Hacker News new | past | comments | ask | show | jobs | submit login

I work at a digital marketing agency and recently had to deal with this. (I also wrote two blog posts on it, currently unpublished). I have access to ~50 properties in google analytics from work and personal accounts. About 35 of them were affected. I couldn't discern a pattern on size or type of website. Very interesting how widespread this was, but very very easy to filter out. It takes 2 seconds to filter this type of spam from appearing.

A side note though, the author is incorrect on point #3 of how he expects future spam to behave. This spam is not sent with bots clicking on links acting like user. Spammers use the measurement protocol [1] to post data to randomly-ish generated universal analytics ids. So they take that referral/utm data and continuously post it to random UA-IDs until they are successful, then hit that ID much harder.

Previously you could get around this by making your first property (GA structure is a tree, account > property > view, where you can have multiple properties and views) a shell. You'd never use the first property and only the second or third because then your UA-ID goes from 5575393 to 5575393-2. That "-2" previously wasn't attacked.

[1] https://developers.google.com/analytics/devguides/collection...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact