Ghost spam paranoia

Tinfoil cap We all know that spammers can feed fake data to Google Analytics. However, even experienced webmasters need to be constantly reminded not to fall for this trick. Let me tell you an amusing story…

I recently made a new website for a personal project of mine. Over a few days I bought the domain, set up the hosting, installed a CMS, set up a new Google Analytics profile, did a few quick tests. So when I logged in to Google Analytics dashboard, I expected to be the only visitor on the site.

There was another one.

The network reports indicated there was one visitor from the USAISC network. That’s the computer network of the United States Army.

Well, my personal project happened to be an anti-war site, and among other material, it contained criticism of US intervention in Syria. I hadn’t told anyone about that brand new website yet, and nothing anywhere on the Internet linked to it. So my mind quickly drew up a conspiracy theory where domain registries are monitored and any newly registered interesting-sounding domains are checked out by the military for the purposes of terrorism prevention or whatever. (Such a “prevention” theory would also explain why they don’t hide their trail – there could be benefits in making such surveillance obvious, like a warning – “we’re watching!”).

That’s not really a remote possibility, so I shrugged it off and assumed that everyone on the Internet is being watched by several agencies in one way or another, which is probably true anyway. However, the next day I looked into the host and referrer logs and the truth turned out to be more trivial.

Spammers often inject fake data directly into Google Analytics and try to make it spike the curiosity of the webmaster reading the reports. They place their own site in the “referer” field, hoping that this will help them get visits. That can get them considerable traffic which can be monetized in different ways (by placing ads, by directly selling products and services, or in the worst case by spreading malware and taking control of other people’s computers).

The thing I didn’t know was that such spam can easily hit unpublished sites too. I guess they try spamming random Google Analytics ID numbers in the hope that they will hit something. They are just blindly sending their fake data, not knowing your domain name or anything about your actual website.

Well, I feel better knowing that I’m not the only one who fell for it:

This weird experience with fake data on my Google Analytics reminded me once again of the old lesson: if it is on the Internet, it doesn’t mean it’s true!

Posted in Thoughts

Leave a Reply

Your email address will not be published. Required fields are marked *

*