The War Against Blog Comment Spam And How To Gain The Upper Hand

Blog comment spam… What exactly is it?

How do you know whether you have become an easy target?

How do you stay ahead of the comment spammers?

Spam in blogsI decided to put this guide together for two reasons which I will outline below but first let’s look at what blog comment spam is and why it has become such a major issue.

Blog comment spam is sometimes called spamdexing, comment spam, spam in blogs and a number of other variations on the same theme.

The reason why it exists is purely because of the value of links in SEO. One of the most important aspects of gaining good results in the search engine results pages is having a large number of back-links pointing at your website. These are seen as votes for your site by Google and the other search engines and are therefore counted as a powerful factor when allocating positions.

So, obviously the more links you can get the better your site will do (I have used an over-simplification here to avoid a full search engine optimisation explanation – you can read a fairly comprehensive explanation here)

Unfortunately when it comes to working online many people prefer to find ways to circumvent the safeguards which have been put in place to protect the integrity of the search results. By using “black hat techniques” many marketers break most of the compliance regulations in order to avoid the large amount of manual work and the patience required in implementation of “white hat SEO” techniques.

By sending massive amounts of automated spam out across the web with the attitude that some of it will “stick” these cowboys become the nuisance that we all have all grown to seriously dislike…

Google made a major change way back in 2005 to address this issue. By adding a nofollow attribute to links from comments and trackbacks the theory was that this would discourage automated blog comment spam as there would no longer be any SEO benefit from the comments. Google’s post is here:  Preventing Comment Spam.

Unfortunately there are millions of blogs which do not have the nofollow attribute (we voluntarily set our comments as dofollow in order to reward real comments but understand that we need to be more vigilant about spam because of this decision).

Blog spam software launches millions of comments per day at the web and the main problem is with the number of blogs where the owner auto-approves any comment. It is not unusual to find a blog of very low quality which has thousands of spam junk comments per post… Uggh!

Fortunately Google seeks out websites which have a disproportionate number of these low quality comment based links and penalises or even bans the websites which are using these techniques. Frustratingly though, it can take a while for them to identify some of the perpetrators and so ethically SEO’d websites can be relegated below the cowboys for periods of time.

The two reasons why I have created this guide?

#1 We are constantly batting away blog comment spam here – I am sure we will get a large number of spam comments on this post which we will have to identify and delete. If we can help others keep the spammers at bay we at least are making a small contribution to making the web a better place.

#2 I had a very interesting conversation with a local “black hat SEO” a few weeks back. This was after I had completed an evaluation on a website. This evaluation led me to a range of totally non-compliant websites created with masses of duplication and highly dubious linking strategies involving scary comment spam automation.

I will talk about #2 first. When I examined the link profile of one of this guy’s client websites I was pretty horrified by what I found.

Following the back-links to his site I found a large number of sites where he had picked up links. It was like that scene in The Matrix where Keanu Reeves first sees the world as it really is – large ugly robots tending to a crop of human battery cells!  This ugly online world was rampant with robot spam from sites promoting porn, casino, Viagra, fake Rolex watches, pirate products, ponzi schemes and every other dodgy online activity you can think of!


Plus links from automatically approved web directories in Russian and Chinese with tens of thousands of spam links and abandoned blogs with comment auto approve set in place and thousands of barely intelligible comments with anchor text phrases which I could not publish here…

Not really the sort of sites any business with integrity would like to be associated with.

This should give you an insight into the ethics of the comment spammer – fast, non-compliant, automated, lazy and unethical!

Now… how to recognise whether you are a comment spam target.

Anyone with a blog is a potential target – and many get suckered into approving automated spam simply because it seems so genuine and  at times, complimentary. If you approve these comments you will get more and more flooding in – guaranteed!

The very first thing you should do is to install Akismet. Akismet has “zapped” more than 40 billion spam comments so far… yes you read that correctly – 40 billion! Akismet took out 7,000 spam comments from our site in only a few months.

The next thing you should do is to add a reverse Turing test to comments – this is the CAPTCHA form which asks a commenter to identify a distorted series of numbers and letters in order to post a comment.

Trivia: CAPTCHA is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart – hahaha excellent!

You can be certain that some comment spam will still make it past these filters and this is how you can identify it.

