Spoofed Referral Traffic in Google Analytics

The contined spoofing of referral traffic in Analytics highlights a couple of things:

  • Shortcomings in one of Google’s flagship products
  • The shift away from old-skool SEO for spammers to more subtle ways of gaining traffic

My hobby site (weirdisland.co.uk. Go visit it now. Please) – even with its paltry visitor numbers (just shy of a couple of hundred per day) gets a small but noticeable trickle of traffic from fake sources such as:

  • Semalt.com
  • buttons-for-website.com
  • ilovevitaly.com
  • swagbucks.com
  • priceg.com
  • darodar.com

These are covered in good detail over at Refugeek and by Dave Buesing (both sources have some good tips for removing these sites from appearing in Analytics if you want clean, realistic visitor numbers).

The basic method relies on the fact that Analytics can be spoofed – tricking the unwary visitor into thinking they are getting actual human visitors from sources. In fact, these are just faked visits by bots posing as browsers and passing through false headers.

The motivation seems to be (as far as I can tell) to get site visitors to visit these sites to see where their link is. Personal example: I started getting traffic from Semalt.com and visited their site to see where/how/why they were linking to me. I couldn’t find anything, but noticed that they had some on-the-face-of-things useful SEO tools. I signed up for a ‘free account’ and then promptly forgot all about them, but they still send me emails asking if I want to upgrade to their pro package.

It’s a cunning sleight of hand when you look at it this way. In an easily scalable way, they can effectively drive reasonable levels of traffic to their site by bringing themselves to the attention of anyone with Google Analytics installed. Once those people are on semalt.com, the bait and switch takes place, and a certain number of people will thus sign up to their product. I imagine it’s probably profitable.

That’s obviously deceitful practice, but highlights how the nature of scamming has changed. As Google has made it harder and harder to spam the SERPs, so innovators/black hats (delete as per your prejudice) are looking for new routes.

huffpo

A current fake referrer to my site disguises itself as Huffington Post. At first, I was briefly excited – perhaps I’d got a link from HuffPo! In fact, the referral itself was spoofed: the Huffington Post link – when clicked in Analytics – actually redirected to some Chinese shopping site, presumably dropping some affiliate cookies along the way to capture revenue from me should I ever do any shopping on Aliexpress.com (which is where the link actually redirected).

Update: on closer inspection, I’ve noticed that the URL is actually “hulfingtonpost.com”, which also explains how the redirect works.

It’s cunning stuff, to be sure, but I find it hard to believe that it’s a sustainable or large enough niche for anyone to make more than a few quid from. As I mentioned a couple of posts ago, it adds to my belief that black hat/affiliate sites are finally being shuttered by Google and the glory days of such operations are now behind us.

As such, we should actually tip a hat to Google in thanks. For many years, spammers and scammers tried – and succeeded – in keeping the SERPs cluttered with affiliate links dressed as content. Google announced their intention to do away with this years ago and now – if you want to go down that route – you have to go big on site quality and content. Of course, the high price of doing that makes most affiliate programs unsustainable because building the necessary traffic levels can’t simply be left to content spinning and xrumer any more.

Good.

Advertisements
Categories: SEO

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s