Ocean West Posted June 20, 2021 Posted June 20, 2021 So nearly half of the registrants in 2021 were from India/Pakistan ( 226 out of 433 ) In my research none of these have posted anything to the site. Of these 90% had filled in their profile fields and a bio. Typically most real users don't. Many of the bio's have tons of links. or random marketing from weddings, to rentals, industrial supplies, CBD, Tarrot Reading etc. None of them have visited the site after they joined. 205 of them use aol / gmail / yahoo / me / outlook / hotmail email addresses there rest used a custom domain (17 of which were variants of the same domain ) and the one with the custom domain aimstormsolutions.com turns out I have 40 registered members (all of which fall under same issue except they may not be in India or registered before 2021) they've all passed the captcha, questions, spam prevention, and spam defense. So what can be done to better purge these as they happen or increase the Spam Defense. If I go thru and ban all these will this signal to IPS and fortify the system for others? crmarks 1
Ocean West Posted July 2, 2021 Author Posted July 2, 2021 IPS can you shed light on this or provide some advice?
Ocean West Posted December 29, 2021 Author Posted December 29, 2021 every few days I get a new obvious spammer. they must have a sweatshop in India or have mastered automating creating accounts. SeNioR- 1
Solution opentype Posted December 29, 2021 Solution Posted December 29, 2021 On 6/20/2021 at 10:50 PM, Ocean West said: So what can be done … Not much if your site has an international audience. They are humans who have the sad job of creating these accounts manually. The obvious solution would be to not give them anything to fill in after registration (Website, About me links …). But that’s something IPS needs to implement. Discourse solved that through its Trust Level System. Invision Community needs this as well. A new Discourse user cannot: Quote Send personal messages to other users “Reply as new topic” via Link button (UI removed) Flag posts Post more than 1 image Post any attachments Post more than 2 hyperlinks in a post Have actual links in the ‘about me’ field of their profile (will be silently and temporarily converted to plain text) Mention more than 2 users in a post Post more than 3 topics Post more than 10 replies Edit their own posts after more than 24 hours A huge array of clever spam prevention measures which are slowly and automatically lifted over time when a user proves itself to be an actual member, not a spammer. Ocean West 1
Randy Calvert Posted December 29, 2021 Posted December 29, 2021 You could do something similar by using the group promotions feature. Make a “Newbie” group that has more limited permissions (such as no ability to post links, must be moderator approved, no PMs etc). Then use the group promotion feature to automatically upgrade them from Newbie to Member after X posts. I *think* you can also do it after X days but I’m at lunch right now and can’t look. Basically develop the conditions you want them to meet to be promoted from Newbie to Member.
Ocean West Posted December 29, 2021 Author Posted December 29, 2021 Thanks, I am already there all new users funnel into Curious group then on an approved post go to newbie then after 5 posts go to members. Most of the spammers seldom post only create what I fear are sleeper accounts for future use the only real way of knowing they are spammers is they actually fill in the blanks. I've blocked India both on the server and with cloud flair but they are still managing to create these accounts.
opentype Posted December 29, 2021 Posted December 29, 2021 14 minutes ago, Randy Calvert said: You could do something similar by using the group promotions feature. Biggest problem with that is that profile fields don’t have permissions, so the typical target of the spammers can’t be easily addressed this way. (Not to mention that adding new groups for minor feature changes is an unnecessary hassle. You change like 3 things for the group and gain several hundred settings for the group you have to manage from now on. I used to have those entry level groups but it wasn’t worth it in the end.) IveLeft... 1
Ocean West Posted December 29, 2021 Author Posted December 29, 2021 yea there needs to be some development on the core profile page in order to thwart some of this activity. I was going to add a custom field but let them go to town on it and never display it. I gave up as there is no easy way to migrate actual bio's or even convert editor to plain text and have that be dependent on group membership.
Marc Posted December 30, 2021 Posted December 30, 2021 Feel free to post that up in the suggestions section of the community if you wish to see something like that added. The reality is though, as much as you put in place, the busier your site gets the more you have to manage manually. As fast as you add measures to prevent spammers, they will create ways around it. And as mentioned by opentype above, these tend to be humans creating the accounts at time
IveLeft... Posted December 30, 2021 Posted December 30, 2021 We found a newbie group with 5 posts that then get auto upgraded to a member - the newbies are restricted on everything and normally the human spammers make 3,4,5 posts in quick succession or within a few hours - of rubbish posts to get promoted so they can post spam or links etc - members on the site always see this and click the report button - 3 reports and the Newbie (more than likely spammer) gets posts hidden and mod approval..... Works a treat and not a lot of work at all
Jim M Posted December 30, 2021 Posted December 30, 2021 1 hour ago, Muddy Boots said: We found a newbie group with 5 posts that then get auto upgraded to a member - the newbies are restricted on everything and normally the human spammers make 3,4,5 posts in quick succession or within a few hours - of rubbish posts to get promoted so they can post spam or links etc - members on the site always see this and click the report button - 3 reports and the Newbie (more than likely spammer) gets posts hidden and mod approval..... Works a treat and not a lot of work at all If this is frequent, might also be worth mod queuing till the user has approved posts. Just really depends how much you want to be seen by the users I guess. The auto-moderation rules is a powerful feature as you're using it 🙂 .