Common spam comment formats:

  •  Any short comment that says “Great post. I really enjoyed this” or any other short complimentary submission.
  • Any comment which says “I have bookmarked your site and will return”
  • Any comment which says “I have recommended this site to my brother, work colleagues, followers…”
  • Any comment which says “What sort of website are you using? I really like the design…”
  • Or this one “I disagree with what you said in the second paragraph…” without stating what it actually was
  • Any poorly spelled and grammatically incorrect comment is likely to have been put through a content spinner and the synonyms are clumsy or just plain wrong
  • Any comment with links in it
  • A comment written entirely in another language
  • A nonsense series of letters – Duh!
  • Any comment which talks about how they have been looking for a post exactly like yours but fail to address any point you have spoken about

Basically, if the comment does not mention anything you have written about it will almost definitely be spam. So, put away the ego – those comments praising your incredible writing skills are coming from robots! You could be almost illiterate and still be receiving high praise for your authorship!

Once you have taken these ones out there are a number of more sophisticated spam techniques to look out for.

Here are some of the goodies I have come across:

  • a comment which is a sentence or two taken from your actual post – this is pretty smart as it may be a little while since you wrote it and the comment sounds good enough, you wrote it originally after all!
  • This one I like (Not!) – a comment which is copied from a previous comment! If you have many people commenting on your blog it is going to be difficult to remember all of the previous comments particularly if only a sentence of the original comment is used.

I have had to trawl through to clear out a few of these ones after originally approving them.

And this one is the most sophisticated one I have come across so far.

It escapes all of the filters we have in place.

The software is able to target only search engine optimization related posts.

The comment is intelligently thought out and could easily be a real SEO comment.

Check this out:

Blog comment spam

Click on the image to read the comment.

Why was I suspicious about this comment?

Even though it was well written and seemed to be congruent with what I had written about, I had a niggling feeling that something was not right. My initial thought was that it may be lifted from a search engine optimization blog post somewhere so I thought I would check around to see where else it was published.

To do this I put quotes around a sentence from the comment like this :

“Generally, SEO can be defined as the activity of optimizing Web pages or whole sites in order to make them more search engine-friendly, thus getting higher positions in search results.”

(you can do this to see where any content appears elsewhere online – the quotes mean that only results showing the exact same words in the exact same order will appear in results)

And guess what? This exact phrase match features over 20,000 times on the web!

Don’t tell me that this hard working SEO  has meticulously submitted or published this piece of content over 20,000 times?

Of course not!

This is a very clever version of blog spam and is one that I have not encountered before (or maybe not noticed). The spammer has managed to harvest 20,000 links so far from blogs, forums and from publishing the same piece many times on SEO websites (mainly in India).

With this particular comment a UK company has the link. I am sure that the insurance related business which has hired the Indian SEO company, either directly or through a UK SEO supplier, would be disturbed to think that their name was associated with comment spam.

And this is the thing…

I have seen many self-proclaimed ethical SEO firms outsource a large share of the hard link building graft to cheap SEO companies elsewhere – and this makes sense. But there have to be checks and measures on how these companies are getting the links.

It is perfectly OK to publish a piece of content on multiple sites which you own with a link to a client’s website. This is totally compliant  in SEO and is beneficial to the client. Your content is not going to crowd the search results anyway as I explained in this post on duplicate content problems.

What is not OK is the spamming of blogs and forums using automated means.

If you use the tips I have outlined above your blog will be a lot more interesting as only genuine comments will make it through. A great blog has great comments which discuss aspects of what has been posted. Sometimes it is hard to distinguish the good from the automated but if we all do our best we can do our bit to make the web a less frustrating place.

Have I missed any sneaky blog spam techniques?

Let me know by leaving a REAL (human) comment! 🙂




About Mike Morgan
Mike Morgan works with innovative businesses in New Zealand and Australia developing custom web marketing strategies integrating SEO, Content Marketing and Social Media Optimisation. When not in front of his screens you will probably find Mike walking on beautiful Ohope Beach with wife Midge and doberman Cooper. Follow Mike on Twitter here and


  1. Hey Mike! So how can you explain why Commentluv gives the automatic feeds/links of the commentors? Can you say that they support spamming too?

    • Hi Dell,
      CommentLuv is a great way to promote your content when you leave a “genuine” comment. Blogs allow you to add your website to a comment anyway so CommentLuv just enables a commenter to identify which post gets the link juice – not really supporting spammers but sometimes taken advantage by them. I am guessing that most people who take the trouble to install CommentLuv would be vigilant in filtering out spam.
      All the best

  2. Bettina143 says:

    Very well said Mike! What can I say? Spammers are hard to distinguish. Reading this post give me the ideas how especially for the comments copied from the search engine…

    • Hi Bettina,
      You’re welcome. I am already getting spam from the same people I spoke about in the post. This time it is copied from a forum online and relates to referrer data in analytics. And it has the same link to the UK company… unbelievable!
      All the best

  3. Lately I had a huge problem in my blogs, receiving pings/requests/spam or whatever that were stopping my dedicated server to work correctly.

