After noticing suspicious review activity for the AccessiBe plugin, accessibility consultant Joe Dolson reported the fake reviews to WordPress.org’s plugin team. The reviews were removed in under 48 hours, thanks to Dolson’s detailed research.
At the time of reporting, Dolson found 31 five-star reviews, 2 four-star reviews, and 2 one-star reviews. After putting these into a spreadsheet, he found certain correlations among the first 11 five-star reviews:
- “All eleven user accounts I viewed had a common pattern of registration and use: between zero and 3 support topics raised and 4-7 reviews over the last 18 months.
- “Every one of these eleven accounts had at least one point of overlap with another user in that group. That is, for each plug-in or theme interacted with by one of the accounts, at least one of the other accounts also interacted with that plug-in or theme.
- “Multiple accounts had submitted one-star reviews on another plug-in, and in a quick assessment of other one-star reviews on that plug-in, I quickly found another account that had also submitted a five-star review on AccessiBe.
Approximately 33 reviews were removed from the AccessiBe plugin’s page after the report. Plugin team member Mika Epstein said that the team “passes the reports to a volunteer who is amazing at hunting down VPNs and IPs for that.” She also recognized Dolson’s legwork and reporting as being instrumental in this particular case.
Dolson allowed me to view his spreadsheet, where he logged URLs for each suspected fake review, along with dates and reviews left on other plugins. These were not saved to the Internet Archive, but Dolson said they were all “pretty generic,” and that each one was a one-sentence review. The user profiles still appear to be there but do not have any activity listed.
“As a WordPress plugin author myself, I find the investment in falsifying positive reviews irritating,” Dolson said. “What some of us work for, they are simply buying – the appearance of a good product without the labor of winning customer opinion.
“I found the evidence of a hatchet job conducted systematically against another plugin chilling, however.”
The AccessiBe plugin is active on approximately 3,000 sites. Accessibility advocates have long held a certain amount of animosity towards the way its creators market the plugin as a quick fix solution, claiming it helps “mitigate the risk of lawsuits.” AccessiBe also has a well-documented history of paying for positive press. Dolson and others deeply involved in WordPress accessibility keep tabs on the plugin, which is how he came across the suspicious activity.
Soliciting paid or fake reviews is not a new infraction, and it has been explicitly forbidden in the directory’s guidelines for years. This falls under guideline #9: Developers and their plugins must not do anything illegal, dishonest, or morally offensive, which includes “Creating accounts to generate fake reviews or support tickets (i.e. sockpuppeting).”
Fake and paid reviews are a blight on any marketplace, and pop up now and then on the theme and plugin directories due to the power of WordPress.org as a distributions channel for freemium products. It makes it more difficult for the consumer to get an accurate understanding of the quality of the the product, but it’s not always easy to identify who commissioned the fake reviews.
Any user can help ensure the plugin directory has fair and honest reviews by flagging those that look suspicious. In the sidebar of individual review posts, logged-in users can flag a post for consideration. WordPress.org doesn’t often announce when it takes action to remove reviews but should confirm having received the report. In a rare case like this, Dolson’s writeup gives the wider community a glimpse into what it takes to track down fake reviews and get them cleaned up.
10 responses to “WordPress.org Removes Fake Reviews for AccessiBe Plugin”
Good sleuthing! I occasionally see fishy plugin reviews. When I see a slew of 5-star reviews with consistently poor spelling and no details, just fawning praise, you have to wonder. This is especially questionable when the few reviews with details are scathing.
Not everyone has English as their first language/mother tongue.
I have to agree with Miroslave, not everyone has English as their first language. So now we are supposed to get rid of reviews because they do not use proper grammar? Better get rid of all of mine then too.
Yes, fake reviews can be an issue. So when I looked, Dolson is a vendor of ADA compliance plugins so is he really impartial? Not making him a bad guy or anything, just that he sells a competing service.
I think the proof is in the pudding though. As far as our clients are concerned Fake Bad reviews concern me more. This is why I read this article. They can tank innocent players and it seems like everyone is a whiner these days and they complain about everything. 🙂
The 1-star reviews look fake to me. No text, just single stars, and none of them have pictures. None of them say why it is bad, or what issues they had with the plugin.
Go look and see. It just seems fishy to me.
OK, Guys,
You’ve convinced me. I looked into deleting my comment, but I see that the WordPress mothership doesn’t allow deleting comments(!), so please consider this to be my apology and retraction.
Best, Dave
PS: I won’t be commenting here anymore, now that I know that a mistake can’t be corrected.
I use this on a client’s website. Just happen to know about the fake reviews. I have a question though. What are the reviews about? The plugin or the product? AFAIK the reviews are for the functionalities of a Plugin. In my opinion the plugin works well. Even though it just ads javascript on the frontend — it is supposed to do that only.
Productwise accessiBe is costly but as a plugin it deserved 5 stars — that’s why I rated it with 5.
Coming to the 1 star reviews that are already there. I don’t think the reviewers have used the tool at all.
One review from @sailorgoodway on WP.org is this:
“Huh, one line of Javascript gives you website accessibility. I am afraid not, there is no quick fix for accessibility. It takes a lot of effort and that effort has to be ongoing.”
I am unable to decide if this review is real. It is true that it takes a lot of effort to be fully ADA compliant but this review has nothing to do with the plugin or the product.
Only one of the three current 1 star reviews is not motivated by any marketing approach.
This is Talia from accessiBe: our mission is to make the web accessible by 2025. WordPress powers 40% of the web, so making WordPress sites accessible is important for making our mission a reality.
