Fishkin tells WebProNews that Google’s Penguin update was not the motivator behind the project, though he did have this to say about the update:

“In terms of Penguin – it’s done a nice job of waking up a lot of folks who never thought Google would take this type of aggressive, anti-manipulative action, but I think the execution’s actually somewhat less high quality than what Google usually rolls out (lots of search results that look very strange or clearly got worse, and plenty of sites that probably shouldn’t have been hit).”

You can read more about Penguin via our various articles on the topic here.

“We’ve been wanting to work on this for a long time, but our data scientist was previously tied up on other items (and we’ve just hired a research assistant for the project),” Fishkin tells us. “The original catalyst was the vast quantity of emails and questions we get about whether a page/site is ‘safe’ to acquire links from, or whether certain offers (you know the kind – ‘$100 for 50 permanent text links guaranteed to boost your Google rankings!’) were worthwhile.”

“Tragically, there’s a lot of money flowing from people who can barely afford it, but don’t know better to spammers who know that what they’re building could hurt their customers, and Google refuses to take action to show which spam they know about,” he continues. “Our eventual goal is to build a metric marketers and site owners can use to get a rough sense of a site’s potential spamminess in comparison to others.”

“A score (or scores) of some kind would (eventually, assuming the project goes well) be included in Mozscape/OSE showing the spamminess of inlinks/outlinks,” he explained in the Google+ announcement.

According to Fishkin, the SEOmoz algorithms will be conservative and focus on the most obvious and manipulative forms of spam. “For example, we’d probably catch a lot of very obvious/bad link farms, but not necessarily many private blog networks or paid links from reputable sites,” he said in response to a comment on his Google+ post.

Also in the comments, Fishkin indicated that data would be presented in a ‘matches patterns of sites we’ve seen Google penalize/ban” kind of way than a “‘you are definitely webspam’ type of thing.”

The data scientist Fishkin spoke of will present the findings at the company’s Mozcon event in July. Fishin expects an actual product launch late this year or early next year.

Earlier this month, the company announced that it has raised $18 million in VC funding.

Comments

Now Google is planning to launch an important algorithm change that will target webspam. So sites with poor quality/keyword stuffed content/link schemes, and generally not living up to Google’s existing quality guidelines will be hit. As Google says, “We’ve always targeted webspam in our rankings, and this algorithm represents another improvement in our efforts to reduce webspam and promote high quality content. While we can’t divulge specific signals because we don’t want to give people a way to game our search results and worsen the experience for users, our advice for webmasters is to focus on creating high quality sites that create a good user experience and employ white hat SEO methods instead of engaging in aggressive webspam tactics.”

Google’s Target-Webspam

Google has defined Webspam as the ‘black hat’ tactics used to get higher rankings with activities like: keyword stuffing, link schemes, “doorway” pages, cloaking and duplicate content (knowingly copied). So, if you have a site with keyword stuffed content you are most likely to be taken down by Google. Google’s new algorithm change will also weed out sites with unusual linking patterns, and unrelated content.

Google has said that this algorithm tweak will go live for all languages at the same time. And the sites Google believes that are “engaging in webspam tactics to manipulate search engine rankings” will be hit.

Impact of the algorithm change

Google has said that this algorithm will impact:

• 3.1% of English queries
• 3% of German, Chinese and Arabic
• 5% of Polish queries

White Hat SEO encouraged by Google

Google has again cautioned webmasters to stay away from spamming and indulge in white hat search engine optimization, to create high quality web sites. As Google has said, “Google has said before that search engine optimization, or SEO, can be positive and constructive – and we’re not the only ones. Effective search engine optimization can make a site more crawlable and make individual pages more accessible and easier to find.“White hat” search engine optimizers often improve the usability of a site, help create great content, or make sites faster, which is good for both users and search engines.”

How do you plan to deal with this new algorithmic change? Do you think you are safe? Do share your views.

Comments

For the spammers in this list of defendants, Lucero and Harris, the argument is simple: they violated Twitter’s terms of service, which specifically ban user from certain activities defined as “Spam and Abuse.”

Suing the makers of the spam software is a little more tricky. The lawsuit claims that until recently, the TweetAttacks website advertised by saying “Replies will appear very natural. They will be posted via the WEB NOT THE API and it will look like being posted by a REAL HUMAN” [sic]. Since they were not directly violating Twitter’s terms of service, Twitter instead argues that the automated scripts they developed accessed Twitter’s website instead of its API, which Twitter does not allow. The lawsuit reads:

By connecting the TweetAttacks (TweetAdder and Tweetbuddy also get identical proclamations) software to Twitter’s websites and services through unauthorized means rather than through Twitter’s official API, TweetBuddy violates the Twitter TOS and induces violations thereof by the users of its software.