    I’ve solved in many ways. Consider that my server load was 20 times the limit for normal load (it’s huge), and now it’s back in normal state. Anything is very very fast now!!

    ok, what I’ve done. I installed a firewall with filters to block users sending too many requests. and at the same time I installed “Bad Behavior”, which is the name of a WordPress plugin. This plugin stops IP addresses even before they send a comment, so even before Akismet can catch them!! huge, wonderful, great plugin 🙂

    • Hi Manuel,
      Thanks for the WordPress tip. I will definitely give Bad Behaviour a try. WordPress plugins are brilliant – a plugin to cover every problem. Have you found many legitimate comments have been identified as spam? Akismet tends to do this a bit.

      Part of the difficulty with spam and why it is so prevalent are attitudes like the one of the black hat guy I spoke to. He thought that everyone else was naive and he knew how Google really worked. So he sends out hundreds of thousands of blog comments and contributes to the shocking amount of Internet pollution but as long as he gets links of any quality he doesn’t really care.
      Appreciate your input.
      All the best

  4. I’ve received all of the above spam and none has ever got past me. Trust your instinct. If it feels remotely wrong, it is. And the IP addresses are often India, the Ukraine etc. The spam out of the UK is harder to spot, but again, it has a repetitive style, often along the lines of SEO imporvements and link trading. I love the weeping widow from the Air France crash spam, the National Bank of Burkina Faso waiting for me to claim my inheritance thanks be to God, and Miss Ophelia Grant foreign nationality of Indonesia whose parents have gone to glory and she has 100kg of gold waiting in a bank in Ghana. I laugh like a drain.

    • Hi Heather,
      The really obvious ones do make me laugh! But they are counting on hitting a few un-moderated blogs and unfortunately there are plenty out there. I have noticed an increase in sophistication though which is concerning. It did make me smile when the same people who I identified left an automated comment on this post though – ironic really!
      Thanks for taking the time.
      All the best

  5. Heh, dont know why i just smile when i read the last line of your post: “Let me know by leaving a REAL (human) comment!” 🙂
    duh, as i webmaster myself, i hate it very much when someone leaves meaningless automation comments on my blog, i feel likes what i’ve done with all my heart was not respected. i’ve been on the internet for a while and sometimes i saw people selling such stuffs like “comment scrapper” (guest the guy you mentioned above used this), or “auto posting software” (which caused some forums or blog spammed to death if it is not well administered). This is such a same for what called “SEO”.

    • Hi Alex,
      Yes, I agree! When the spammers get busted and they get their client’s sites penalised or banned it hurts all other SEOs. Black Hat can be so frustrating – I have had a post stolen and stripped of links then published on a site with thousands of pages of ripped off content – this content then drives traffic to get clicks on flashing ads… ugly! The process you have to go through to get the site taken down is long and frustrating. Appreciate your real (human) comment Alex!
      All the best

  6. Hi Mike,

    I had exactly the same post from ‘Crystal’ about the SEO on one my personal blog a few days ago. I have captcha installed and the blighters STILL posted! I get relatively few SEO spammers – usually one every couple of days and then a wave of about 10 or more from the same IP on the same day.

    Today’s comment spam was from a site promoting Odesk as an affiiiate. I’ve got a good mind to report this person to Odesk.

    Anyway, whilst I’m ranting, I thought I would ask about Twitter spam. I hate it. Do you have any tips for eliminating those insidious little sods?

    • Hi Amanda,
      Wow! Amazing how far reaching this particular spambot is – 20,000 successes and counting! Crystal has been back (this time named Louise) with a comment on this very post about referral spam – Ha!

      How to get rid of Twitter spam? I assume you mean those great @messages which come from a user with no photo and no followers sending you a link. All I do is click on their name and “Report Spam” when their profile comes up. If you mean DM spam I gave up on DMs a long time ago – about 1 to 100 ratio real to spam – not worth my time.

      Thanks for letting me know about Crystal.
      All the best

  7. One of the reasons I had to put all those filters is that I receive tons of GET requests… not httpd, but GET, means bots harvesting my blog. and it’s not nice.

    so, how do you recognize good bots from bad bots? it’s impossible, unfortunately you have to put filters to stop all of them.

    the filters are configured in a way so humans can easily read your site. Anyway, if you want to check my blog, please do and you can see also if anything works (and tell me if you can surf my site).

    yesterday I’ve been blocked by my server firewall because I was too fast jumping from one page to another of my wordpress admin, but I think a normal human don’t need to jump so fast (I was making very fast setup of different plugins).

    so now I work “slow” hahaha, but I won’t stop the filters.

