Referer – Spam, Spoofing, and Marketing
July 15, 2008 By: Justin | 10 commentsWhen a Internet browser moves from one page to another an HTTP referer is passed to transfer information about the source page. This information is sent to the server via HTTP headers.
Simple Example
When you come to my homepage your browser carries over information from whatever page you were looking at previously. My server can tell if you came from Google, Yahoo, StumbleUpon, or from a link in a blog post. This is how analytics software is able to track your visitors.
Analytics
Lets pretend you search Nashville SEO and click the link to my site. When you search for Nashville SEO, you will see this address.
http://www.google.com/search?q=Nashville+SEO
That is the URL for page one for Nashville SEO. When you click my site’s link, your browser will pass to my site that you came from the page “http://www.google.com/search?q=Nashville+SEO”
This information is captured by the server (and any analytic software). From this link, your analytics software can determine two things. Visitor is from Google. Visitor came via the search term “Nashville SEO”
That’s the basics of how referers work and how they are used for common tasks like analytics.
Spamming
Have you ever checked your analytics and found referral traffic from a page, but when you check it out there is no link? Well, they just referral spammed your site.
It is possible to manipulate and fake your HTTP headers and insert various information. This can be used to insert false information. When you move from one page to another, you can block the real header from being transferred and send one of your choice. So you can browse the Internet and every site interprets the visit as referral traffic from the URL of your choice.
Why Do People Referer Spam?
There are two major reasons to spam your referer.
First, many sites use to publish their analytics (and some still do). These would be a browsable print out of analytic information which could be crawled by search engines. Naturally it become an option for back links. By by faking your referer, you could show up on their referral tables and get a free back link! A lot of people stopped having public stats, but some sites still publish them.
The second reason is manipulation of the newbie blogger / webmaster. When you first learn about tracking your visitors, you’ll catch yourself checking your stats constantly to see where people are coming from and who is linking to you. Many times you’ll click through and visit the site. If a marketer has a product or site that appeals to webmasters in a certain demographic, they insert the URL of the site they want to promote and simply browse sites of people they want to promote to. When the newbie checks their stats, they’ll follow the referral through. The spammer successfully got them to visit their site. This can be automated to spam 1,000’s of sites, which results in 100’s of visitors.
How Do You Spam Your Referers?
The are multiple ways to do this, but here is a really easy one. Refcontrol is a simple Firefox Add On. You can insert a global URL to fake (used on all sites) or you can set specific referrals for specific sites. It’s very easy to use.
Spoofing
This isn’t really SEO related, but while we’re talking about referers, lets discuss spoofing. When you are faking your referer, you are referer spoofing. So referer spam is referer spoofing, but for use to market and promote your site. You can spoof for other reasons too. The other common use of referer spoofing is to by pass website security. Some low quality security setups work by checking the referer of the browser. A person must by pass the security system to get into the private or members area, but the only internal security is to check that they came to each page from another page inside the member area. By placing a URL that is inside into refcontrol, and then pointing your browser at the member area, you are able to bypass the security check because it thinks you were already inside (since you have the referer). This method is used heavily by those who break into porn sites. Its a really simple method of breaking into adult sites.
Conclusion
I wrote this to help explain a question in a forum I’m a member of. A lot of new webmasters are left scratching their head when they see a referral site without a link. I hope this explains things. This information can be used for some pretty nasty grayhat / blackhat type marketing. You can use it in the ways I mentioned, but can also be used to manipulate traffic trading scripts that use headers to track incoming traffic. If you get creative, you can do some fun stuff. I don’t suggest doing any of this, because a lot of it is either unethical, blackhat, or in the case of hacking a site, potentially illegal.
Filed Under Sneaky |
Tagged With blackhat, referal, referer, referer spam, referer spoofing, spamming
Related PostsSEO for Firefox Tutorial
Made a quick video showing how SEO for Firefox works to help those who were having a hard time with the add on. It a quick and simple video. I
Site Design SEO
SEO lesson that covers all the major on site SEO factors used in the design of a website layout / template. Covers basic site structure and layout optimization. Covers SEO
Optimize Brian’s Threaded Comments for SEO
I’m a big fan of Brian’s threaded comments and so are several other bloggers. The plugin is designed to allow you to directly respond in a thread to specific people
BarCamp Nashville 2008
Hey guys, if any of you live in the Nashville area, you should check out BarCamp in Nashville on Oct. 18 2008. It a convention of technology enthusiast here in
Geotagging, Local Search, & SEO?
I don’t think there is any doubt that Google is moving toward both localized and personalized search. They’re getting more accurate and sophisticated. Recently I made a post about the
Comments
10 Comments »
Trackback responses to this post
Subscribe
Search
Get Started
Learn SEO
Search Engine Optimization Guide
Build A Niche Store
Free BANS Template
BANS Template Modifications
.info BANS
Sneaky SEO
Link Laundering
Link Exchanges
Find Dofollow Blogs
Referer Spam
SEO Footprint
Popular
Categories
- BANS
- Bloggers
- Blogging
- Case Study
- Keywords
- Link Building
- Make Money Online
- Nashville
- Online Success
- Podcasts
- Search Engines
- SEO
- SEO Lessons
- SEO Wordpress Themes
- SEO Zombie
- Sneaky
- Social Marketing
- Tools
- Video
- Wordpress
Hit this one out of the park too.
-Dave
Thanks Dave, I hope it helps.
That sounds like an awful lot of work (for the spammer) with no guarantee of good results - people are strange.
If automated, it isn’t that much work. You could simiply set up some form of automated program and let it run while you’re a sleep. Nicky Cakes made a post a while back about using an automated clicking program with stumbleupon. You just set the referer, set the tool to click the stumble button over and over, then just walk away.
trying to understand a spammer?
the problem is there stupid tactics work. they wouldnt be doing it if it weren’t making them money ..
look at that one dude who just killed his entire family becuase he finally got caught. those guys screw over millions of people
I wondered why this was but supposed it was to get traffic from curious webmasters. However I also noticed I was getting referrals from Amazon which doesn’t make much sense to me.
No idea where the Amazon ones come from. I sometimes see some random stuff that I can’t explain.
A lightbulb just went off. I was browsing around some blogs from my niche and I put two and two together with this post and that little blurb about nickycakes. I think I might have an idea.
Dave
Did you find the nickycakes post? ;)
He has some good stuff
Its really easy to do, you can just use php cURL with a list of proxies and a fake referer. I’ve written a script thats 130 lines that could do it all day, all night, all year. Not that I would :)