Definition

splog (spam blog)

Part of the Security management glossary:

A splog (spam blog) is a fake blog created solely to promote affiliated Web sites, with the intent of skewing search results and artificially boosting traffic. Some splogs are written like long-winded ads for the Web sites they promote; others have no original content, featuring either nonsense or content stolen from authentic Web sites. Splogs include huge numbers of links to the Web sites in question to fool Web crawler s (programs that search the Web for sites to index). The sploggers associate popular search keywords with their pages so that the splog links turn up in blog search results and are sent out as search subscription notifications through e-mail and RSS feed s.

Splogs have existed almost as long as blogs have, as enterprising spammers quickly realized the new medium's potential for exploitation. However, the attacks have become more common as attackers' methods have become more sophisticated. Automated attacks have caused what many in the industry referred to as a "turning point" for splog. In late October of 2005, a splogger used Google's blog-creation tool, Blogger, in conjunction with the BlogSpot hosting service to create what Tim Bray, of Sun Microsystems, called a "splogsplosion": hundreds, or even thousands of splogs turning up in search results and clogging RSS reader s and e-mail inboxes.

Here's how this attack was conducted: The splogger ran a search on blog search engines for popular keywords. Among those selected were the names of two prominent bloggers, Chris Pirillo and Dave Winer. Next, using a bot to automate the process, the splogger created tens of thousands of splogs, listing the selected keywords and publishing text taken directly from Pirillo's and Winer's own sites, along with the commercial links. People searching for the legitimate bloggers' sites and people with search subscriptions for RSS feeds found their results filled with splog links.

In response to the attack and the media outcry in its wake, Google published a list of some 13,000 splog sub-domains. The company also implemented a type of Turing test known as a CAPTCHA , forcing any entity creating a blog to prove satisfactorily that it is, in fact, a human and not a computer program.

This was last updated in March 2011
Posted by: Margaret Rouse

Related Terms

Definitions

  • data loss prevention (DLP)

    - Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside of the corporate network. The term is also used to describe software pr... (WhatIs.com)

  • employee monitoring

    - Employee monitoring is the use of various methods of workplace surveillance to gather information about the activities and locations of staff members. Monitoring methods include keystroke logging, ... (WhatIs.com)

  • OPSEC (operational security)

    - OPSEC (operational security) is an analytical process that identifies assets such as sensitive corporate information or trade secrets, and determines the controls required to protect these assets. (SearchCompliance.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About splog (spam blog)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.