Kyle Gaw

If you’re an avid Google Analytics user, you might have noticed something funky going on with your referrals lately. A number of users have found a new referral source providing traffic to their website that appears to be a big fan of the United States’ new president-elect.

As reported by TheNextWeb, a Russian hacker has been creeping into the referral sources section of Analytics dashboards. The source is appearing as “Secret.ɢ You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!” Upon further investigation, the author of TheNextWeb article goes on to describe how the hacker is using Google’s measurement protocol to direct curious website administrators to a… unique search engine?

One dead giveaway of the inauthenticity of the “secret” google website is the case in which the letter “G” is presented in the referral list. Google’s actual URL structure uses all lowercase letterings and redirects uppercase to the lowercase format. This hacker has used a unicode character set that is known as “small capitals.”

GA users that find themselves in a similar predicament in the future can see if they’ve been targeted by checking for this identifier to determine if suspicious referrals need further investigation.

This isn’t the first instance of spam traffic making its way into referral sources and it won’t be the last. We have been excluding spam referral traffic for our clients for years to make sure we get a clean read on website performance. If you’re looking for advice on how to eliminate spam from appearing in your referral sources and skewing your GA data, here is a step by step guide from one of our account managers to guide you.