Twitter wants damages, including punitive damages, from each of the defendants, in an amount not less than $700,000. In addition, they want a court order banning the defendants from spamming or marketing their spam software. The $700,000 amount is arrived at from estimates of what each defendant cost Twitter. Specifically, the want $100,000 from Lucero, $75,000 from Harris, $75,000 from TweetAdder, $300,000 from TweetBuddy, and $150,000 from TweetAttacts.

The text of the suit can be seen here courtesy of Marketing Land.

Comments

However, Google’s ad engineers are up to the challenge and they shared in a recent video how they find and remove spammy ads.

In the video (see below), Google’s Head of Ad Policy Engineering, David Baker, explains that Google’s aim with advertising is to ensure they provide the least intrusive and best ads to users. Ultimately they aim to deliver the right ads when the user wants them and never show harmful ads.

So when a scam ad is found, Google doesn’t just ban the ad, they ban the advertiser altogether from working with Google ever again. Ouch – take this as an official warning! In 2011, Google shut down 800,000 advertisers for violating Google’s advertising policies.

How does Google find the ads that violate their policies?

Well as Baker explains in the video, it isn’t a simple process:

With billions of ads submitted to Google every year, we use a combination of sophisticated technology and manual review to detect and remove these sorts of ads. We spend millions of dollars building technical architecture and advanced machine learning models to fight this battle.

Our automated systems also scan and review landing pages—the websites that people are taken to once they click—as well as advertiser accounts. When potentially objectionable ads are flagged by our automated systems, our policy specialists review the ads, sites and accounts in detail and take action.

Here are some of the improvements Google has made to this automated detection system of late:

• Improved “query watch” for counterfeit ads: While anyone can report counterfeit ads, we’ve widened our proactive monitoring of sensitive keywords and queries related to counterfeit goods which allows us to catch more counterfeit ads before they ever appear on Google
• New “risk model” to detect violations: Our computer scanning depends on detailed risk models to determine whether a particular ad may violate our policies, and we recently upgraded our engineering system with a new “risk model” that is even more precise in detecting advertisers who violate our policies
• Faster manual review process: Some ads need to be reviewed manually. To increase our response time in preventing ads from policy-violating advertisers, we sped up our internal processes and systems for manual reviews, enabling our specialists to be more precise and fast
• Twenty-four hour response time: We aim to respond within 24 hours upon receiving a reliable complaint about an ad to ensure that we’re reviewing ads in a timely fashion

How can you avoid having your ad banned by Google?

Google encourages all advertisers to review the Google advertising policies before submitting an ad, because once your ad has been banned, you wont be allowed to advertise again.

Comments

While malware remains a significant problem on computers – PCs far moreso than Macs – the biggest area of growth for malware has turned out to be mobile. Google’s Android platform is increasingly the target of malware. According to the report, mobile malware and adware were at an all-time high in 2011 in general, and in the fourth quarter in particular. Most Android malware hijacks users’ phones and uses them to send SMS messages. The ease with with an Android device can be rooted makes the problem worse, as the same exploits rooters use to hack the operating system to increase their ability to customize it can also be used by attackers to hijack the phones.

Meanwhile, malware growth on PCs appears to have declined in the fourth quarter. Yet the study warns that there were still over 75 million unique malware samples recorded, meaning that users cannot afford to relax their vigilance. Macs remain the most secure platform. Despite a spike in June, the malware threat on Mac computers remains all but nonexistent. Nevertheless, the report reminds users that “it’s always wise to protect your system, even if it’s a MacBook Air.”

Perhaps the best news to come out of the report involves spam. While spam email messages still vastly outnumber legitimate email messages, the gap appears to be closing. While some countries – including the United States – experienced slight increases in spam volume, overall volume was the lowest it’s been in years. The report cautions, though, that the threats represented by spam email remain as strong as ever, and perhaps even stronger. While volume has certainly decreased, the report notes that address lists for spambots have become more accurate and more precisely targeted.

The full report, which includes a more detailed breakdown of threats and a country-by-country breakdown of spam rates, can be found in PDF form here. Another interesting detail tucked away in the report’s discussion of malware is that the majority of malicious sites are actually hosted in the United States.

