Blog

Referral spam for Trump

referral spam trump gif

In the era of security first, I was browsing through our Google Analytics account to monitor the traffic for the month of November. I found that we were getting unusual traffic from places which looked pretty suspicious.

 

Trump spam referral google analitycs

 

After doing some research, I found out that it was a widespread Google Analytics ‘Vote For Trump bot’ and many websites got affected.

Referral spam is everywhere

Whether it’s on Twitter, Facebook, or, of course, in your emails, someone is always trying to sell something. Criminals impersonate trusted senders in email to gain your trust, so they can obtain access to the sensitive data. These phishing emails may appear to come from different sources including your registrar or friends or business partners.

 

Trump spam referral google analitycs

Interestingly enough, one prolific Russian spammer has taken a new way to spread his own message: using Google Analytics referral spam, he promoted his love for Donald Trump ;-(  and got traffic on his website.

“Money,” Popov wrote. “Traffic is money.”

“Help to Trump and Russia. I like Trump. I even sacrificed traffic to help him,” said Vitaly Popov, who is behind the recent wave of Google Analytics spam, in a email exchange with motherboard.com

If you do what he is asking you (copy and search the link), you’ll get to this website (look at the “evil” url)!

referral spam landing page
Is secret.ɢoogle.com real?

Google Analytics has become a great target for spammers, whose fake traffic draws unwary website owners. That’s exactly the case of the secret.google.com. Many people who, trying to examine the origins of the traffic, didn’t realize that there was something wrong with the way the url looked.  Instead, assumed that secret.ɢoogle.com was just secret.Google.com

If you compare these two letters side by side, you will notice that the capital G, is not the same ‘ɢ G’. The ‘G’ is the same size as the lowercase letter ‘o’? It’s not the same G of Google. This technique was also used to create lifehacĸer.com. Hackers are creative, aren’t they? 😃

Once the spam data is registered on your GA account you can’t erase it, but you can only create filters to prevent having dirty data in your account. If you are interested and want to learn more about spam filters, below you can find a guide to prevent this kind of threats.

google: working on analytics spam/
analyticsedge: removing analytics spam