Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Get Rid of Traffic2cash(.)net Referral Spam In Google Analytics

It is the season of referrer spam that affects statistics and annoys website publishers. Security experts have managed to identify that referral spam is in open season during the cold days of the year. Users and publishers both are strongly advised if they come across this suspicious referral site to filter it out and scan their computer for malware in case they visited it.

Name Traffic2cash(.)net Referral Spam
Type Malicious domain being spammed by Referrer Spams
Short Description The domain may do various dangerous or unhealthy deeds to the PC activities.
Symptoms The user may witness fake Java Update downloads as well as redirects to other potentially harmful domains.
Distribution Method Via clicking on any Snip.to links (For example Traffic2cash(.)net/?hrefasdi9/). By being redirected to it via a PUP (Potentially Unwanted Program) causing pop-ups and redirects on the PC.
Detection Tool Download Malware Removal Tool, to See If Your System Has Been Affected by Traffic2cash(.)net Referral Spam
User Experience Join our forum to discuss about Traffic2cash(.)net Referrer Spam.

Traffic2cash.net-spam

Traffic2cash(.)net Referral Spam – What Does It Do?

Traffic2cash referrer spam is also familiar as log spam or referrer bombing and it has been made mainly to drive users to click on the referral links and hence generate hoax traffic to vendor or affiliate websites.

When we analyse Traffic2cash(.)net it was established that it may be an affiliate marketing scheme. This is due to the fact that the website redirects to an online referral advertising site, called adzos.com. It is essentially an advertising network and it has referral programs for website publishers.

adzos-com-network redirect

But do not be fooled by what is being offered. Links connected to traffic2cash.net are reported in the spam messages of many websites both huge and small (for example traffic2cash.net/sjd2d29dsd0q9-23h/) leading to unknown third-party websites. Some third-party sites may conceal different risks for an average visitor of your website if the spam message is successfully seen:

  • Malicious URLs that may be dangerous to PCs.
  • Fake retailer stores that resemble famous online retailers however they may be phishing for user’s personal and financial information.
  • Fake error pop-ups advertising sites that promote software only aiming to scare users into paying money to fix the problem over a phone call with fake tech support representatives.
  • Fake surveys that phish for financial or personal user information.
  • Rogue antivirus software.

These may be only half of the risks for a website’s users. Additionally the referral spam creates headaches for website publishers as well, especially for beginner websites.
Here are some of the dangers referrer spam can cause for website publishers:

  • Website`s analytic data devaluation.
  • Difficult to remove, persistent reappearing for a long time on the website.
  • It may intercept information through the free HTTP exchange.

If the spam is massive from many vendors it may cause the hosting server to crash and the website to be taken down (it is recommended to use external server services with higher capacity such as Amazon Services, for example).

Referrer spam has been classified as being two main types:

1st Type: Spam by crawlers

This particular type of spam ‘crawls’ the web in search for spam opportunities. Usually such lie in the face of different websites that are not entirely developed, not frequently monitored or with low traffic. Since the analytics data on such sites may be low on number such spam may devaluate it very fast.

As for the spam’s aggressiveness it is important to bear in mind that it is dependent on the spammer. Some spammers back away straight after the first report, but there are those who continue to develop their spams to continue flooding blogs and forums.

2nd Type: Ghost Referrer Spam

This particular type of spam causes most headaches to website publishers. It is the preferred choice due to its anonymity and one of its characteristics – it has the ability to remain non-flagged and undetected for a longer periods of time. The secret behind this is that the spamming software uses technology that allows it to post spam messages on a website while it is not even present on the website being spammed.

Experts like Ben Davis at vidget.com claim that spammers may take advantage via the free HTTP connection more particularly exploits in it.
This enables spammers to conduct maximum amount of spam messages for longer periods of time than if they used web crawlers. Some spammers may even be able to use blank HTTP requests in order to focus on specific analytics data and to allow the modification of search results.

Traffic2cash(.)net Referral Spam – How To Protect Yourself from It?

When it comes to referral spam the protection is basically very similar. You need to ad filters in google analytics and if the spam is persistent, you may also want to check out some of the instructions suggested below to help you block out this nasty spam and save further headaches.
Before starting any spam filtering from Traffic2cash(.)net, please check out this spam blacklist that was posted online. It may help prevent future spammers from conducting their campaigns on your website:

https://github.com/piwik/referrer-spam-blacklist/blob/master/spammers.txt

Here are several methods to block out Traffic2cash(.)net Referrer spam:

Method 1: Google Analytics

You can always try to block all of the domains associated with this website (.info, .net., .com, etc.).

Step 1: Click on the ‘Admin’ tab on your GA web page.
Step 2: Choose which ‘View’ is to be filtered and then click the ‘Filters’ button.
Step 3: Click on ‘New Filter’.
Step 4: Write a name, such as ‘Spam Referrals’.
Step 5: On Filter Type choose Custom Filter –>Exclude Filter –> Field: Campaign Source–> Filter Pattern. Then on the Pattern, enter the domain name – Traffic2cash(.)net
Step 6: Select Views to Apply Filter.
Step 7: Save the filter, by clicking on the ‘Save’ button.
You are done! Congratulations!

Also, make sure you check out these several methods to help you further block out this referrer spam from google analytics:

http://sensorstechforum.com/exclude-all-hits-from-known-bots-and-spiders-in-google-analytics/

Method 2: Block it from your server.

In case you have a server that is Apache HTTP Server, you may want to try the following commands to block Traffic2cash(.)net domains in the .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash.\.ru/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \.org/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \.info/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \.co/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Traffic2cash \-for\-website\.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos.\.ru/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \.org/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \.info/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \.co/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* adzos \-for\-website\.com/

RewriteRule ^(.*)$ – [F,L]

Also here is a web link to some spam URLs being blacklisted from other servers:

https://perishablepress.com/blacklist/ultimate-referrer-blacklist.txt

Disclaimer: This type of domain blocking in Apache servers has not yet been tested and it should be done by experienced professionals. Backup is always recommended.

Method 3 – Via WordPress

There is a method outlined by security researchers online that uses WordPress plugins to block referrer spams from sites. There are many plugins that help deal with referral spam, simply do a google search. We have currently seen one particular plugin reported to work, called WP-Ban, but bear in mind that you may find an equally good or better. WP-Ban has the ability to block users based on their IP address and other information such as the URL, for example.

In case you have been redirected to or personally visited URLs by Traffic2cash(.)com it is advisable to user advanced anti-malware scanner to check whether or not your machine has been infected with malware since this service may advartise all sorts of concealed dangers. Security engineers recomend performing more than one system scan for maximum effectiveness.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.