Comments

Below, I have provided some pointers to keep in mind when utilizing the Internet and accessing your e-mail account:

• Are The Links The Same? – Whenever you get an e-mail from a friend (especially if it’s an HTML-based e-mail), prior to clicking a link, make sure that the URL in the body of the e-mail matches the link at the bottom of your browser / e-mail client. To see if the link matches without activating it, please hover your mouse cursor over the link to preview the actual link where it will take you.
• If It’s Too Good To Be True, It Probably Is – Often, especially if you are signed up with numerous websites, you may occasionally get an e-mail (that you are not subscribed to) with an offer that is too good to refuse (e.g. “A Free Trip to The Bahamas”). These e-mails are designed to get your attention and to gain the most gullible users as possible. These links (that will most likely ask for your credit card information and SSN) are dangerous, even though it may look harmless.
• The Typical “One Link” E-mail – You may have seen in your Inbox messages (if they have not already been sent to your Spam box), an e-mail with just one link in the body of the e-mail without any explanation what it’s to. These “one link” e-mails are also sent to a large group of people (most likely the sender’s entire contact list). Do not click the one link, because the more than likely, the same issue will happen to you, and the one link will be sent to all of your e-mail contacts as well.

Please be sure to keep these three anti-spamming hints and tips in mind, so that you can get the most out of your Internet experience.

Spam, of course.

Some people are reporting receiving emails that contain a simple line of text announcing the death of Jong-Il, which was likely copied from a reputable news source. The emails comes with an attachment named brief_introduction_of_kim_jong_il.pdf.pdf. Others are seeing an email with the attachment Kim_Jong_il_s_death_affects_N._Korea_s_nuclear_programs.doc, once opened it unleashes backdoor-opening malware to your system, which has the capability of connecting to servers for further directions.

The BBB offers the following advice:

1. Don’t let your curiosity get the better of you. If you want the latest, go to the homepage of a reputable news organization and read about Kim’s death there.
2. Don’t open any email attachments or click on any links.
3. Keep your anti-virus software up-to-date, and run a complete system scan if you have opened anything suspicious.

As with any email: if you don’t know the sender, or you suspect it of being malicious… it probably is.

Dave’s Answer:
It wouldn’t be Internet, it wouldn’t be social media, if there weren’t trolls, cranky folk and spammers floating around in the pool too, so unfortunately it’s a fact of life, even in the new universe of Google Plus. I don’t know how they creep in, actually, but as soon as millions of users showed up, well, then the people that hide under rocks appeared too.
Fortunately the Google Plus team knows that there are going to be spammy and inappropriate comments left, and that there are also going to be comments people leave that you’ll want to delete but won’t want to necessarily report as abusive or spammy. Two different scenarios, right?
The problem is that the controls to edit your comment stream appear in one area but not another, and they’re hidden unless you know where to look for them.
Let’s dig in…
I posted a question to Google Plus about trips and weather, and the first [planted, Scott's not normally this abusive, just so you know] comment is rather troublesome:

The problem is that while this mini-window is great if you’re in Gmail or otherwise using a different Google tool, you can’t make any changes to the comment stream. What you can do as a handy shortcut, though, is scroll to the bottom of the mini-window:

Click on “View all mentions of my name” and you’ll see the same post and comments, but in the main Window rather than just the mini-window:

Now things get interesting because if you move the cursor to the lower right side of the comment you don’t like, some additional icons magically appear:

The flag icon lets you report a comment as abusive:

Once you’ve done that — if appropriate — then you can remove the comment from the discussion entirely (needless to say, they’re two different things, to match the two scenarios mentioned earlier) by clicking on the “X” icon:

Click on the “X” and you’ll be asked to confirm that’s what you want to do:

Really want to delete it? Then click on “Delete”. It won’t notify the author that it’s been deleted, but if they go back and review the discussion, they’re obviously going to know that their comment has mysteriously vanished.
Finally, the feedback that Google+ shows you:

Once it’s “crossed out” then you can be sure that the comment won’t appear for anyone else and, if you reload the discussion, it’ll vanish for you too.
Hope that helps you manage the discussion and mark as abusive all those annoying spammers!

Comments

Well done, hackers. Well done.

Although a hack like this might seem innocuous–even trivial–to some, it’s can actually be debilitating. Especially to a solo business owner who has limited infrastructure in certain spots.

As painful as this experience was, it was also an eye-opener and a blessing in disguise in some ways. I moved my professional email “on domain”–if you need my new email, send me a DM on Twitter or a private messages on Facebook and I’ll share it there. That was long overdue. And, a few days later, after numerous emails and submissions to Google, I thankfully recovered the account.

