Deleting A Lot of Spammer Users

[Ndugu]

Our boards have been overrun by Spammers. There's so much spam, I can't find all the users to flag them. How can I find the most recent registrations and flag them as spammers along with all their posts?

[TracyIsland]

I have 207 spam pending registrations to delete.  These happened in the last two days. It's unbelievable. 

[Nathan Explosion]

Just do a search using the sdvanced search...use whatever criteria you want. Click the 'spammers' link. Click the 'prune members found' link...

[Marc]

12 hours ago, Nathan Explosion said:

Just do a search using the sdvanced search...use whatever criteria you want. Click the 'spammers' link. Click the 'prune members found' link...

This would not delete the content. Only the members. Unless Im misunderstanding what you were doing there

13 hours ago, Ndugu said:

Our boards have been overrun by Spammers. There's so much spam, I can't find all the users to flag them. How can I find the most recent registrations and flag them as spammers along with all their posts?

You would need to do the above using advanced search, however you then need to click through each to mark them as spammers. There is no other method of doing this unfortunately.

[Teddy Rogers]

@Marc when a member changes their email address is it checked against any spam and disposable mailbox's, similar to a new account registration?

I see it happening where an account will be created using an email address, I assume, in an attempt to successfully register. Once the account is registered the email address is then changed to a spam/ disposable mail account...

Ted.

[Randy Calvert]

45 minutes ago, Teddy Rogers said:

@Marc when a member changes their email address is it checked against any spam and disposable mailbox's, similar to a new account registration?

I see it happening where an account will be created using an email address, I assume, in an attempt to successfully register. Once the account is registered the email address is then changed to a spam/ disposable mail account...

Ted.

No, it does not. But what is the value in doing this?  If they’re already past the screening as a spammer, what value is gained by changing to a disposable address to spam when they already have access?

[Teddy Rogers]

6 hours ago, Randy Calvert said:

But what is the value in doing this?

Flag/ block as spammer and/ or notify Moderator/ Administrator. Prevent the member from using the new email address.

There was once a plugin/ application that checked emails and when changed did one or more of the above...

Ted.

[Randy Calvert]

2 hours ago, Teddy Rogers said:

Flag/ block as spammer and/ or notify Moderator/ Administrator. Prevent the member from using the new email address.

There was once a plugin/ application that checked emails and when changed did one or more of the above...

Ted.

But again... if they used a legit address, they're already approved and can post.  Why would they change their address if they're legitimately a spammer to something else?  That's extra work that does not accomplish their goal.  Either way, the functionality does not exist in the core software.  If you would like it to be considered, your best bet would be to make the suggestion in the feedback forum so that it does not get lost in a sea of support requests.  

[Marc]

The software would not check that to see if they are a spammer on changing email. If they are already a member, it would be assumed that user is not a spammer

[Eric Mattson1]

@Ndugu I run a popular social media site and I've built a fairly comprehensive database of both URLs and individual emails from scammers + disposable email sites over the years. I could potentially "productize" the list via a subscription so you get access to a continually updated version and you could install the URLs in your Invision Ban Settings (unfortunately I don't think there is a way to import it at the moment so it would take a few hours by hand).  Would that be of interest? I'm not sure it would completely solve your problem but it might significantly reduce it. 

@Marc I hope this is ok. I'm not sure what the policy on semi self-promotional posts like this is. Also, any chance of an import functionality into the ban settings? Is that something you could custom build for me? 

[Marc]

You would need to post up within our feedback area, if you would like to see something like that appear in a future release.

[Teddy Rogers]

On 8/18/2024 at 11:18 PM, Randy Calvert said:

But again... if they used a legit address, they're already approved and can post.  Why would they change their address if they're legitimately a spammer to something else?

I don't know why they do this, I can only describe what I have seen from past experience. My assumption; bypass sign up checks with a working email, change email with a disposable/ sacrificial address then post spam across the site. The account with disposable/ sacrificial email address are banned (and maybe sends a report to IPS Spam Defence?) as being a spammer...

Ted.

[Ndugu]

We had to close our boards to new registrations. These spammers are ruthless and efficient. I just can't keep up. If anyone has ideas on how to stop them, please let me know.

[Marc]

10 hours ago, Ndugu said:

We had to close our boards to new registrations. These spammers are ruthless and efficient. I just can't keep up. If anyone has ideas on how to stop them, please let me know.

Just taking a look at your settings there, you should switch to hcaptcha which is more effective in combatting spam. You can even adjust this to higher levels once signed up. Also you appear to have no question and answers set up.

[Pescao6]

I recommend getting a CDN & WAF. You can set your CDN to under attack mode.
Note: Both CDNs & WAFs can and probably will break a few features until you configure them properly.

Switching to Cloud is always an option:

Website security has gotten better; but it's still a joke.  

On 8/22/2024 at 6:35 AM, Teddy Rogers said:

I don't know why they do this

Just for fun. The OP's website has no security so it's an easy target and sometimes bored people get an itch in their butt. Normal. 

[Pescao6]

On 7/6/2022 at 6:57 AM, Charles said:

You do not need any third party protection on our platform.

Hey @Charles do you still think we don't need any third party protection? 

On 8/30/2024 at 12:21 AM, Marc said:

Just taking a look at your settings there, you should switch to hcaptcha which is more effective in combatting spam. You can even adjust this to higher levels once signed up. Also you appear to have no question and answers set up.

Captchas only annoy real people. They're needed to block bots, but they're highly ineffective at combatting spammers. Making the registration process more difficult than it needs to be is as useful as blocking registrations. I use Invisible reCAPTCHA and a CDN which does whatever it does to detect and block suspicious website visitors.

