Unusual referral traffic from analytics
In the era of security first, I was browsing through our Google Analytics account to monitor the traffic for the month of November. I found that we were getting unusual traffic from places which looked pretty suspicious.
After doing some research, I found out that it was a widespread Google Analytics ‘Vote For Trump bot’ and many websites got affected.
Referral spam is everywhere
Whether it’s on Twitter, Facebook, or, of course, in your emails, someone is always trying to sell something. Criminals impersonate trusted senders in email to gain your trust, so they can obtain access to the sensitive data. These phishing emails may appear to come from different sources including your registrar or friends or business partners.
Interestingly enough, one prolific Russian spammer has taken a new way to spread his own message: using Google Analytics referral spam, he promoted his love for Donald Trump ;-( and got traffic on his website.
“Money,” Popov wrote. “Traffic is money.”
“Help to Trump and Russia. I like Trump. I even sacrificed traffic to help him,” said Vitaly Popov, who is behind the recent wave of Google Analytics spam, in a email exchange with motherboard.com
If you do what he is asking you (copy and search the link), you’ll get to this website (look at the “evil” url)!
Is secret.ɢoogle.com real?
Google Analytics has become a great target for spammers, whose fake traffic draws unwary website owners. That’s exactly the case of the secret.google.com. Many people who, trying to examine the origins of the traffic, didn’t realize that there was something wrong with the way the url looked. Instead, assumed that secret.ɢoogle.com was just secret.Google.com
If you compare these two letters side by side, you will notice that the capital G, is not the same ‘ɢ G’. The ‘G’ is the same size as the lowercase letter ‘o’? It’s not the same G of Google. This technique was also used to create lifehacĸer.com. Hackers are creative, aren’t they? 😃
Once the spam data is registered on your GA account you can’t erase it, but you can only create filters to prevent having dirty data in your account. If you are interested and want to learn more about spam filters, below you can find a guide to prevent this kind of threats.