As for now, there are hundreds of thousands of websites that use accessiBe. A major portion are WordPress sites that strongly believe in & trust our solution, use it on a daily basis, and with that help millions of people with disabilities access the web effectively.
I appreciate that this has been brought to our attention and I personally know that there are reviews that have been removed that came from real and satisfied customers who use our solution to make their WordPress sites accessible. That being said, we take this seriously, and respect and appreciate the work the plugin team is doing and have reached out for private clarification.
The number of WordPress sites is growing rapidly and those sites MUST be accessible. Solutions like accessiBe and our plugin can make sure this happens, and this is where we’re going to continue to focus our energies.
I wonder…do sock puppets just randomly leave positive reviews for plugins out of nowhere? Of course you are aware of it, you pay them to do it. Same as you do for all the other astroturfing Accesibe does (below).
https://news.ycombinator.com/item?id=24782999
I used Accessibe on a client’s website, after he was sued by a CA lawyer. We both became aware of the ADA compliance laws due to the lawsuit.
In truth, the nature this client’s business precludes 99.99% of sight-impaired persons to ever be interested in what his store sells, and he had never seen a single sight-impaired person cross the threshold of his store in 20 years of business. That lawsuit was jarring, especially in CA where the federal requirements are doubled up with a CA reg that increases the damages plaintiffs can claim.
But we got acquainted with the law, and understood that even if a sight-impaired person is not likely to be ever interested in what you sell, we have a moral duty to make what we offer accessible to her/him.
AccessiBe offers a great solution to improve the ADA compliance of a site, sufficiently so that shyster lawyers leave you alone, and sight-impaired persons can access the data. For the cost of the plugin, there is no way you could get your site compliant to that level. We tried… And we quickly abandoned that ship.
In terms of score penalty in Page Speed Insights, the plugin can be installed in the footer of the site, so the penalty is not really relevant. If your site performs at a high level everywhere else, the .js file won’t cause such a slowdown that your PSI score changes noticeably or that your UX is affected. Not even remotely close.
Now, I don’t know why AccessiBe would take the step to have people write fake reviews. It is an ill-advised decision: it would be simpler to ask users on a regular basis to review and rate the plugin. If the number of users is as high as Talia states it in her reply to this thread, that should be enough firepower to push this plugin in the stratosphere of ADA compliance.
As a plugin developer, this kind of stuff scares the hell out of me. The evidence presented is so skimpy and vague, yet the response from WordPress.org so severe. I honestly have never obtained any fake reviews on my plugins, but many of the 5-star reviews I have would meet the same “correlations” mentioned here. Does that mean the WordPress team could swoop down and remove all my reviews at any time? (I fear that it does.)
I rely primarily on my income from WordPress plugins to make a living. The WordPress.org people do not seem to understand how they are directly impacting peoples lives with such draconian measures in the Plugins repository. (Because let’s face it, it’s nearly impossible to make a living from WP Plugins except via the freemium model, which means you must have a plugin on WordPress.org, or you’re out of business.)
I understand and support the need for fairness and enforcement of rules, but in the case of WordPress.org nothing is transparent. They act with a heavy hand, and we’re told to just accept it. It all seems 100% wanton and arbitrary. (And I say this not just based on this one incident, but also on past incidents I could cite as well.)
How do they know these reviews were fake based on such skimpy evidence? They should tell us. The only clue given was a reference to someone checking IP addresses for VPN usage. The problem with that is lots of people use VPNs for legitimate reasons. I myself use a VPN for privacy. That’s not evidence of mal-intent. What else is their basis, then, for basically destroying a plugin’s reputation? And what were the motivations of the person reporting this, who just coincidentally happens to be a competing plugin developer? The whole thing smells fishy to me.
Again, if the reviews really were fraudulent, they should be punished. No question. I just can’t have any faith in the process without a more clear explanation. As it is, there seems to be nothing stopping rival developers from doing the exact same thing to me.
WordPress have done the right thing in taking these fake reviews down, and Dave, you don’t have to apologise for what you said. Dolson didn’t base his concerns on the spelling, he used more revealing factors to work out how genuine the reviews were.
Overlays that claim to give you ADA compliance at the touch of a button are a scam, so it is not surprising that some might resort to scam reviews to bolster sales. Unfortunately, when people don’t understand something because it is too technical, they are only too willing to believe it when someone comes along saying “I will put it right for you, dead cheap!” People don’t ask for proof. Let the buyer beware.
You might think I am biased against overlays because I am in the accessibility industry, selling accessibility audit services all the time. But it is easy to work out the truth about overlays.
One of the best known, and more important, aims of an accessible website is to ensure blind people are given an “alt text” description of what shows in each image. An overlay can tell you when there is no alt text, but it cannot tell you if the words in an alt text correctly tell you what information an image shows, which is the important thing. If the image is of a horse, but the alt text says it’s a cow, there is no way an overlay can pick that up. It will be many years before image recognition gets to the level of providing detailed descriptions of image content sufficient to inform blind people.
Again, if a link or button on the website excludes keyboard users and blind people because it has been marked up as div or span elements (a very common defect), overlay tools can’t tell you that either.
However, a word of warning here. All the accessibility overlay makers have one thing in common – they require the website using them to display an accessibility icon on their home page.
Those attorneys in the US, who target websites that don’t comply with the law, have recently cottoned on to the fact that the icons are a very public admission that the website owner has NOT made any effort to make their website comply with the law, or accessible to disabled people. They are beginning to zero in on those websites, do a few quick tests of their own to confirm the lack of accessibility, and sue them. Displaying one of those icons is like waving a red flag to a bull. It says “Come and sue me!”