WordPress is the most popular Content Management System (CMS) used to create websites today. Originally a pure blogging platform, today it is used as much for regular website design as for blogging as it handles "pages" and "posts" with equal ease.

Many websites ignore its blogging capabilities entirely and design their pages as display-only content. Other sites use its article posting capability but do not display a form to allow user to comment. However, in either case, the blogging capabilities of WordPress remain enabled, including the ability to post comments, irrespective of whether the site displays the comments or displays a form allowing their submission. Also, it is sometimes possible to view comments on a WordPress site even though the them is not designed to allow that.

About Comment Spam

There is a growing trend for spammers to use automated means to post content to websites. This is done for various reasons including "Black Hat" SEO, phishing, selling illegal pharma products, luring visitors to malicious websites etc. At the same time, the spammers may use other means to drive traffic to the pages containing these comments. This is collectively known as comment spam.

The usual symptoms of comment spam are:

1) On posts that display comments, a large number of irrelevant or unexpected comments, usually with external links.

2) On posts that do not display comments, significantly increased page loading times (often minutes).

3) Sudden unexplained increases in logged visits to the site

4) Sudden unexplained increase in website bandwidth usage, unexpected overage charges etc.

5) Emails (or bounce emails) from your site referring to comments for moderation

Preventing Comment Spam

There are a number of measures for preventing comment spam on a WordPress site.

If you do not want to allow comments at all:

Simply install the "Disable Comments" plugin - once this is activated, comment posting is disabled.

https://wordpress.org/plugins/disable-comments/

If you need to allow comments:

1) If you are running a community based site, consider allowing comments only by logged in users. Ensure that user signup is moderated, not automated, otherwise the spammers will simply create users before commenting.

2) If you need open commenting, then ensure you use a "Captcha" plugin such as "Recaptcha" to ensure that only real people can comment. Also, use a (often free) service like "Akismet" (plugin is present in WordPress by default) to filter comments and prevent spam.

https://wordpress.org/plugins/si-captcha-for-wordpress/

https://wordpress.org/plugins/akismet/

Cleaning up Comment Spam

If you have already had a problem with comment spam, the above measures should be applied to prevent further unwanted comments. However you may still have thousands of comments in your database, and traffic may still be driven to your site to view these, your your site may still be sluggish and using unwanted bandwidth leading to overage charges. Use the "WP Clean Up" plugin to quickly remove such comments from your database.

https://wordpress.org/plugins/wp-clean-up/screenshots/