Suggestions for the site owner or webmaster.
If the access log file is accessible (most are, if unknown ask the hosting server) many hosts have a web analysis program available online or one can purchase a standalone program.
With either the online version or standalone program, analyze the log file to determine the IP numbers causing the problem (ie, they typically will have a fake referer named something like lovepillsforever.com which may or may not be a valid site, example more-viagra-4u.com, or similar referers that may be valid sites or not.)
The analysis programs should show the high-hit IP numbers, bandwidth usage, etc.
Without such online or standalone analysis program you could just view the log file with Wordpad and visually scan the log file "viewing the GET filename and referer field".... with a "stats" program you still may have to view the log with Wordpad.
Once you have a list of the bad IP's, use one of the online IP whois tools to see if it is a company, or an ISP, and where it is located. Then you make the decision of whether to block the individual IP number (if a dialup it may not be effective) or to block a small portion of that IP range, or you could decide to block that entire provider or company.
Blocking is best accomplished by using the .htaccess control file and a person would simply list the bad ip's as deny from 132.45. or as deny 123.45.67. or as deny from 188.8.131.52 or by cidr group. After a while (month or so) the owner or webmaster could unblock a group simply with the # comment character and if the trouble came back, then restore the block.
Note that this suggesting may or may not be a cure for all, but for my own domain and those I manage I found it the best way to go. Recently for a friend who I have been helping, he found that his bandwidth went out the window one day. My research found that his forum sites (using PHP) were being hit by log-file-spammers.... most bad IP's were requesting his stats file in the hope that his file was being listed on SE's and that their hits would add their entries to his file(s). Wrong! His file was not available to the web so their efforts were not effective to their benefit. I simply blocked many bad IP's and I also made the stats file accessible only if it was his site that asked for it.
My best recommendation, though, is to start with at least viewing the log file to determine if there is a common file being asked for, and (2) if there are common IP's (or IP's within a group or from a certain area). Depending on the problem, the provider of the IP service or the Upstream provider of service may be able to terminate the offenders.
Hope these suggestions have been helpful.