Spammer Alert: GoodFinance-Blog.com ~ Any Insights Into What They Use? How to Block Them?

Every single day for months now, goodfinance-blog.com spams GrowMap and every day I delete every one of their comments.  That site hasn’t published a new post since February 15, 2010 but they spam this and probably many other blogs almost every day.

Do they have a perpetual spam comment machine?

Click on the image below to see the details full size. 

SPAMMER: goodfinance-blog.com

SPAMMER: goodfinance-blog.com - click image to see full size

I am sharing a screen capture of their latest spam comments in hopes someone knows how to tell what they’re using.

We need to know if these are being manually left and they’re using some tool that randomly changes the author and email address or they have found some way around the GrowMap anti-spambot plugin and Simple Trackback Validation plugins we’re using.

Thanks for any insights anyone has on how these
comments are generated or how to block them.

What we really need is a separate way to blacklist and delete OR block these types of spammers.

THAT site is an excellent example of how NOT to blog.

If by some miracle the person or people behind that blog have alerts set up and read this post, this message is for you. You are a thief. You are stealing our most valuable asset: our time.

If you have a conscious you will stop doing this and learn how to blog and comment ethically. If you don’t stop you don’t have one.

The following two tabs change content below.

Gail Gardner

Small Business Marketing Strategist at GrowMap
Creator and owner of GrowMap.com, Gail is primarily known for mentoring small businesses and encouraging bloggers to join collaborations to share skills and support small business.

Comments

  1. my friend has the same problem..it’s like a pesky weed that never dies according to my friend..it’s annoying to have this kind of spammers.

  2. as i have observed..spammers are getting smarter everyday..they get creative and pass through your security..:(

  3. Hello
    That’s a little bit difficult to avoid spammers today, especially taking into account that this site exists for a long time. .thanks. .

  4. I didn’t read all comments, only the post (article).

    I’d like to comment the phrase:
    “We need to know if these are being manually left and they’re using some tool that randomly changes the author and email address or they have found some way around the GrowMap anti-spambot plugin and Simple Trackback Validation plugins we’re using”

    Spambots work being operated (configured, adjusted, etc.) by human operators (spammers).
    Spambot is just a program (script) automating operations that spammer would have been otherwise doing manually.
    Programs, uncontrolled by humans, are called viruses

    When a resource is interesting for a spammer or directly ordered by a client and something cannot be done with the help of bot, for example registration, then it is being done manually. For example, human can answer questions of Q&A CAPTCHA, put it into database and continue spamming with bot.

    If a spambot is completely useless then completely manual spamming is being done.

    It is irrelevant if antispam protects against spambot or not. Spam is being done by humans with the help of bots and without

    I think it is wrong approach searching for “silver bullet” to protect against spam technically.

    As far as both business pays spammers and engage itself in spamming techniques and users are tolerable to it eventually financing spam approaches , it is senseless to fight with consequences

    Spamming is not technical problem but social and criminal one and should be solved by corresponding lines by lawyers, law elaboration, ethics/moral norms application, law enforcement, etc.

    Spam is caused by how businesses work on the internet, it is not spammers who establish, finance and support the rules of the game

    You’ve done more for fighting spam by publishing one this article than by convincing 500 owners of blogs to use an antispam plugin, whichever technical miracle it could have been at the moment of this writting
    Gennady would love you to read ..How Much More Time Is Enough to Wait WordPress.com Support After 6-weeks Waiting?My Profile

  5. Wow! Incredible unfolding in the comments on this one, I can’t even remember the post itself after reading all those!

    Aha. Just went up and refreshed. Yup, I’ve had these f&*%#@s spam me daily for the last week or two. As discussed IP blocking is no good. I will look at how to block that domain.

    Stopping comments containing the words ‘goodfinance’ is no good because it blocks all comments containing the words ‘good’ and ‘finance’. And I like the word good, especially when it appears in comments on my posts.

    Anyway, I don’t have any more solutions except to break my usually gentle stance and offer to give these spammers a slap, if anyone can find me their real address! Not very PC, I know – but you’re right Gail, they are thieves.

    Which means (depending on which culture you’re in) that they should have their hands cut off. Ok my rant over.

    Thanks for bringing this to light Gail. We will out evolve them, step by step. We have to.
    Jym would love you to read ..Blog Post Length – How Long Should A Blog Post Be?My Profile

    • Hi Jym,

      Thank you for taking the time to comment. I’ve been chatting with Mitch Allen and others trying to find a solution that will lock these time thieves out. Everyone is welcome to suggest ideas.

