How to block abcdefh.xyz spam in Google Analytics

How to block abcdefh.xyz spam in Google Analytics

abcdefh.xyz spam website

What is abcdefh.xyz?

abcdefh.xyz is a referrer spam URL that mixes fraudulent referral traffic data into your website’s Google Analytics reports. The spam URL will utilize various black-hat SEO tactics in order to make it look like your website received referral traffic from abcdefh.xyz. However, the referral traffic that appears in your Google Analytics reports did not actually occur. This type of web traffic is known as ghost traffic. This type of traffic produces phantom visitors in your website’s data in order to make it appear as if someone visited your website from the referral URL.

The reason why abcdefh.xyz is spamming your website’s Google Analytics data is to get your attention and persuade you to visit the URL in your browser. If you visit the URL in your browser you will be forwarded to another website, including the long path listed below:

http://money.get.away.get.a.good.job.with.more.pay.and.you.are.okay.money.it.is.a.gas.grab.that.cash.with.both.hands.and.make.a.stash.new.car.caviar.four.star.daydream.think.i.ll.buy.me.a.football.team.money.get.back.i.am.alright.jack.ilovevitaly.com/#.keep.off.my.stack.money.it.is.a.hit.do.not.give.me.that.do.goody.good.bullshit.i.am.in.the.hi.fidelity.first.class.travelling.set.and.i.think.i.need.a.lear.jet.money.it.is.a.secret.%C9%A2oogle.com/#.share.it.fairly.but.dont.take.a.slice.of.my.pie.money.so.they.say.is.the.root.of.all.evil.today.but.if.you.ask.for.a.rise.it's.no.surprise.that.they.are.giving.none.and.secret.%C9%A2oogle.com

It is not recommended to trust known spammers and websites that engage in referrer spam. Referrer spam is a blackhat SEO tactic that disregards your website’s data in order to promote spam content. Someone who engages in referrer spam does not care about ruining your website’s analytical data. They would rather promote their website despite the repercussions and acquire you as a customer by any means necessary. Referrer spam is not a tactic used by legitimate and trustworthy companies and websites.

Referrer spammers typically target your website’s data for several reasons:

  • Referrer spammers want to promote a website and want you to visit the webpage or search for it online through Google search engine results pages.
  • Referrer spammers want to boost their rank on Google search engine results pages by creating backlinks. They do this by logging requests into your website’s access log, which is then crawled by Google’s indexing bots and seen as a backlink to the spam site.

abcdefh.xyz Google Analytics referrer spam can ruin your website’s analytical data measured by Google Analytics. It can affect most of the data in your reports with fake web traffic and data. For example, abcdefh.xyz referrals will appear to land on a single webpage on your website and leave from the same website, which will create a 100% bounce rate. If your website is targeted by referrer spammers you may not be able to identify your website’s bounce rate. The same can be said about other data measured in most Google Analytics reports.

How to block abcdefh.xyz referrer spam

This guide shows you how to block abcdefh.xyz spam in Google Analytics by creating an exclude filter that stops abcdefh.xyz referrer spam and unwanted referral traffic at the campaign source. This is the method recommended by Google to block referrer spam in your Google Analytics account.

1. Open your Google Analytics account and go to the Admin tab> Cick Filters on the right side in the VIEW section.

2. Click the + ADD FILTER button to create a new exclude filter.

3. Add abcdefh.xyz or something you can easily remember as the Filter Name.

4. Select the Custom Filter Type.

5. In Filter Field, find and select Campaign Source in the list. In the Filter Pattern text box, add abcdefh.xyz and click the blue Save button on the bottom of the webpage. To add multiple URLs to the same filter you can make a Filter Pattern similar to this with a | between each URL: Example.com | Example\.com | abcdefh.xyz

Also See: How to exclude all hits from known bots and spiders in Google Analytics (Bot Filtering)

Chrome and Firefox remove MYWOT extensions for selling your identity and browsing habits

Chrome and Firefox remove MYWOT extensions for selling your identity and browsing habits

If you use the MyWOT (WOT, or Web Of Trust) extension for Google Chrome, Mozilla Firefox, and other internet browsers, there is a good chance that you your “very” personal information was sold off to third-parties. This includes your identification, the things you search for online, and the websites you visit. A recent investigation by German public broadcaster NDR revealed that MyWOT has been selling user information to third-parties without properly anonymizing it. In many cases, the user’s real identity and details about their browsing habits were exposed.

mywot

The German broadcaster’s reporters were able to get access to data samples that contained ten billion URLs WOT users had accessed. NDR reporters discovered information about police investigations, a judge’s sexual preferences, and user searches for drugs, prostitutes, and medical issues. This means that MYWOT has been selling your information to interested third-parties for quite some time and that the information sold to unknowns is cause for concern.

WOT claims to scramble user data in order to hide their identities; However, NDR reporters said it was very easy to identify clues in the URLs that connected the link with a username, email address, or name.

The NDR report that aired on November 1, 2016 provided evidence that WOT failed to properly anonymize the data and was also selling it to interested third-parties. The WOT Privacy Policy stated that WOT may “share” user data with its parent company and partners, but did not mention anything about “selling.”

Following the report, WOT posted the following statement in their forum on November 2:

Dear users,
We take our users’ privacy rights very seriously, and for that reason we go to great lengths to anonymize and aggregate the data we collect to run our service, and we of course never license or disclose user registration information.
If there have been instances where any information was not adequately anonymized and protected, we will of course look into it and, where necessary, take measures to ensure adequate protection for our users. We appreciate the users who have contacted us and brought this to our attention.
We will continue to proudly protect our users from countless online threats as we have for the past decade.
WOT statement

mywot extensions

After the NDR report started to gain attention in the international press, both Google and Mozilla removed the WOT Chrome and Firefox extensions from their repositories on Saturday, November 5th citing lack of transparency between the extension’s actions and its Privacy Policy.

This type of behavior from MYWOT comes as no surprise to the internet security and information community. In 2012 it was discovered that MYWOT had purchased fake Facebook likes and Twitter followers to boost their online reputation and we published an article about it (which has been removed). MYWOT employees, power-users, and co-founder Sami Tolvanen found the article and immediately started to retaliate. MYWOT employees, power-users, and Sami Tolvanen himself went as far as to publish my home address, the addresses of my neighbors, images of my house, and other personal information of mine in MYWOT comments and on third-party websites. In the industry this is known as “doxing.” Furthermore, within 30 minutes after we published the article our reputation on MYWOT went from 100% to below 50%.

This is just one example that proves how the MYWOT reputation and rating system is flawed and adds no value to anyone who uses it. Along with the current NDR report and the history of MYWOT it should be concluded that the MYWOT website and extensions are a malicious.