You may have heard of Semalt.com. I’ve heard them argue that they’re not spammers, they’re not evil, they’re not bad people.

You know what? They are. They are spamming, they are doing evil, and they’re bad people.

The other day I was checking my top-sites in Google Adsense, trying to think of how to increase revenue on my passive income, when I saw this random domain showing up on my list of sites. A site that wasn’t mine. A site that looked like a spammer:

Adsense top sites shows one of Semalt's URLs

Why is this happening?

According to Google, this happens when a site loads cached content of your domain (Google does this). It can also happen when someone copies your whole webpage into an HTML email, or if someone uses a bad iframe.

There’s also the obvious, but rare, case where someone uses your code without your knowledge.

Do I need to block them?

No. Except for the part where they screw up your analytics metrics and cause load on your server. Keep reading, I’ll explain.

Will I Be Penalized by Google?

My first thought was “Oh shit, Google’s going to yell at me!” I quickly checked that I had site authorization on, which means only domains I’ve approved and added can show my ads. Whew.

This is a big deal by the way. While it would be nice to earn more views, if a site that isn’t mine uses my ads without knowing, I can get in trouble. More than once I’ve told off plugin developers about using Adsense in their plugins. This is for a couple reasons, first is that you can use it to track who uses your plugin (bad), but also because Google doesn’t want you to. They outright say that you cannot put ads “on any non-content-based page.” An admin dashboard is not a content page. Done and done. No ads in your plugins, thank you.

But that’s exactly why I was worried!

Where is Semalt showing my ads?

What is this URL for anyway?

The URL was http://keywords-monitoring-your-success.com/try.php?u=http%3A%2F%2Fexample.com (not my real URL). The only reason I could find it was I dug into my Google stats and found it as a referrer. If you happen to pop that into a browser, you will be redirected to http://semalt.com/ — Real nice.

That is, by the way, how I knew it was Semalt.

What is Semalt?

Semalt is a professional SEO and marketing service. They literally make their money ‘crawling’ websites. When their site started, it was really the scamiest looking thing I’d seen in a long time. A year and a half later, they’ve cleaned up their act a bit but back in 2014 we all looked at them with a massive Spock eye.

As it turned out, they were using infected computers to scan the web. My personal guess was that they are leveraging hacked computers and using them to scan for vulnerable websites. Once they find a site, they hack it and use it to push malware.

That’s a guess. I have no proof. But based on their search patters and behavior, it’s looking pretty likely to me.

Can I block them?

Yes! But there’s a catch.

You see, everyone says you can do this:

# Block visits from semalt.com 
RewriteEngine on 
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*semalt\.com [NC]
RewriteRule .* - [F]

And while that works, it’s obvious that Semalt is on to us because now they use keywords-monitoring-your-success.com and other URLs as passthroughs.

How do I get them out of my analytics?

Do you use WordPress.com? Or Jetpack? Great! Report the referrer as spam! WordPress.com blocked Semalt back in 2014, but obviously they’re on the rise again.

If you’re using Google Analytics, Referrer Spam Blocker is probably your best bet.

Reader Interactions

Comments

  1. Thanks for sharing this, Mika, including tips to help combat it!

%d bloggers like this: