By now, most WordPress.com bloggers will have found they now have the ability to flag a referrer link as spam.
WordPress.com, the free service that hosts WordPress blogs, quietly rolled out the new feature on February 21 in response to a two-month deluge of referrer spam, all generated by one website.
The website, semalt.com, was raining spam disguised as post views down on thousands of blogs, not just those powered by the WordPress content management system (CMS).
It wasn’t exactly a reign of terror but it still left bloggers curious, worried, and ultimately pissed off—the spam hits were skewing everyone’s traffic stats!
What’s a referrer link and what isn’t?
Referrer links are records of visits to your blog that have identifiably come from another website, perhaps a search engine such as Google or another blog that linked to one of your posts.
They are both a measurement of traffic to your blog and a kind of breadcrumb trail you can uses to check out the original referrer websites.
Not all referred page views are recorded. Visits by the software agents used by search engines to index websites are deliberately masked so they don’t increase the legitimate views of your blog by actual human beings.
What’s a Semalt—a Russian phish?
Semalt has been hijacking the referrer link system to seed the blogosphere with a daily shower of junk “referrer links” that look like views of actual posts but are actually just links to the same login page of semalt.com. The page features a headline to the effect that it’s easy to understand what was going on with your rankings on Google. To learn more you need to register.
Semalt is selling some manner of search engine optimization (SEO), the Holy Grail of Webdom: how to be number one in Google’s search results. If you sign up, you can get a free, seven-day, trial of their services.
Beginning in late December 2013 a curiously named referrer link began showing up in bloggers’ traffic stats:
I received 30 of them one day at the end of December 2013. Each was pointed at a particular post. Then it seemed I was getting an unusual amount of what looked to be Russian search engine hits within that group of 30 posts. Some days I received a Semalt competitor review link, other days it was as Semalt crawler but it was still Semalt day-in, day-out. Annoying.
Soon the web was full of questions, then concerns, and then anger. No one could prove there was any danger to Semalt’s shenanigans but there were concerns.
One blogger who followed the breadcrumbs back to the spam semalt.com page noted how the page loaded “counter.yadro.ru.” Yadro is a Russian adverting company that is closely associated by some Internet security firms with spyware. They have also been directly connected to trojan malware by Symantec.
It was often suggested that Semalt was phishing—trying to suss email addresses or any other user information it could glean from unsuspecting bloggers who followed the referrer link.
Every blogger wanted to complain to someone. WordPress.com users were looking to WordPress for a solution and WordPress explained they were working on it.
Some bloggers pointed out that Semalt’s methods of apparent self-promotion went against Google’s rules—that they were using a so-called black hat technique to increase their Google page ranking. We bloggers could complain to Google. Through their Webmaster tools we could report “misbehaving” webpages.
The blogger who was smitten, then bitten, by Semalt
In the midst of all this, one blogger who’d written an open letter to Semalt and signed up for the seven-day free trial, received a reply from Semalt. The blogger posted the letter, which began:
“To begin with Semalt (http://semalt.com/) is not a phishing or spam site, but a professional keyword ranking monitoring service that has nothing to do with CIA, NSA, Snowden, Masonic conspiracy or the World Evil.”
Apparently Semalt was sugar and spice and all things SEO. That was that, right?
The blogger’s site was subsequently and mysteriously shut down for a week by WordPress.com. No word on why, but when it came back to life the site header included the tag line “…Oh yeah f**k you semalt.com.”
I didn’t bother complaining to WordPress.com and I pointedly didn’t post anything about Semalt (as if I wanted to give them more publicity). Instead I emailed Alex Andrianov (firstname.lastname@example.org), senior sales manager at Semalt, and asked to be taken off their merry go ’round (fat lot of good that did; I think their visits to my site actually increased). I also filed a report with Google accusing Semalt of using referrer spam.
Too late to make a long story short but…
It turns out WordPress was working on it. I don’t know what happens if I click the flag to designate a URL as spam but I do know I’m no longer seeing semalt in my stats—at all. Either WordPress had a “chat” with semalt, called in a drone strike on them or—more likely—they are filtering them; either blocking their traffic from entering WordPress.com airspace or just masking their visits.
Either way, thanks WordPress. No thanks, Semalt!