Link Farming for Fun and Profit: Lt. Draper

From KaminskiWiki
Jump to: navigation, search

I bumped into a small link farm patch on Twitter today. It was more interesting than the typical "Trending Topics" spam we see so much, so I tweeted:

What a sophisticated Twitter link farm looks like: - numeric fake people, lots of RTs, affiliate ID in long link. - Oct 7th

A friend asked, "say more! this is very interesting..."

So here goes.

The first contact was a notification of a Twitter follow -- Jolyn, aka @Sophie146. Here's what I got in my email:


(The broken image links are where my email client doesn't load images by default, to protect my privacy. See Loading Images in Email for why this is important.)

Jolyn/Sophie is immediately suspicious, because her name doesn't match her nick, and because she's following more people than are following her. (Although the ratio is not super-high -- she's been okay, if not great, at getting followers.)

Let's check @Sophie146's tweets:

RT @bernadine_rr Call Center Games - Performance Improvement.
Obviously it would cost more.
That hasn't happened since Minority Report.
RT @arn_123 My Organic Food Garden - 75% Commission.
RT @RobertGrer The Timeline and Business Plan:
Ausight World Importers Directory.
They put pipe bombs in toilets and wrote manifestos.
Credit where credit is due:
Patriotism is easy to understand in America. It means looking out for yourself by looking out for your country. - Calvin Coolidge
Then maybe setting the options people have for healthcare should be taken care of by LOCAL GOVERNMENTS.
Things were not going well in Iraq3.
The same goes for this Obama nonsense.
RT @beth_jim Social Media Landscape:
Our Launch Story:
If this is a regular suspicion for someone, they need to re-evaluate how they use their computer. 

The tweets are a little random. Any one tweet looks okay, but taken as a whole, Jolyn isn't much of a conversationalist. Note that she does like to tweet links, though.

I took an arbitrary link to check out, To be careful, I added a plus at the end,, which tells I want to preview the link, not go to it.'s information about the link includes:


Note the "idevaffiliate.php?id=133" long link -- someone named "id=133" is getting something when people visit this link.

Now, what are people on Twitter saying about this link?


The thing that sticks out for me here is the number of nicks that have numbers at the end, much like our Sophie146. Sure, there are real people who have numbers at the end of their nicks, but it's not super common on Twitter. It's a weird distribution to see a bunch of them in one place.

Nicks with numbers are used by people who generate lots of accounts, because it's an easy way to generate lots of plausible nicks -- just increment the number to get another unique one.

I think maybe all these are fake accounts. If so, it's more clever than usual to generate some that are non-numeric, too.

Checking out some of their tweets, here's @bobb_iq:

Are your products aligned with market needs?:
RIM manages to sync the iTunes libraries to their Blackberries without any deception.
Are your products aligned with market needs?:
RT @SebasRLester Dog Owners Speak Out.
RT @WilliamErskine Event Planning - how to leverage social media to build hype:
Green Card By Marriage Interview.
And that people who treat them badly just for being Muslims will be rightly ostracized.
You'll soon know it's wrong.

Or @Eloy1231:

Family Child Care Business In Ten Easy Steps.
Over a generation we will have socially re branded a word to revoke power away from theists.
I don`t make jokes. I just watch the government and report the facts. - Will Rogers
Uncle John's bathroom readers were the best.

Las Vegas Directory & Classifieds At

RT @arlinda_love The Secret To A Friendly Divorce.

Destroying a USB peripheral because they don't want competition? That's not within Apple's rights.

RT @peterrage Sourcing engineers to build our product:

Their best animated movies came out of that musical era: The Little Mermaid, Beauty and the Beast, Aladdin, The Lion King.

Traffic through wikis:

they weren't a bank, but they acted like a bank so they will be treated like a bank if this goes thru.

You get the idea. Frequent tweets, disjointed conversation, lots of links. You can't see it in the pasted abstracts here, but all these users' tweets are marked as coming from the same Twitter client, TweetDeck. The fake users like to retweet amongst themselves, to make the links seem more plausible to humans, and the whole conversation seem more interesting to automated Twitter analyzers. I didn't check, but I wouldn't be surprised if they tend to follow each other, too (since Twitter has heuristics limiting the number of people you follow based on the number of people following you).

Let's check another of these links at random. I chose



Again, created by ltdraper, and long link includes "id=133". Same sort of "conversations" on Twitter.

Yup, looks like a link farm.

So, who is "ltdraper"? A quick Google search turns up that he's a forty-something software developer / SEO expert who lives in North Carolina. He runs "Lt. Draper" & "Don Draper" are his noms de plume; they come from the TV show Mad Men.

Here are some highlights from the web search:




So there you have it. To implement this link farm, Lt. Draper has set up a bunch of Twitter accounts, and uses them to tweet and retweet links shortened and masked through He pushes a lot of random but plausible tweets through each account, to make each of them look more like a real account. The tweets are marked as coming from TweetDeck, although we don't know if they really are; that's easy to fake. And finally, presumably there is some payoff to him or his customers as folks on the net click on the links in the link farm.

Lt. Draper, if you're reading this, congratulations on having a pretty fancy link farm operation. I don't begrudge small business folks making an honest buck, and I understand that you feel you're within your rights and system guidelines to farm links the way you do. But I'd have to say you're gaming the system, causing little annoyances to thousands of people, and helping to decrease the signal-to-noise ratio on the net.

Twitter or, if you're reading this, let me know if you'd like some help with spam. I've been helping run Internet service providers for 15+ years, including security and anti-abuse operations, and I'm also a software developer and system administrator with extensive Internet protocols experience. I like untangling networks like Lt. Draper's and setting up automated filtering to make it harder or less lucrative.

-- Peter Kaminski 16:03, 7 October 2009 (PDT)

Personal tools