Tuesday, July 19, 2011
Those of us with Tumblr accounts have recently seen a significant rise in like/follow spam. NPR Fresh Air even ranted about it, pointing out that it’s a pain in our collective ass to deal with.
The Tumblr spam basically works like this. A fake Tumblr account is created and then real posts are liked and real blogs are followed by the fake account. The goal being to:
- Infiltrate account-holders’ dashboards (the account panel for Tumblr) in hopes that they will click to see who’s liking/following.
- Infiltrate notes lists on the public side for the curious.
At first the spammers weren’t easy to spot because even though their aliases were strange (Hotmail-ish aliases like hemish656), the avatars were normal. But then they began using avatars of half-naked women, making them easy to spot when coupled with their bizarre aliases:
Most of these accounts comprised a single post of the woman in the avatar using either a default Tumblr template, or this strange, pink theme with a few posts of photos of Thailand. Hardly spam at all because there was nothing to promote. Right?
Wrong. What they were doing is testing the waters to see if they could get the clicks. For legitimate account holders it’s hard not to click. You want to block/report the spammers but blinding blocking means risking blocking a legitimate follower/liker with an unfortunate Tumblr alias. So they get their clicks.
And now that they know it works they’re getting sophisticated. The aliases appear to be legitimate and there’s even context to the posts they’re liking. This morning a spam account with the alias “hipops” liked a post about an iPhone speaker amplifier called MegaPhone. The alias “hipops” could be a clever play on “hip-hop” which would easily marry with a post about music equipment:
I have no idea how Tumblr is going to combat this growing annoyance but I hope they find a solution. Because as NPR Fresh Air’s Melody Kramer notes: “I have enough to do without keeping track of all of your shenanigans.”