NOTE FROM THE NEXT WEB:
The spammer we’ve written about below is using the Google Analytics Measurement Protocol to create hits and send those to your Google Analytics property. These hits seem like they’re coming from this page or another page on thenextweb.com, but they’re not.
He’s sending this spam message and is only changing the tracking IDs. Each Google Analytics property has a unique two-number tracking ID, so it’s super easy to automate.
The easiest way to get rid of this is to setup a filter that only includes your own domain — more info on how to do this can be found in this article.
This might sound like it was pulled out from an Anthony C. Ferrante (Sharknado guy) movie, but it’s actually a real thing so hear me out.
I was checking the Google Analytics dashboard for a company I used to work for, and I was staggered to see a bunch of views from a country I haven’t heard of. The text reads “Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!”
So I did what every normal person would do and I clicked on it and it took me to this.
Now, I know there are lots of things to grasp here but let’s start with the obvious one. What in world is wrong with that link? Here’s the full URL.
http://money get away get a good job with more pay and you are okay money it is a gas grab that cash with both hands and make a stash new car caviar four star daydream think i ll buy me a football team money get back i am alright jack ilovevitaly com/# keep off my stack money it is a hit do not give me that do goody good bullshit i am in the hi fidelity first class travelling set and i think i need a lear jet money it is a secret %C9%A2oogle com/# share it fairly but dont take a slice of my pie money so they say is the root of all evil today but if you ask for a rise it’s no surprise that they are giving none and secret
Vitaly Popov, sir, you have a good taste in music. This is the first time I saw the lyrics of “Money” by Pink Floyd in a URL.
Ok, so this was obviously spam. The hacker is abusing a little-known Analytics feature called Measurement Protocol. The real purpose of this service is to allow developers to send data directly to Google Analytics Servers for testing different environment. However, as you already noticed, the spammers have another use for it.
After a bit of research, I found out that I’m not the only one affected by this spam technique. Chances are, Vitaly Popov is in your Google Analytics too.
So what is secret.google.com and how does it affect you?
Peter Velchev from Dowser says:
Referral spam like Secret.Google.com basically creates false visits to your website. The idea behind this is that once you see the URL of the new visitor, you might be tempted to trace it back to its source. This would in turn generate real visits to the hacker’s website, thus pushing it up the rating ladder.
He then continues,
When the referral spam scheme was first created, the method it used to generate artificial visits to user’s websites was via spambots. However, Google has found a way to deal with that issue. Currently, most spambot views are getting blocked, their views are not included in the Analytics stats and so the URL of the hacker is not displayed. However, as of 2014, a new type of referral spam has been invented that instead of using spambots, it directly changes your website stats tricking you into thinking that you have received actual visits.
What surprises me is that Google hasn’t fixed this. This Russian guy has been reportedly hacking Google Analytics since 2015 and they still haven’t taken care of it.
You might think that this isn’t a big deal since getting rid of it is fairly easy, but it should be a concern and a priority for Google.
It comes without saying, until Google fixes this glitch, I’m using Vitaly’s search feature from his website.
Update 11/22/2016: Vitaly never ceases to surprise me. Apparently, the post you are reading right now might be in your Google Analytics as referral traffic. And while Vitaly is definitely enjoying the spot light, please note that neither this article, nor The Next Web, is partaking of any shady analytics practices.
This post is part of our contributor series. It is written and published independently of TNW.