    • Hi Manuel,
      Thanks again. No problem with getting around your site – I guess the balancing act is trying to keep out the spambots while encouraging frequent visits from the search bots. By having blogs and a forum your site is probably even more attractive to spammers – two chances of getting through the defences.
      All the best

  8. I do hope that there will be a tool on how to prevent spammers. Its been a big problem and lots of discussion to be made on how to distinguish a spammer or not but its a matter on how the admin made a decision if he/she will accept the comments.

    • Hi Vernon,
      Thanks for visiting! The anti-spam tools are flat out keeping up with new spam techniques and each time they snare a new one another spammer comes along with a way around it. This is the way of the web!
      All the best

  9. most of the times it is confusing to know weather a comment is generic of from a true id.
    These days the commentors have been smarth enough to read a parap from the blog post and post something relevant over it ..

    • Hi Lisa,
      I am OK with people who bother to read a post then leave a comment related to it. It is the automated robot spam I have an issue with.
      All the best

  10. It’s annoying when you get those comments that are obviously spam, especially when you are starting out and you desperately want some genuine comments. The only thing that will stop it is if we are vigilant and moderate properly so we can cut it out.

    • Thanks Matt,
      Some of the spam comments are so complimentary that for a new blogger they feel that people out there are really loving their content. It’s a bummer when they realise it is just auto spam and that every site gets the same compliment.
      All the best

  11. Hi Mike,

    thanks for your post.

    Commentspam or other spam is…. horror!!!!!!!!!!!!!!!

    In last weeks, i visited many sites, and they use commentluv. This is a great plugin for commenting. This is the basic for interesting discussion and interacting with the readers. it`s great for building a community. But to many spammers “missbrauchen” ( sorry, i can`t say it in english) this way for setting spamlinks.

    I start with a blogspot blog and there is a tool to filter spam comments.
    On my blog, i had a comment, and i think… oooooh great, he loves my blog… so, it was spam 🙁 it is sad, because i write with quality and i hope the people really like my site.

    So, thanks for sharing this post and i`m sure… i`m not a spammer 🙂
    i visit many sites for learning more about the online business and i`m thankful for all your tips.

    with best wishes and greetings from good old germany. Sandy 🙂

    • Hi Sandy from “good old Germany”! 🙂
      Thanks very much for your (real) comment. Glad you enjoyed the post (I had to look up missbrauchen). I do like CommentLuv as a plugin – it is a way to reward people who take the time to read your stuff and take a minute or two to create a real response. If you keep writing quality, unique content you will gradually grow an engaged audience. Keep up the good work!
      All the best

  12. Thanks for the discussion on spam. Dealing with comment spam on my new blog is a daily, on going battle for me. Being new to blogging I have been take aback at the level of abuse that goes on. Hopefully some of your tips will be of help to me.


    • Hi Ellie,
      Welcome to the world of black hat SEO! 18,000 spam comments removed by Akismet on this site as at today! I hope that the tips I gave will help you repel some of the junk!
      All the best

  13. Some of the spam comments are so complimentary that for a new blogger they feel that people out there are really loving their content. It’s a bummer when they realise it is just auto spam and that every site gets the same compliment.
    All the best

    • I agree totally,
      I have had clients whose blogs are littered with “Great post! So awesome I have bookmarked your site to come back often!” comments… Unfortunately this same comment has just randomly hit 5,000 other blogs! Frustrating really! If the commenter does not reference any part of your content, it will almost definitely be spam!
      All the best

  14. Spam is a serious pain. I remember around 1995 before there was much spam at all. When it started there was an outcry. Heathens contaminating the temple of knowledge. Slowly there was a deluge and email antispam became a necessary skill for every sysadmin. I’ve only recently learnt about what people do with SEO to game Google. Utter pollution. No value other than as a statistic in a search engine algorithm to help drive people to a “money page”. It is disheartening. I am starting a blog on my site and I dread having to sift thoruhg mountains of comment spam. Thanks for the write up. It was helpful.

    • Thanks Don,
      Appreciate the feedback! I can’t believe the number of so-called internet marketing success programs that teach people how to spam. I visited a site yesterday that recommends writing one keyword stuffed post, putting the post through an article spinner to create 250 junk posts and setting up an auto-post to post a new unreadable blog post 4 times a day! And for what? Who would stick around on a site loaded with gibberish? Or buy anything from it? [shaking head in disbelief]
      All the best

  15. Thank you, thank you , thank you for this post, Mike! It’s highlighted alot of things I was concerned about. My blog, too, was a victim of comment spam. Being a careless blogger back then, I merely approved almost every comment that came my way… soon after that I had to have it shut down as it got attacked. A virus attack? A hacker? I don’t know until now. Is it possible for spam comments to carry a virus?