I also learned a number of other important lessons that I wanted to share with you today. I wouldn’t wish this experience on my worst enemy. But, hacking happens. And, if it happens to you, keep the following tips/lessons in mind:

Act quickly

I didn’t recover my account as quickly as I would have liked, but I’ve heard of others that have recovered their Gmail accounts within a day or two when they acted decisively. Submit your form to Google. They’ll ask you a bunch of impossible questions to determine if you’re the correct account owner. Answer those as best you can. But, cover off on that step quickly. Then, just make sure to follow the money. Most hackers are after money. If you have Paypal accounts or other bank accounts linked to that email, find those accounts and change your passwords ASAP. Shut off all connections with your money.

Go hosted, if you can

Gmail’s great. It’s the most popular email platform for a reason. But, it’s not without its limitations. Chiefly, if you get hacked you are at Google’s mercy. There’s no 1-800 number to call (for most people). No human to reach. Just a blind submission form. And, they may or may not get back to you with answers. If you’re a business owner, that’s not the answer you want to hear. So, it really leaves you with no choice but to go hosted. That way, you have access to real people when things turn south. People who can deliver answers in real time.

Communicate via other social networks

Once you’ve taken steps to unhack the hack, you need to start thinking about communications. Chances are people are sending emails to your Gmail address and expecting a reply. Only thing is:  You don’t have access so they’ll never receive a reply. That’s an issue. So, you need to take immediate steps to resolve that. Post a note on the social networks you’re active on with this information and the new email address you’re now using (for me this was Facebook, Twitter and LinkedIn). Even consider using a mass text message for key clients and colleagues. You need to get the correct email address to key people as soon as you can to ensure a gap in business communications.

Ask for help

Now is not the time to be stubborn. Ask for help from your friends and family. Chances are, there’s someone who can help you with the hack. And there are certainly people who can help spread the word about your new email address. In my case, my email angel was Patrick Rhone.

Change your passwords–regularly

Learned this one the hard way, but it bears stating here. Make a calendar reminder to reset your passwords each month/every other month. It’s something I’ve put off in the past, but you can believe it’s going to be a priority going forward. It might be a huge pain-in-the-ass, but it’s worth it. I can attest.

What about you? Have you been hacked on Gmail or other platforms? What tips or lessons do you have to share?

Comments

The spammer, or spambot, includes hyperlink in the comment with the aim of increasing the linked site’s search engine rank or gaining visitors by internet users clicking on the link (although we have also had spam comments where the spammer has included no link and just the name of their company or product that is being “promoted”). The comments tend to be positive in nature and praising the quality of our writing, but they are just being nice to improve the chance that we’ll publish it and their link.

The way that Web Analytics World works doesn’t allow for profile spam (not posting but creating a user profile which features a link to the site) but we do get our share of comment spam. I’ve grouped it into three types:

Single post – the most common one for us
Multiple – adds comments against a range of blog posts all pointing to a single site, or more often linking to all manner of sites from car maintenance to concert tickets
Serial – hadn’t seen this one a lot on Web Analytics World until early summer when a spammer/bot decided that our readers would really appreciate links to gaining false identification documents! ….and now the same comment regularly appears in our spam catcher.

I’m surprised that spam comments still happen, given the advances in technology on sites and search engines. What’s even more surprising is that some businesses actually pay for this “service”! On occasion the companies are unaware that their internet marketer has included comment spamming under the activity of improving traffic. There are others that see this as a valid tactic so if you allow user comments you should have a plan for handling spammers.

Approaches to spam comments

You shall not pass! – Not allowing any comments is a drastic step to take and it cuts out the opportunity for user interaction however this can be a suitable approach for older posts or if you provide a discussion area on your site and it will reduce the time you spend on moderation.
Everything in moderation – Manually approving comments before they are published on your site and spot checking older comments (when you allow users to log in and edit what they’ve written) are all time intensive but do help to protect the integrity of your site.
“There’s an app for that” – User registration, CAPTCHA anti-spam plug ins, no-follow links, blacklisting IPs, URLs or keywords, auto-moderation on comments with 2 or more links. Isn’t technology great? Just be sure to monitor your comments once you’ve activated any automated tools as you may find the number of valid comments drops through false positives or an unfriendly/time consuming posting process.

What do we do?

At Web Analytics World we use a mixed approach with human moderation and technology. We use Askimet to catch comment and trackback spam and all comments are approved by the team before they are published on the site. The downside on this is that comments don’t instantly appear, but if it is a genuine and valid comment it will be published.

We may alter our tactic in the future but so far we’re happy with how it’s working. How about you? – We’re keen to hear about your experience with comment spam and any hints or tips that you can share with our readers.
Comments