Spam comments are just part of life when using WordPress, but it’s not all that difficult to distinguish between spam and real comments. In most casses spam comments are automated and follow a basic pattern:
- Generically compliment the WordPress site even if the comment isn’t relevant to the post
- Appear to be a legitimate comment, but list a spam, phishing or commision site as their URL
- Email addresses use free services or international domain names
Meeting one of the above criteria doesn’t mean the comment is spam, but generally speaking when it meets two or more you have a spammer.
Now some examples of how to distinguish comments from spam:
In the following email notification of a WordPress Comment, we can see an attempt to appear legitimate. But, if you look closely, there are a few telltale signs that it’s not. “I was suggested this site” is a common type of phrase used by spammers, which combined with “not sure whether this post is written him” implies a familiarity with the site. However, if you look at the author, email and url a different story emerges.
A search on the author, which is not actually a name but a marketing slogan, will allow you to translate from Indonesian to English. Add to that an email address on a free provider (AOL, Yahoo and Gmail are common favorites among spammers) and a fake website address (appears to link to a YouTube video) look closely at the URL and its “youtu.be” not “youtube.com” and you clearly have as spam comment.
In another example (seen from the “WordPress Comments Admin”), we can see the complement, author name is a marketing phrase and another free email address – but this time the spammer appears to be targeting posts with keywords similar to their spam marketing.
Holding the mouse over their listed URL will provide a preview of a spam sales page.
Finally another example, but with what appears to be an actual author name not using a free email. In this example, the comment appears to be meaningless in relation to the post and at the same time relevant to the keywords. What’s a little trickier here is that the website appears to be legitimate, however the company is based in the United States – specifically Sacramento, Ca. (says so on their website) and the email address is from a German domain (.de).
Holding the mouse over their listed URL will provide a preview of a sales page.
In summary, when it comes to determining if a comment is spam or not look at the message but don’t forget the other details.