    Would appreciate your reply.

    Best Regards,

    • Hi Bonnie,
      Yes, I am sure the links left in some spam comments lead to places you would rather not go. I watched a notorious local comment spammer get hit by a particularly nasty bit of malware recently – hard to feel any sympathy really.
      All the best

  16. Hi Mike,
    I came across your post while searching for a way to fight all these spam comments on my blog.
    You spend most of the post explaining how a human can detect spam when manually reviewing comments.
    Actually this is very easy if you have seen thousands of them: You simply KNOW after less than a second if it is spam.
    But my problem is not that I don’t recognize spam when I see it but how to find an automated solution to delete them even before I see them.
    I simply don’t have the time to read through thousands of spam comments each day. It is a waste of time. The spammers are using automated tools. We (blog owners) can’t win if we are fighting them manually. We also need some automation.

    Initially I thought of getting a plugin or something that would simply delete ALL comments containing links automatically.
    But then people couldn’t place genuine links.

    So here is what I would suggest:
    – delete all comments containing links with anchors! (Noone uses anchor texts but spammers. If you really want to give a recommendation then link using the full URL)
    – delete all comments with a name including a space (This is for the spammers that put the keyword in the name field. Usually the keyphrases are more than one word where names tens to be one word only.

    I guess this would eliminate 99% of the spam.

    If there was a plugin that did exactly what I described I would even be willing to spend some money on it.


    • Hi Stefan,
      Have you tried using Akismet? It has removed 18,000 spam comments from our site in the last few months! As far as eliminating names with a space I often comment as Mike Morgan so this would dump my comments so I probably wouldn’t support that measure. As far as links in comments go I won’t approve any comment with a link in it. CommentLuv allows for one and that is enough. Most comments with links are filtered out by Akismet anyway.
      Thanks for taking the time to leave such a great comment.

  17. Jaya1672 says:

    Yes this is so true… Spamming is one of the pain in my neck. Thank you to Bonni for asking the same issue as mine, regarding the comments bringing some virus. And thank you Mike for the clear answers. Now I am more aware of this.

    • Hi Jaya,
      Glad you found the post useful! The comment spammers are so resourceful – we will write an update soon with some fresh examples to look out for.
      All the best

  18. Hi Mike, I enjoyed your blog. I remember when I first started blogging being flattered by a flood of compliments on my writing ability. I soon realised I wasn’t that great. 🙂 Like you said, Akismet is very effective.

    • Hi Andrew,
      I think there should be a warning when every person starts a blog – “If someone says they love your work but doesn’t say anything about anything in your post, as complimentary as the words may be… they are coming from a robot! Delete forever!”
      Thanks for visiting

  19. Human moderation? Catchpas? Akismet? These are 1) expensive, 2) discourage commenting and 3) at best a good start.

    Blog comments are just one type of social spam. I’m also seeing Facebook, Twitter and Forum spam which similarly requires human intervention.

    Thankfully Gmail, Yahoo Mail and corporate email systems have decent anti-spam solutions. I want to believe there is some degree of overlap to these problems and there will be an automated and highly accurate solution to this problem soon.

    I have to believe that the principals from email spam

    • Hi Bill,
      Hahahaa > “3) at best a good start”! Spam is everywhere – I read a really good post recently which said that it is our responsibility – all of us – to fight the good fight! That means every time you get an email, message, DM, mention, post, comment or any other nasty, desperate attempt to spam you – report, block, delete and use any other means necessary to say “we don’t want this crap taking up our valuable time!”
      (BTW Akismet is cheap as chips)

  20. some good tools for fighting these issues are disqus and livefyre

    • Hi Brett,

      Thanks for the suggestions – so many high traffic blogs are being spammed that Akismet and captchas are not enough. Points systems based on real profiles seem to work at present but for how long? But I agree about Discus and Livefyre being good options.

      I have found that Intense Debate works pretty well too.


  21. The spammers want links to their websites. The fault lies with so much blog software which posts these links automatically.

    The ingenuity of spammers is impressive. Captchas were thought to be the answer but now a whole industry has grown up to circumvent them, other systems will no doubt come along and be cracked in their turn, and most blog owners don’t have the technical expertise to run one-off antispam systems. The answer lies with the guys who provide the CMS code; stop providing links and the spammers will stop trying to steal them. Simple.

  22. Some good tools for fighting these issues are discuss and live fire. Thanks

    Jaipur Plot

  23. This is a really interesting post actually, but you can protect your blog with things like captcha etc.

Speak Your Mind