Sonya* Posted December 30, 2021 Posted December 30, 2021 On 6/20/2021 at 10:50 PM, Ocean West said: Of these 90% had filled in their profile fields and a bio. Typically most real users don't. What about removing view permission on member profiles for guests? In this case, the spammers would not have any reason to register.
opentype Posted December 30, 2021 Posted December 30, 2021 6 minutes ago, Sonya* said: What about removing view permission on member profiles for guests? In this case, the spammers would not have any reason to register. I have this for years on multiple communities. It doesn’t make a difference. Those spammers will just use every registration form they find. They aren’t evaluating their chances of placing links first.
Ocean West Posted December 30, 2021 Author Posted December 30, 2021 spammerx.mov sorry for the low quality of this but I had installed Fullstory and matched up a segment with a known spammer and was able to watch the signup process it is very much an operation some cut and paste. the video started on another similar account that that IP just created. SeNioR- 1
Jim M Posted December 30, 2021 Posted December 30, 2021 13 minutes ago, Ocean West said: spammerx.mov 23.1 MB · 0 downloads sorry for the low quality of this but I had installed Fullstory and matched up a segment with a known spammer and was able to watch the signup process it is very much an operation some cut and paste. the video started on another similar account that that IP just created. Most definitely someone being paid to go through this, unfortunately. Nothing more you can do but if you don't need those "About Me" or "Website URL" fields but to remove them. Creating the suggestion in our Feature Suggestions forum for better control over these fields would be the next step. I can certainly move this there if you would like?
SeNioR- Posted December 30, 2021 Posted December 30, 2021 My example. When I turned off the Stop Forum Spam plugin and turned on "Spam Defense" feature suddenly about 30 bots registered. Good thing I had e-mail address confirmation turned on... I can definitely say that "Spam Defense" doesn't work... Most bots sign up with no problem. Sonya* 1
Sonya* Posted December 30, 2021 Posted December 30, 2021 53 minutes ago, SeNioR- said: I can definitely say that "Spam Defense" doesn't work... Most bots sign up with no problem. Same here. Spam defense does not work or is just not enough. I use CleanTalk on all my projects. They catch spam bots, manual spam, contact form spam and even provide a spam firewall. SeNioR- 1
SeNioR- Posted December 30, 2021 Posted December 30, 2021 The CleanTalk service stops about 99% of bots, I can definitely recommend it, but it's a pity that they don't have a free plan 😞
Marc Posted January 4, 2022 Posted January 4, 2022 Spam defence is certainly stopping a lot. We see that on our own stats. As mentioned, if you have ways in which you would like to see these improved, please feel free to post them within our suggestions forum.
SeNioR- Posted January 4, 2022 Posted January 4, 2022 (edited) 3 hours ago, Marc Stridgen said: stopping a lot. Maybe, but it's still not enough to stop bots from registering. CleanTalk Database or Stop Forum Spam are simply bigger and more effective than yours. Stop Spam Forum is free and has an API, I have a plugin and it does a really good job. You may consider to add SFS to the standard as an optional setting. phpBB3 and MyBB have this feature build-in. Edited January 4, 2022 by SeNioR-
Marc Posted January 4, 2022 Posted January 4, 2022 As mentioned, it would need to be posted as a suggestion of things you wish to see added
SeNioR- Posted January 4, 2022 Posted January 4, 2022 (edited) this is how spam defense works... checking the first IP address immediately appeared in the CleanTalk database, Stop Forum Spam and AbuseIPDB Edited January 4, 2022 by SeNioR-
IveLeft... Posted January 4, 2022 Posted January 4, 2022 (edited) On 12/30/2021 at 6:49 PM, Jim M said: If this is frequent, might also be worth mod queuing till the user has approved posts. Just really depends how much you want to be seen by the users I guess. The auto-moderation rules is a powerful feature as you're using it 🙂 . Mod Queueing is a ball ache - as just adds to work, if its automated then its a dream We also have plenty of block lists in our CSF firewall including stopforumspam which helps a lot - along with various other blocklists including http://www.blocklist.de/en/export.html I would also say that having in ACP the ability to limit groups for things like about me etc would be beneficial to stop more spammers Edited January 4, 2022 by Muddy Boots
Marc Posted January 5, 2022 Posted January 5, 2022 While there are some great ideas here, as I mentioned, unless you post these in the suggestions forum they are unlikely to be added. The topic here was related to how to set up the existing spam service, which was answered above.
Recommended Posts