Exploiting Referrer Spam as a Marketing Tool

Disclaimer: I do not in any way advise you do this. I just find referral/ghost spam fascinating, and thought you might too.

Let’s do a quick thought exercise. Let us switch hats for a moment, and deep-dive into the world of referral spam. I want to show you what these spammer slime are doing, how they are doing it, and how they are getting away with it. Allow me to guide you, starting from the early days of referrer spammers, all the way to present-day ghost spam. Walk with me, won’t you?

Into the Mind of the Referral Spammer

Internet Marketing is a really, really competitive niche. The best minds in the game are attempting to market to marketers every day. That post-closing cup of coffee is hard to come by, and to survive, I need to take advantage of every little nook or cranny. I have to jump on it. Luckily, I am an internet marketer, which means I know exactly where my colleagues spend their time. Forums, blogs…and wait for it…software.

Referral spam is young. It is one nook I can easily exploit, and be fairly certain that viewers are my target audience. No amount of PPC or SEO work will ever put me as front-and-center as targeting them in their favorite analytics platform.

Unholy Inspiration

Since referrers show up when a site gets traffic, my first try might be to build a spider using php. I will be able to set whatever referrer I want and then go crazy hitting pages on the internet. However, after a week or so, I’m going to realize that idea sucks. You see, cUrl (what most programming languages use to surf the web) isn’t a browser, it doesn’t load pictures or execute javascript—so I never actually showed up in anyone’s GA account because analytics tracking is javascript based. Worse yet, now my site is on all of the default wordpress “block spam” addons thanks to all the noise I made running this script.

Gathering Shadows

Time for a do-over. Now, I’ve got a new money site and a new approach. This time I’m going to make sure that javascript fires (so I show up in GA) and I’m going to use iMacros (automation) to load up pages in a browser. After a few dozen hours, I’m up and running, but this setup is moving slooooooow. After a few weeks, I’m still only getting a trickle of hits. It’s enough to show proof of concept, but not enough to turn a profit.

If it takes a site 10 seconds to load up and to go through all the paces before we get to the next one, we can do 6*60*24*30 (hits per minute * minutes * hours * days in month). That’s just over a quarter-million site loads per month, per server. Since we’d visit each page a few times in hopes of showing up at the top of the referrer list, we’re only talking about ~20k sites in total. The click through rate of referrer spam would be atrocious when compared to other methods of advertising. On the other hand, our conversion percentage might be decent since we’ve targeted our audience well and made our lander appeal to them.

Accomplishing the aforementioned has very few hard costs. It’s basically your time and $10/mo for a Windows remote server. If you don’t know how to put together a basic iMacro (big ass csv file and a loop), you’d have to hire a some help. Even still, your total out of pocket cost would be ~$100.

If I only get 100 visitors, it probably won’t be enough to keep this operation in the black.

So Begins the Age of Darkness

It’s dawning on me now, iMacros doesn’t multithread well, and is a horrible use of server resources. The only way to scale is to have a huge network of Windows servers and deal with the bugs and maintenance. Also, my site is back on the “block spam” blacklists now, so I’ve got to switch domains & rebuild my money site again.

Hmmm…my first try was fast but ineffective, because cUrl didn’t fire javascript requests to GA. My second try worked, but was a headache to scale and maintain, in addition to being prohibitively expensive for the results I really wanted.

But…what if I mix the 2 together and just use php/cUrl to hit the GA javascript directly? Instead of having to wait for a full page of images, stylesheets & scripts to load up in a browser, we just target the analytics script we want to hit and send our cUrl request directly there ignoring everything else. Well, that opens A LOT of doors.

• I can now burn through several million Google Analytics direct requests a week on a linux cloud host that costs $5/month.
• Thanks to cUrl, I can spoof referrers (set the referrer of each request to my money site), host names (telling a server that this request is coming from your own server and not some random one on the internet) & use proxies easily if we ever get blocked.
• Since it’s cloud, my setup can scale to however many servers I need on-demand without me having to lift a finger. And I can rent by the hour!
• If I ever get booted from my host, there are many cloud hosting options available. I can easily set up shop somewhere else
• Since I’m not “spidering” anymore, I can start putting random universal analytics ids (UA-XXXXXXXX-1) in place to test how it works
• Better yet, I can build a separate spider to go off and round up all the UA ids I can and store them away, now my bot is 100% efficient and can loop easily, making my referrer spam more visible (top of the list baby!)

Finding Hope

And that, my friends, is the story of how easy it was to create the plague that has ruined analytics for so many. My hope is that through education, someone much smarter than myself, or the rest of our team running our referral spam removal tool, can come up with the best solution yet.

Thanks to those early days spammers for guiding us down the road to armageddon. If it weren’t for you, nobody would be littering my analytics views. It’s going to get far worse before it gets better…just wait for the Christmas & 2016 Valentines day referral spam to start dropping.