I've seen several methods of implementing new members registrations. Some old really large communities used to require new members to post on a forum and would hide the posts until they could be validated real people. I prefer to require email validation because creating an email takes time and removes the administrative work of manually validating accounts. You can also setup layers of security like using groups forcing new members to post an introduction or at the very least a 1st post before they can post on other forums. And then use other groups for automatically promoting members to a higher access group. Requiring people to have 5-10 posts before unlocking the ability to post in new sections doesn't remove the problem, but can help mitigate where it occurs.

On 8/20/2024 at 8:05 AM, Eric Mattson1 said:

I run a popular social media site and I've built a fairly comprehensive database of both URLs and individual emails from scammers + disposable email sites over the years. I could potentially "productize" the list via a subscription so you get access to a continually updated version and you could install the URLs in your Invision Ban Settings (unfortunately I don't think there is a way to import it at the moment so it would take a few hours by hand).  Would that be of interest? I'm not sure it would completely solve your problem but it might significantly reduce it. 

They did something similar to this for RuneScape Communities Discord Servers with a bot called Friendlybot. Main purpose is to auto-ban raiders across large communities. I don't use it because my community doesn't support blacklists. This stuff is as effective as blocking IP addresses from countries like China. It can help, but it doesn't solve the problem. And I've seen people getting banned from blacklists without concrete evidence because mentioned blacklist got its sources from third parties.

Third party monitoring tools can only go so far. We need new core features that can block raiders, monitor new content on places like forums and private messages, and block or cooldown suspicious activity using auto-moderation. This stuff is only going to get worse as new AI has shown it can bypass old Anti-Spam security features.

[Marc]

22 hours ago, Pescao6 said:

Hey @Charles do you still think we don't need any third party protection? 

I feel quoting a topic relating to DDOS protection, in a topic relating to spam protection, is quite disingenuous. The comment made by Charles was a direct response to cloud accounts having WAF protection automatically. This is still the case, and will always be the case, and is not related to spam protection entirely. 

22 hours ago, Pescao6 said:

Captchas only annoy real people. They're needed to block bots, but they're highly ineffective at combatting spammers. Making the registration process more difficult than it needs to be is as useful as blocking registrations. I use Invisible reCAPTCHA and a CDN which does whatever it does to detect and block suspicious website visitors.

And as I said previously, hCaptcha has been proven to be more effective. Whether or not you choose to use that, is of course entirely your choice. I understand that you may find that users do not like captchas on your site, but they also may not like to validate their email and just click through. If you remove that, it will also add to the issue. Its a question of balance. If you wish to check if someone is a real user, you have to have methods in place to do so. Captchas are one of those methods.

 

22 hours ago, Pescao6 said:

Third party monitoring tools can only go so far. We need new core features that can block raiders, monitor new content on places like forums and private messages, and block or cooldown suspicious activity using auto-moderation. This stuff is only going to get worse as new AI has shown it can bypass old Anti-Spam security features.

Feel free to add specific suggestions to our feedback area for items you wish to see added to the platform. These items for example, were added as a direct result of feedback from a number of channels

https://invisioncommunity.com/news/invision-community/new-spam-prevention-features-r1284/

 

[Ndugu]

On 8/30/2024 at 3:21 AM, Marc said:

Just taking a look at your settings there, you should switch to hcaptcha which is more effective in combatting spam. You can even adjust this to higher levels once signed up. Also you appear to have no question and answers set up.

OK, we enabled the question and answer function. We'll see if that helps.

[Marc]

5 hours ago, Ndugu said:

OK, we enabled the question and answer function. We'll see if that helps.

Consider switching to hCaptcha too, as mentioned

[Pescao6]

On 9/2/2024 at 1:46 AM, Marc said:

I feel quoting a topic relating to DDOS protection, in a topic relating to spam protection, is quite disingenuous. The comment made by Charles was a direct response to cloud accounts having WAF protection automatically. This is still the case, and will always be the case, and is not related to spam protection entirely.

Using CDN & WAF can help reduce spam by blocking suspicious traffic before it gets to the website. For example, Cloudflare CDN & WAF are free since March 15, 2022 and include an invisible CAPTCHA alternative called Cloudflare Turnstile. You could use it as a second layer of CAPTCHA that won't annoy real people if you want. 

I like to look at website security from a holistic approach. Spam isn't the only security concern when managing a website. The idea of using Invision Community Classic without a CDN and without a WAF is like saying you're secure enough using Windows Defender on a Windows 10/11 PC and you don't really need an antivirus: 60% of people will believe you; the other 40% know better. 

8 minutes ago, Marc said:

Consider switching to hCaptcha too, as mentioned

Don't get me wrong, this comment is a great suggestion and Invision Community 4.x Anti-Spam is great if you have an active license. But really don't like CAPTCHAs. 

[Marc]

33 minutes ago, Pescao6 said:

Using CDN & WAF can help reduce spam by blocking suspicious traffic before it gets to the website. For example, Cloudflare CDN & WAF are free since March 15, 2022 and include an invisible CAPTCHA alternative called Cloudflare Turnstile. You could use it as a second layer of CAPTCHA that won't annoy real people if you want. 

I like to look at website security from a holistic approach. Spam isn't the only security concern when managing a website. The idea of using Invision Community Classic without a CDN and without a WAF is like saying you're secure enough using Windows Defender on a Windows 10/11 PC and you don't really need an antivirus: 60% of people will believe you; the other 40% know better. 

Indeed. However the topic you quoted still was not in any way related to spam protection. It was a question about DDOS protection on the server

34 minutes ago, Pescao6 said:

Don't get me wrong, this comment is a great suggestion and Invision Community 4.x Anti-Spam is great if you have an active license. But really don't like CAPTCHAs.

hCaptcha can be used whether or not you have an active licence. As far as not liking them, I cant really help you there