      I’ll be in touch soon to invite you into a private, invitation only forum for influential bloggers who are making a difference. It will be similar to what we started in the lost SBC forum but even better so I do hope you’ll join us.
      growmap would love you to read ..How to Succeed by TIMING the Sharing of QUALITY Content When Others are Most ReceptiveMy Profile

      • Thanks Gail, I’d love to be involved.

        I’m also open to any suggestions. Am currently considering moderating the initial comment from any given user, since I’m checking most days it would seem like a feasible option.

        I’d rather leave the gates open of course, if anyone can come up with a better solution!

        It just seems to me that as spam protection evolves, so does spam. We could well be playing this game for a long, long, time…

        Hope you’re having a great holiday time Gail. Happy New Year!
        Jym would love you to read ..Blog Post Length – How Long Should A Blog Post Be?My Profile

  6. New spam are only block.because older spammer are some times better blogging.After all they are many time block and they are efficient next time.

  7. I’m new to blogging. For the first time I’m seeing such a spammer. Made me realize the meaning of spam.
    Nirmal Kumar would love you to read ..Vedanthangal Bird Sanctuary Bird species and Sanctuary TimingsMy Profile

  8. thank you for sharing this.
    I myself have problems with spam comments on my blog. I do that I ip blocking it helped a little, but spammers will always be there and is not to get rid of.
    klaus would love you to read ..iPhone 5 bliver udrustet med 4G LTEMy Profile

  9. It’s scrapebox, is it?
    Commentluv has become too popular. Probably when Andy changes it they will directly start working to break the new security.
    But Andy is a very smart man, so hopefully he will find a way to fix it that they can’t break too fast.
    Danny would love you to read ..Poulan Pro PP446ET 8-Inch Gas Powered Pole Chain SawMy Profile

  10. I’ve been flooded with spam mails, and I have hard time to find solution for this, I did not even think that I could just block its IP address glad I read your post… thank you for sharing it helps me bigtime!!
    JES would love you to read ..JES’ New Collab With Cosmic Gate “Flying Blind”My Profile

  11. Ohh that is ridiculous… I don’t know who they are trying to deceive! I wonder why Google hasn’t already de-indexed it!
    Talha would love you to read ..Photoshop Borders TutorialMy Profile

  12. I see you already got your answer; but I would suggest that they are using scrapebox as well. It looks to me like they were taken down rather than giving up. This is a bit extreme; but installing a captcha box where you have to actually click to display the picture will stop them dead in their tracks.
    Frank would love you to read ..Elance, Get Paid to Write Articles, Develop software and Build WebsitesMy Profile

    • Hi Frank,

      Until Scrapebox found all the traps in CommentLuv spammers were stopped just fine by GASP and I have no doubt Andy will stop them again.

      The checkbox (and hidden traps that spambots fall for) is a better solution than captcha because of several inherent problems:

      1) Some are nearly impossible to read and only a commenter who REALLY wants to be heard will keep refreshing and trying to get them to work.

      2) Sometimes even if you are entering the correct captcha it keeps telling you that you are not. The cure for that is usually to delete all related cookies – but if my readers who are mostly technically savvy bloggers don’t think to do that the odds of the general public knowing to do that are slim.

      Both of these issues mean you are keeping your readers from commenting and I don’t know about anyone else but where I don’t have a voice I don’t read or share either.

      Good to see you’re using CommentLuv on your blog. I’ll make a note to start adding you to my many lists (if you want to be on them). Read my Top Marketing Blogs post and my post about Updated DoFollow CommentLuv Lists for details and leave comments in those posts if you want to be included in what I’m doing.

      I would love to have you read a post I recently published about comments. I’ll put it in CommentLuv in this reply. I know you don’t like keywords used in your own blog, but I feel differently and invite you to use them here. See my post about for why they’re important.
      growmap would love you to read ..For Bloggers Who Hate Comment SpamMy Profile

  13. Francoise says:

    Until now, i can’t figure it our why do spammers do such activities. What are their reasons and how can they earn from it? I hope somebody can answer it.
    Francoise would love you to read ..My Arowana Is Not Eating No Matter What I Do !!!My Profile

  14. That’s a little bit difficult to avoid spammers today, especially taking into account that this site exists for a long time
    BuySellWordpress would love you to read ..WordPress ThemesMy Profile

  15. Unless you think any real readers might say the word “loan” or “loans” in a comment, I would try adding that term to your blacklist.

  16. Hey Gail, not sure. I know I’ve chatted with others on Yahoo before but who knows. I should probably download skype as I’m probably one of the only marketers left who doesn’t use it! LOL

    My email address will be the same for that.

