Spam in IPS4 sites

[Kirill N]

So someone has just posted a spam topic on my site:

Obviously it's no big deal and got taken care of within seconds, but the problem is, this looks like an automated post and I have multiple security measures for registrations, including a Q&A challenge which can only be answered by people genuinely interested in my forum without research. Now you may say that a real person promoting their site could do that, but this has never happened in 3 years of running IPS 3.x, and the first time it did was days after I upgraded to IPS 4. Plus, I noticed similar spam topics ere on the community forums as well. Could be a coincidence, but maybe there's some sort of security breach in IPS4? Thoughts?

[AndyF]

What method of Capcha are you using ?

Do you allow guest posting ?

[Kirill N]

What method of Capcha are you using ?

Do you allow guest posting ?

​reCAPTCHA 1 (hmm I actually should change it to that cool Google thing). But as I mentioned, I also have a Q&A challenge.

No

[AndyF]

I'd suggest trying ReCapcha2 or KeyCapcha (my preferred one at the moment)

Do you have a few questions for the QA challenge ?

Is the Spam Service enabled ? Might want to quickly check its settings too if its enabled.

[Kirill N]

[Jυra]

KeyCapcha.

[Rhett]

I think you are stretching it just a tad too far to say this is may be security breach, with the question and answer validation you have in place and the question you are using, this is going to be a human registration that was then passed off to a bot system to post.