"Spam, spam, spam, spam … Spam! Lovely spam!" — Monty Python's Flying Circus – The 'Spam' sketch
The proliferation of 'spam' (and other attendant attempts to access, corrupt or other conscript websites) is a constant pain for anyone. As I write this, the blog has been in action for about eight weeks and has accumulated over 170 comment spam attempts. (That alone is somewhat discouraging, as, if I discount my own comment replies, that is almost 15x the number of actual comments the blog has received.) However, my WordPress installation is configured to automatically scan any comment and sequester any that appear to be spam for my approval. It also means that any post, spam or not, will have to wait until I can approve it until I can implement a better method for handling comments, one that will take a little investigation.
(Its not like the spam is really very intelligent. One simply scatters a number of random letters, sometimes in a foreign alphabet, around a URL. Another repeats a rather generic greeting. The most amusing one was one that actually mentioned 'hipnosis' but gave as their URL the website of a male-enhancement drug in German.)
I am using the best spam prevention methods I can find, some that should stop spammers even before they even get to the website, but its an ongoing battle. Its just so easy for someone with little or no knowledge or computer experience to get a spamming toolkit and a list of addresses from a black-hat website and start spamming away. Its even worse when idiot people let their systems get compromised and become unwitting tools to act as a proxy army to expand on the efforts of just one spammer or a whole array of unsavory activities.
And still there is spam. It is a continuing battle. And one that I will continue to fight. Its not limited here: my company website periodically will have a number of attempts to access a non-existent blog or any other popular type of web package: I designed the website to report any attempts that return a 404 (not found) error and there have been several times when it reported several attempts (the record is actually 137 attempts from the same web address at all roughly the same time) trying different sequences of URLs in the vain attempt to find something to exploit. Unfortunately for them, and fortunately for me, there wasn't.
And what can be done? From a personal standpoint, protection: use an anti-virus program and make sure it is always up-to-date. In fact, make sure your entire system is up-to-date with the latest corrections, most of which nowadays are to close holes in the operating system that can be taken advantage of.
But most of all, use good sense. Remember that there are people out on the Internet who will, if given the slightest opportunity, will take advantage of it. Don't let them.