    Also it seemed to take them several months to catch up to Gasp so perhaps even a small change in the plugin will keep it clean for several more.
    Just need to build in a rotating security feature that changes every few months! LOL Checkbox this month, question the next, and long division the following! ;)
    Warren would love you to read ..Having a Can-Do attitudeMy Profile

    • Hi Warren,

      Actually I believe it took them a lot longer than a few months – and this time around maybe Andy will make the spambot traps change randomly. That could defeat them for quite a bit longer.

      I wish these thieves – and that IS what they are – people who STEAL what is most precious to us = our time – would get a life, but I know they won’t because they’re too selfish to care about anyone but themselves.
      growmap would love you to read ..Blog Post PromotionMy Profile

  17. They are using Scrapebox to blast out their comments. Blocking their IP won’t do any good as it rotates Proxies faster than you can block them. I’d suggest adding one of the words their domain uses like “Goodfinance” to your list of words not acceptable (usually used for abuse words but anything will work) its under wordpress settings in discussion and it’s called “Comment blacklist” Should solve your problem instantly!

    Let me know if you need any more info, but I think that will fix it.
    Warren would love you to read ..My Year End Twitter BlitzMy Profile

    • Hi Warren,

      Thank you very much for sharing that. I’ll add the use of Scrapebox to my list of what not to do and whose blogs to blacklist.

      I already have them in my blacklist and they go into the spam folder. The problem is even though I deleted Akismet WORDPRESS is still putting my regular commenters into that same spam folder so I have to moderate all that crap.

      Automattic clearly does NOT want to let us easily distinguish between real comments and spam crap. They want to be able to silence some people at will and personally I believe they are selling the ability to get your spam junk through Akismet. That is the only logical explanation of how much objectionable spambot crap they let through – although no doubt they will claim those spammers just haven’t been flagged yet.

      What I would love is a way to blacklist and automatically DELETE who I want to block and NOT have WordPress putting people I want to whitelist into the same bucket with the spammers. Any suggestions on the best way to do that? A plugin maybe?
      growmap would love you to read ..For Bloggers Who Hate Comment SpamMy Profile

      • Sadly no matter how many times I tell wordpress a comment is Spam, I keep having to do it daily with the persistent ones. Just as the opposite is true. I have legitimate users who comment regularly end up in my spam folder for no apparent reason.

        I’ll usually try blocking the IP in Cpanel first for those spammers who have yet to discover proxies. (or the ones who can only afford a few) If that fails I’ll try adding their domain to the comment blacklist.

        Talk about a winning product if one of us could make a spam filter that actually remembered YOUR choice on each comment so you only had to do it once. (Perhaps with a 30 day suspension feature?) LOL
        Warren would love you to read ..Google PPC Automation UnveiledMy Profile

        • Hi Warren,

          And THAT adds credence to my theory that they are taking money to let some spammers through. It is REALLY easy for a real commenter to get blocked by Akismet and very hard to get unblocked. You can click not-spam over and over and over on their comments and usually they will NOT get unblocked.

          Automattic IMPLIES that Akismet uses YOUR choices but that is clearly untrue. That is why Phil @FeedBlitz got Andy @CommentLuv to create the GrowMap anti-spambot plugin also known as GASP.

          When we first got it 96% of the 1000+ comments I was getting PER DAY in this blog were immediately blocked – and that is how I discovered that some things that LOOK like comments are actually trackbacks which is why you have to use Simple Trackback Validation with GASP.

          If you are sure they’re using Scrapebox the first question is can it be used to manually get the IP and email address. If it can not and you’re sure that is what is leaving these comments they are getting past both of those plugins so we need to enhance GASP to lock them out again.
          growmap would love you to read ..Automattic JetPack Stats Plugin Hijacks Comments on Self-Hosted WordPress Blogs without PermissionMy Profile

          • I of course use GASP and simple trackback validation, but when I did use Akismet I had occasions when my own comments would hit my own spam box. I emailed them and they told me they couldn’t do anything about it. (Great software)

            Here is the changelog they’ve got posted.

            http://www. scrapebox. com/scrapebox-changelog
            (remove the space after each . didn’t want to give them a link)

            1.6.9.0 Added: CommentLuv for WordPress, if the target blog is running CommentLuv ScrapeBox will tick the checkbox on the target blog before posting so you get 2 links instead of one.

            As you can see adding a check is nothing for them.
            Warren would love you to read ..Google PPC Automation UnveiledMy Profile

          • Thanks Warren,

            This is what I needed to know. I’ll notify Andy @CommentLuv and see what we can do to block them. There are other traps in GASP to catch spambots so they have probably finally found and defeated each of them. No problem for Andy to change that up and lock them out again until they get it all figured out again.

