into the email field and HTML containing a link into the text area field usually comment, content or message field.

All websites that accept content via a form are at risk of receiving spam via their forms.

Solutions

Disallowing multiple consecutive submissions
Spammers often reply to their own comments. Checking that the users IP address is not replying to a user of the same IP address would help reduce the spam flooding our in boxes.
This however proves problematic when multiple users, behind the same proxy, wish to submit the same form which is quite often the case here.

Blocking by keyword
Spammers have to use relevant and readable keywords so the search engines can index them effectively
Spam could be reduced by blocking the keywords they use simply banning names of casino games, popular pharmaceuticals and certain body enhancements.

Drawback the list could be quite extensive and would have to be maintained.

CAPTCHA
Is a method used to display an automatically generated image of a combination of numbers and letters. The user then enters the letters in to a text field to validate the form.
A computer programme can not read the image and the form will not validate.

Drawbacks sometimes difficult to read and the form needs to be refreshed or submitted several times before you get a readable image.
This system can prove difficult or impossible for the visually impaired who rely on screen readers. Providing an audio version of the characters can resolve this.

CSS
Use CSS to hide a text field. A programme will find the field enter data our validation checks the field if it contains data the submit fails.

Drawback if a screen reader is used it will find the form filed and ask for data the form will then fail validation.

Distributed Solutions
Originally developed for use on blogs but now most form data can be submitted to one of the services.
When a user submits a form the content is sent to one of the services. The content is then filtered. The service looks for links and keywords it also compares the content against a database of known spam content already submitted. The content is then given a score and sent back to your server. The server then accepts,flags or rejects the content based on the values you set.
Akismet, Defensio, Mollom are some of the web based distributed services.

Drawback Valid users can be blocked. If a user is wrongly flagged as being a spammer it can be difficult for that user to post data to websites using the same service.

Handling sales calls

I receive quite a lot of sales calls and I’m certain I’m not handling them properly.  The problem is that I’m probably not interested in what they’re trying to sell me yet I don’t want to miss out on something that could interest me. So generally I’ll ask them to email me some details and I try to take a look.

But it doesn’t stop there.  They want to follow up with me to see if I’m interested yet and this goes on and on ad infinitum! So how can I deal with them better?

My idea is to put stuff out in the public. I’ll tell you what I’m interested in hearing about and you tell me what your offering is.  If I like it, we can talk further about the offering with the possibility of using your software or service.

If on the other hand I’m not impressed or it’s not something I’m interested in then I’ll tell you, and the rest of the world.  How does that sound for a deal?

So here’s a few things to get you started with my thoughts…

Content Management Systems

I am almost certainly not interested in acquiring a content management system.  This blog contains lots of posts about our approach to building websites and you’ll quickly see that doesn’t involve decentralising control to several thousand content publishers.  A good place to start is my presentation “Building an Anti-CMS” from PHP North West.

Having said that, if your approach offers something genuinely different – I’m thinking along the lines of an approach to openness that isn’t usually seen – then I’m interested in seeing your product, but it’s still unlikely we’d adopt it in the next 18 months.

Search Engine Optimisation / Paid Advertising

If you make any claims that you can control anything in this sphere, I don’t want to hear from you.  Far too many people are peddling snake oil and it’s not funny.  If you want to send me a “free report” and it’s simply an output from some free tool then don’t be surprised if I’m not impressed.

The only thing I’m likely to be interested in related to SEO/Adwords is good value training to allow us to do some stuff in-house.  Ideally you would be able to cover a variety of technical and content-editing topics over a day’s course.

Virtual Tours

Some interest in these but you need to be honest about what you’re offering.  If you’re making use of a free package to create the 360-photos then admit it – I can tell from the Flash player you’re using anyway.  Show us what value you can add to the offering.

Open for submissions now

I don’t have the time to build a fancy submission system so I suggest using this blog post.  If you want me to have a look at something leave a comment below with a link to the demo website or any other information you have.  Comments are approved prior to appearing and it’s possible Akismet will spam trap them even earlier – if that’s the case then you might want to look at your sales description 😉

Apologies to all the people who’ve phoned me over the last 12 months and I’ve fobbed off – it’s a fresh start from here so feel free to submit now!

Google Gone Phishing?

A couple of us in the office received an email from Google about Analytics and AdWords:

Hello,

It’s come to our attention that your AdWords account has not been properly linked with your Google Analytics account. If you do not link your accounts by March 5, 2008, we cannot ensure that your data from AdWords will continue to populate in your Analytics account.

It’s fast and simple to link both accounts. Please review the various scenarios below and follow the instructions that best suits your needs.

[bunch of links]

We ask for your cooperation to help us make your experience with Google Analytics the best that it can be.

Sincerely,

The Google Analytics Team

It looks fairly legitimate – the links actually point to the address shown in the email (a common tactic with scammers) and it’s certainly possible that this is something we (and me personally – I got an email to my personal Gmail address) need to do.

But you can never be certain so I Googled for “come to our attention that your AdWords” and received just one result – a forum post on Search Engine Watch about the very same email – it seems that we’re not the only ones getting it. The general consensus is hang on and wait until Google confirm it so I’ll be keeping an eye on it until then.

What’s more interesting though is that the forum post I found was less than an hour old – Google had spidered it blisteringly fast! This is a massive difference to just a few years ago when search engines would update their index maybe every couple of months if you were lucky.

Let’s see how quickly this post gets indexed!

Update: less than 20 minutes!

>