I suppose I should take this as a positive sign of sorts... the Cincom Smalltalk blogs apparently get enough traffic to warrant their own spambot. Until this morning, the failed spam attacks (I archive them) came in drips and drabs, and seemed to be manual efforts. Then this morning my archive folder showed over a dozen attacks, all from different sources - but all within a few seconds of each other. They all failed; they were targeting older posts, and comments are off for those.
As to why link spam - comments and referers - are so prevalent, read this Register article. It's got some instructive points:
Sam - let's call our interviewee Sam, it's suitably anonymous - lives in a three-bedroom semi-detached house in London, drives a vintage Jaguar and runs his own company. But "it's not not all rock and roll and big money", says Sam. What isn't? Spamming websites and blogs with text to pump up the search engine rankings of sites pushing PPC (pills, porn and casinos), that's what.
For that's what Sam does, pretty much all day long. He - we'll use the male notation, it's easier - would do this anyway for fun, but it's more than fun; he says he can earn seven-figure sums doing this. Sam is a link spammer. He's unapologetic about it. Skilled in Perl, LWP and PHP, Sam's first professional programming was done aged 13, when he sold some code to a gaming company. He's 32 now, and spoke to The Register on condition of anonymity.
That explains the economic angle - the potential revenues are high, and it's easy to do. Generating link spam is far, far easier than email spam - all you need to do is push a boatload of http posts and gets - the hard part is the list of where to hit. Apparently, these people do market research. The more interesting question is why this started happening all of a sudden - blog comment spam, referer spam, and wiki spam were virtually non-existant as recently as two years ago. What changed?
They're just exploiting a weakness in a system which blossomed just at the time that Google cracked down on the previous method that spammers used, where huge "link farms" of their own web sites pointed circularly to each other to boost each others' ranking.
"It was around December 2003: Google did what was called the 'Florida update'. It changed the algorithm that measured how high a site should be ranked to spot 'nepotistic' links and devalue them. So if you had a link farm of sites with different names which linked heavily to each other, they were pushed down," explains Sam.
So the link spammers - who prefer to call themselves "search engine optimisers", but get upset when search engines do optimise themselves - turned to other free outlets which Google already regarded highly, because their content changes so often: blogs. And especially blogs' comments, where trusting bloggers expected people to put nice agreeable remarks about what they'd written, rather than links to PPC sites. Ah well. Nothing personal.
So we can file this under unintended consequences. Google (and other engines) made a change in their ranking scheme to address link farms. The result has been, IMHO, worse than the cure - it's offloaded the problem from Google down to the rest of us. Google is trying to deal with it - they recently proposed nofollow, a scheme I've discussed before. Suffice to say, I don't think it's likely to work. For one thing, there are going to be lots of blogs and wikis that don't implement the tagging scheme. For another, the spammers just won't care that much.
The bottomline is, this kind of escalation is just going to continue. With the kind of revenue potential in this, no technical fix is going to get rid of the problem completely.