            Thank you for your assistance. No idea why we couldn’t connect on MSN but I’ll try getting another account and see if that fixes it.

            P.S. Akismet throws some of my comments into spam, too. It is RIDICULOUS that they claim they can’t fix that. Why in the world not? Maybe they just randomly delete comments for fun just like Twitter randomly blocks tweets and retweets related to topics they won’t let trend. They’re all Borg in my book and can’t be trusted.
            growmap would love you to read ..Blog Post PromotionMy Profile

  18. Their website actually seems to not exist to me, which makes it appear like they have set a spam-bot going and never stopped it when they gave up on the site.

    The email addresses have probably been hived from the internet and do not belong to them.

    If I were you, I’d just block those IP addresses.
    Richard would love you to read ..Artificial GrassMy Profile

    • Hi Richard,

      Interesting. It looks like their site may be down. You can’t block IP addresses from spammers using a tool that randomly changes their IP address. What that does is block innocent people who are NOT spammers. Spammers rarely use permanently assigned static IPs.

      Some use dynamically assigned IPs their ISP gives them each time they log in and others use tools like this one which Warren @plrnetmarketing identified as Scrapebox.

      Check out the post I’ve put in CommentLuv in this reply. I’m sure you’ll find it useful to promoting your business. Also do take advantage of keywords in this and other blogs that offer them. See How to Use KeywordLuv for details.
      growmap would love you to read ..Small Business Internet Marketing: Where to StartMy Profile

  19. Do you use any Bad Behavior? Akismet? Spam Karma?

    I just want to know which, if any, anti-spam measures that this made it past.

    Also, if you’re not using those plugins, then may I suggest installing at least 2 of the above? Your spam problems really will stop after you start using these. They are highly effective.

    • Bad Behavior locked all five admins out of this blog and it took three of the top WordPress people I know to find and delete all the pieces causing that. Most bloggers would have ended up reloading everything so there is no way I will ever try THAT again even though I know some excellent bloggers who still recommend and use it.

      Akismet sucks, period. I’ve written about that many times and explained why Akismet will never work and why we don’t use Bad Behavior on the page about the Akismet alternative we do use.

      While they may have temporarily found a way past it that won’t be for long and every time they figure it out we’ll change it again. I haven’t looked into Spam Karma but if it works by using crowdsourcing to flag spammers that can never work either because there is no consensus what spam even is. See the examples in my latest post about that – I’ll link to it in the CommentLuv in this reply.
      growmap would love you to read ..For Bloggers Who Hate Comment SpamMy Profile

  20. I’ve had a ton of spam from them too, but only succeeded in blocking some of it by flagging IP addresses via the WordPress dashboard.
    Sharon Hurley Hall would love you to read ..It’s Time To Tie Up Those Loose Ends From 2011My Profile

  21. I’m no expert but doesn’t the person leaving the comment have to tick the box? I wasn’t aware that there was a program or script that was able to do this. So I’m guessing they have paid somebody to manually leave these comments.

    Could you not blacklist their website url?
    Dean Saliba would love you to read ..Optimizing Your Website for Performance and Loading TimeMy Profile

  22. That is a tough one. The website and email address seems to be the same each time, but mail15.com kind of stands out. The ip address changes by one digit on some of them and the name field seems to be different each time.

    The majority of them include a number in the name field. I know some bots will use an uppercase / lower case combo and sometimes a number too. They tend to be a little more obvious and use a name that doesn’t spell anything.

    Bots are getting smarter and better all the time. You think you have some measure in place to prevent or stop them, and next thing you know they they come right back again.

    It’s a tough one because it looks like it could be bot activity partly because of the different names. Your site allows name @ keyword so you think they would do that if they were a real person instead of all the different numbered names. Yet, it could be someone manually spamming too.

    You could block the 2 ips with .htaccess and see if they happen to come hitting back with a new ip address.
    Ray would love you to read ..Brand WordPress Login & Registration with your LogoMy Profile

    • Hi Ray,

      Agreed that evil people never give up because they love the challenge of instant gratification and seem incapable of caring about anything long term instead of right now.

      I have them blacklisted but what I want is to figure out how they’re getting through and lock them out.
      growmap would love you to read ..Why Your Geographic Location IS a NicheMy Profile

  23. Hello,

    Yes certainly had that experience, but found either using “WP Hashcash” http://wordpress.org/extend/plugins/wp-hashcash/ or a plugin like Echo or Disqus slows them right down.

    Hope that helps

    David
    David would love you to read ..Newspaper optimises for Marlboro CigarettesMy Profile

Speak Your Mind

*

CommentLuv badge