Language Spam; Exposing New Threat From IDN

Newsletter sent 2016-11-18.

Language Spam; Exposing New Threat From IDN

language-spamOver the past couple of weeks, a new variation of spam in Google Analytics has people talking; “…Vote for Trump!” is appearing in the Language reports? Well, it had nothing to do with his campaign – it was just the same old spammer capitalizing on the events of the day. There are two things people didn’t realize about this latest spam hack:

First, Google Analytics has been consistently shutting down new spam sources after a day or two, minimizing their impact on your reports. But this hack rotates the domains used in the Source field every day while consistently pushing the same fake content into the Language field. The result is that all of those little bits add up over time and the fake language message rises to an annoying level. Google needs to adapt their response again…

Second, in case you didn’t notice, the referenced domain (Secret . ɢoogle . com) contains a whole new threat to internet security: the use of an International Domain Name (IDN) that appears to be something it isn’t. The ‘ɢ’ in ɢoogle is actually a Unicode character Latin Letter Small Capital — it is NOT the capital letter ‘G’, and it will take you to the spammer’s website, NOT to The introduction of IDN’s allow people to create website addresses in their native languages around the world (like 日本語.jp), but the existence of similar characters in the international character set means everyone needs to be prepared for a whole new generation of phishing attacks — spam messages with valid-looking links.

Getting Rid of the Spam

To get historical spam out of your reports, use the Segment I posted to the Google Analytics Solution Gallery. Remember to change the Segment to use your website domain name in the first expression!

Read the whole story in the Definitive Guide to Removing All Google Analytics Spam — the authoritative reference on the topic, regularly updated since January 2015.


Mike Sullivan
Owner, Analytics Edge


Product Updates  link

Google AdWords v2.8.1
Fixed problems some people were having with MCC accounts

Google Analytics Pro v2.9.0 / Free v2.6.0
Fixed a problem that made some customer segments not appear in the list

Google Search v3.6.0
Fixed a problem limiting query+device reports to 5000 rows