Jump to content

Spam Defense tuning?


Ocean West
 Share

Go to solution Solved by opentype,

Recommended Posts

  • So nearly half of the registrants in 2021 were from India/Pakistan ( 226 out of 433 )
  • In my research none of these have posted anything to the site.
  • Of these 90% had filled in their profile fields and a bio. Typically most real users don't.
  • Many of the bio's have tons of links. or random marketing from weddings, to rentals, industrial supplies, CBD, Tarrot Reading etc.
  • None of them have visited the site after they joined.
  • 205 of them use aol / gmail / yahoo / me / outlook / hotmail email addresses
  • there rest used a custom domain (17 of which were variants of the same domain )
  • and the one with the custom domain aimstormsolutions.com turns out I have 40 registered members (all of which fall under same issue except they may not be in India or registered before 2021)
  • they've all passed the captcha, questions, spam prevention, and spam defense.

So what can be done to better purge these as they happen or increase the Spam Defense. If I go thru and ban all these will this signal to IPS and fortify the system for others?

Link to comment
Share on other sites

  • 2 weeks later...
  • 5 months later...
  • Solution
On 6/20/2021 at 10:50 PM, Ocean West said:

So what can be done …

Not much if your site has an international audience. They are humans who have the sad job of creating these accounts manually. 

The obvious solution would be to not give them anything to fill in after registration (Website, About me links …). But that’s something IPS needs to implement. Discourse solved that through its Trust Level System. Invision Community needs this as well. A new Discourse user cannot:

Quote
  • Send personal messages to other users
  • “Reply as new topic” via Link button (UI removed)
  • Flag posts
  • Post more than 1 image
  • Post any attachments
  • Post more than 2 hyperlinks in a post
  • Have actual links in the ‘about me’ field of their profile (will be silently and temporarily converted to plain text)
  • Mention more than 2 users in a post
  • Post more than 3 topics
  • Post more than 10 replies
  • Edit their own posts after more than 24 hours

A huge array of clever spam prevention measures which are slowly and automatically lifted over time when a user proves itself to be an actual member, not a spammer. 

Link to comment
Share on other sites

You could do something similar by using the group promotions feature. Make a “Newbie” group that has more limited permissions (such as no ability to post links, must be moderator approved, no PMs etc). Then use the group promotion feature to automatically upgrade them from Newbie to Member after X posts. I *think* you can also do it after X days but I’m at lunch right now and can’t look.   Basically develop the conditions you want them to meet to be promoted from Newbie to Member. 

Link to comment
Share on other sites

Thanks, I am already there all new users funnel into Curious group then on an approved post go to newbie then after 5 posts go to members.

Most of the spammers seldom post only create what I fear are sleeper accounts for future use the only real way of knowing they are spammers is they actually fill in the blanks. 

I've blocked India both on the server and with cloud flair but they are still managing to create these accounts. 

Link to comment
Share on other sites

14 minutes ago, Randy Calvert said:

You could do something similar by using the group promotions feature. 

Biggest problem with that is that profile fields don’t have permissions, so the typical target of the spammers can’t be easily addressed this way. 
(Not to mention that adding new groups for minor feature changes is an unnecessary hassle. You change like 3 things for the group and gain several hundred settings for the group you have to manage from now on. I used to have those entry level groups but it wasn’t worth it in the end.)

Link to comment
Share on other sites

yea there needs to be some development on the core profile page in order to thwart some of this activity.

I was going to add a custom field but let them go to town on it and never display it.  I gave up as there is no easy way to migrate actual bio's or even convert  editor to plain text and have that be dependent on group membership. 

Link to comment
Share on other sites

Feel free to post that up in the suggestions section of the community if you wish to see something like that added. The reality is though, as much as you put in place, the busier your site gets the more you have to manage manually. As fast as you add measures to prevent spammers, they will create ways around it. And as mentioned by opentype above, these tend to be humans creating the accounts at time

Link to comment
Share on other sites

We found a newbie group with 5 posts that then get auto upgraded to a member - the newbies are restricted on everything and normally the human spammers make 3,4,5 posts in quick succession or within a few hours - of rubbish posts to get promoted so they can post spam or links etc - members on the site always see this and click the report button - 3 reports and the Newbie (more than likely spammer) gets posts hidden and mod approval.....

Works a treat and not a lot of work at all

Link to comment
Share on other sites

1 hour ago, Muddy Boots said:

We found a newbie group with 5 posts that then get auto upgraded to a member - the newbies are restricted on everything and normally the human spammers make 3,4,5 posts in quick succession or within a few hours - of rubbish posts to get promoted so they can post spam or links etc - members on the site always see this and click the report button - 3 reports and the Newbie (more than likely spammer) gets posts hidden and mod approval.....

Works a treat and not a lot of work at all

If this is frequent, might also be worth mod queuing till the user has approved posts. Just really depends how much you want to be seen by the users I guess. The auto-moderation rules is a powerful feature as you're using it 🙂 .

Link to comment
Share on other sites

On 6/20/2021 at 10:50 PM, Ocean West said:

Of these 90% had filled in their profile fields and a bio. Typically most real users don't.

What about removing view permission on member profiles for guests? In this case, the spammers would not have any reason to register.

Link to comment
Share on other sites

6 minutes ago, Sonya* said:

What about removing view permission on member profiles for guests? In this case, the spammers would not have any reason to register.

I have this for years on multiple communities. It doesn’t make a difference. Those spammers will just use every registration form they find. They aren’t evaluating their chances of placing links first. 

Link to comment
Share on other sites

13 minutes ago, Ocean West said:

 

spammerx.mov 23.1 MB · 0 downloads sorry for the low quality of this but I had installed Fullstory and matched up a segment with a known spammer and was able to watch the signup process it is very much an operation some cut and paste. the video started on another similar account that that IP just created. 

Most definitely someone being paid to go through this, unfortunately. Nothing more you can do but if you don't need those "About Me" or "Website URL" fields but to remove them. Creating the suggestion in our Feature Suggestions forum for better control over these fields would be the next step. I can certainly move this there if you would like?

Link to comment
Share on other sites

3 hours ago, Marc Stridgen said:

stopping a lot.

Maybe, but it's still not enough to stop bots from registering. CleanTalk Database or Stop Forum Spam are simply bigger and more effective than yours. Stop Spam Forum is free and has an API, I have a plugin and it does a really good job. You may consider to add SFS to the standard as an optional setting. phpBB3 and MyBB have this feature build-in.

Edited by SeNioR-
Link to comment
Share on other sites

On 12/30/2021 at 6:49 PM, Jim M said:

If this is frequent, might also be worth mod queuing till the user has approved posts. Just really depends how much you want to be seen by the users I guess. The auto-moderation rules is a powerful feature as you're using it 🙂 .

Mod Queueing is a ball ache - as just adds to work, if its automated then its a dream

We also have plenty of block lists in our CSF firewall including stopforumspam which helps a lot - along with various other blocklists including 

http://www.blocklist.de/en/export.html

I would also say that having in ACP the ability to limit groups for things like about me etc would be beneficial to stop more spammers 

Edited by Muddy Boots
Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...