Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Get Rid of Copyrightclaims.org Referral Spam In Google Analytics

NameCopyrightclaims.org Referral Spam
TypeReferral Spam
Short DescriptionThe web page has been seen on many referral spams on predominanly medium sized and smaller blogs in traffic.
SymptomsThe user may witnes the spam on various places of the website that is being targeted, leading to Copyrightclaims(.)org which then redirects to a phishing website.
Distribution MethodBundling.
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by Copyrightclaims.org Referral Spam
User ExperienceJoin our forum to discuss about Copyrightclaims.org Referral Spam.

Ah, referral spam – if it isn’t the least favourite thing to meet when you are trying to improve your website by working with Google Analytics. It starts with a few messages but it may become more frequent if left unmonitored and may even cause your favourite site to be banned from google searches because of malicious content. Well, copyrightclaims.org redirects is yet another such spam that is featured by a malicious bot or someone hiding out in a closet somewhere. Either way, it is very unwanted and you should deal with for the sake of your site. But in order to get rid of it, first you need to get to know your enemy so that you can be protected in the future.

Copyrightclaims.org Referral Spam – What Is It

Such referral spam attacks usually aim to drive hoax web traffic to third-party sites. These are also known as ghost referrals and web crawlers. The trend has been growing rapidly and its highest points are during the end and beginning of a year. Experts warn that this threat is a rather serious one and if not blocked and protected from in time, it has the power to make a huge mess and cause many headaches.
There are two main referral spamming methods used by the spam bots at the moment:

Type 1: Spam by Crawlers

This particular spam comes in waves which are normally not identified and what is more they can change rapidly the statistical data. This means that they can increase the bounce rate rapidly and cause fluctuations in some other details. There are those spammers that finally remove a website from their “To spam list” right after they have been warned to stop or after their website links have been flagged as spam. But, there are also these persistent spammers that remain and even continue to complicate and develop their spam and they are the ones who most often have to be prevented via analytics filter. This may in some persistent cases be a headache for the site admin.

Type 2: Ghost Referral Spam

This particular spam method is the most widely distributed and you may have met it in the eyes of Copyrightclaims.org . It aims one thing and one thing only – to remain for as long as possible hidden, non-flagged and unfiltered.
Ben Davis at viget.com is an expert on spam and his report indicates that this spam is not actually present on the website it spams. There are cases where spammers exploited the free HTTP protocol information that passes through. This is a clear indication that a cyber crook can mask the whole HTTP session. There is even a special software, that is designed for this specific purpose. Such software might as well send fake HTTP requests that are directed towards different Google Analytics settings, eliminating the demand for the program to even visit the site that has been targeted. Security experts also report that the malicious threat may have the ability to fake certain search results.

Copyrightclaims.org referral spam may have the ability to modify Google Analytics statistical data and as a results change traffic and duration times, thus decreasing the value of the data on the site itself. This particular fact is very annoying, mainly because if you have a site and you are relying on statistical data to act based on forecasts from it, you may face a grave difficulty. The biggest danger by referral spam lies before lower traffic websites such as beginner blogs, newly created websites and others. This is because their data may be devaluated for a very short time by Copyrightclaims.org spammers. The referral spam domains continue to increase.

Similar to some other big spamming domains, like erot(dot)co for example, Copyrightclaims.org has been reported for several other malicious activities such as phishing. The website itself was initially blocked by antivirus software:
referral-spam-block
What is more, when visited, the website, caused a redirect to a phishing website that was a Aliexpress.com look alike. It is probably created with the purpose of collecting different, most likely financial data from customers or making them pay for non-existent products. In case you have visited the website, it is highly advisable to scan your computer with an advanced anti-malware software and change your passwords as well as other information.
Here is how the real Aliexpress web page looks like at the moment of writing this if it is put in comparison to the redirect caused by Copyrightclaims.org:
Referral-spam-phishing

Copyrightclaims.org – How To Protect Yourself

If you have spotted referral spam by copyrightclaims.org, this is a clear sign that you have this type of spam and you should immediately block it in your GA. Security experts, such as Carlos Escalera from ohow.com advise users to follow these instructions to filter out the spam in Analytics:

→Filtering Copyrightclaims.org:
Step 1: Click on the ‘Admin’ tab on your GA web page.
Step 2: Choose which ‘View’ is to be filtered and then click the ‘Filters’ button.
Step 3: Click on ‘New Filter’.
Step 4: Write a name, such as ‘Spam Referrals’.
Step 5: On Filter Type choose Custom Filter –>Exclude Filter –> Field: Campaign Source–> Filter Pattern. Then on the Pattern, enter the domain name – Copyrightclaims(.)org
Step 6: Select Views to Apply Filter.
Step 7: Save the filter, by clicking on the ‘Save’ button.
You are done! Congratulations!

In case you keep seeing this persistent spam on your machine, make sure that you download a reputable anti-malware program that will help you with the detection of any threats associated with this malicious redirect and ensure further protection to yourself from other intruders and spammers.

Also, make sure you check out these several methods to help you further block out this referrer spam from google analytics:

https://sensorstechforum.com/exclude-all-hits-from-known-bots-and-spiders-in-google-analytics/

We have also researched several other methods to deal with this spam:

Method 1: Block it from your server.

In case you have a server that is Apache HTTP Server, you may want to try the following commands to block Ranksonic(.)net domains in the .htaccess file:
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://.*Copyrightclaims \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.*Copyrightclaims \.ru/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.*Copyrightclaims \.org/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.*Copyrightclaims \.info/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Copyrightclaims \.co/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Copyrightclaims \.com/ [NC,OR]

RewriteCond %{HTTP_REFERER} ^http://.* Copyrightclaims \-for\-website\.com/ [NC,OR]

RewriteRule ^(.*)$ – [F,L]

Also here is a web link to some spam URLs being blacklisted from other servers:

https://perishablepress.com/blacklist/ultimate-referrer-blacklist.txt

Disclaimer: This type of domain blocking in Apache servers has not yet been tested and it should be done by experienced professionals. Backup is always recommended.

Method 2 – Via WordPress

There is a method outlined by security researchers online that uses WordPress plugins to block referrer spams from sites. There are many plugins that help deal with referrer spam, simply do a google search. We have currently seen one particular plugin reported to work, called WP-Ban, but bear in mind that you may find an equally good or better. WP-Ban has the ability to block users based on their IP address and other information such as the URL, for example.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

In case you have been affected by clicking on one of the many Copyrightclaims(.)org referral URLs it is recommended to scan your PC with an advanced anti-malware program more than once in order to determine whether or not your system i safe.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.