Definition

splog (spam blog)

Part of the Security management glossary:

A splog (spam blog) is a fake blog created solely to promote affiliated Web sites, with the intent of skewing search results and artificially boosting traffic. Some splogs are written like long-winded ads for the Web sites they promote; others have no original content, featuring either nonsense or content stolen from authentic Web sites. Splogs include huge numbers of links to the Web sites in question to fool Web crawler s (programs that search the Web for sites to index). The sploggers associate popular search keywords with their pages so that the splog links turn up in blog search results and are sent out as search subscription notifications through e-mail and RSS feed s.

Splogs have existed almost as long as blogs have, as enterprising spammers quickly realized the new medium's potential for exploitation. However, the attacks have become more common as attackers' methods have become more sophisticated. Automated attacks have caused what many in the industry referred to as a "turning point" for splog. In late October of 2005, a splogger used Google's blog-creation tool, Blogger, in conjunction with the BlogSpot hosting service to create what Tim Bray, of Sun Microsystems, called a "splogsplosion": hundreds, or even thousands of splogs turning up in search results and clogging RSS reader s and e-mail inboxes.

Here's how this attack was conducted: The splogger ran a search on blog search engines for popular keywords. Among those selected were the names of two prominent bloggers, Chris Pirillo and Dave Winer. Next, using a bot to automate the process, the splogger created tens of thousands of splogs, listing the selected keywords and publishing text taken directly from Pirillo's and Winer's own sites, along with the commercial links. People searching for the legitimate bloggers' sites and people with search subscriptions for RSS feeds found their results filled with splog links.

In response to the attack and the media outcry in its wake, Google published a list of some 13,000 splog sub-domains. The company also implemented a type of Turing test known as a CAPTCHA , forcing any entity creating a blog to prove satisfactorily that it is, in fact, a human and not a computer program.

This was last updated in March 2011
Posted by: Margaret Rouse

Related Terms

Definitions

  • SSL certificate (Secure Sockets Layer certificate)

    - A Secure Sockets Layer certificate, known commonly as an SSL certificate, is a small data file installed on a Web server that allows for a secure connection between a Web server and a Web browser. (SearchSecurity.com)

  • Types of enterprise risk

    - An enterprise risk is any potential event that could threaten an organization's ability to achieve its financial goals; long term, a risk can be a threat to sustainability. In a business context, r... (WhatIs.com)

  • business risk

    - A risk, in a business context, is anything that threatens an organization's ability to generate profits at its target levels. Business risks are broadly categorized as pure risks, which are negativ... (WhatIs.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About splog (spam blog)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.