Jump to content

Level of spam on the rise


Supriyo

Recommended Posts

I want to warn the moderators that the level of spam is alarmingly on the rise. Two days back, I saw two spam threads opened in the 'Business of Photography' forum. Today, there are 11. Its getting flooded. Why are these fake users allowed to post in forums without verifying their accounts? I am worried, these people (or bots) may be testing the water, and we may have a bigger attack soon that can take the site down. Can we make sure new account creation is made more secure by using advanced CAPTCHA and image based tests, plus limits are placed on how many threads one person can open in a particular forum at the same time?

 

Also, some forum sites place additional safeguards on new members. For example, threads posted by new members have to be approved by a moderator before being displayed in the public forum. This can be done for a limited period for each new member before that person is trusted to post stuff without vetting.

  • Like 5
Link to comment
Share on other sites

Supriyo, I'm sitting here on Sunday night watching spam roll into PN once again. I wasn't going to say anything, but I will now. I've asked Glenn at least three times in the last couple of weeks about using CAPTCHA for new accounts. I asked in threads he was currently active in, and I have no idea why he hasn't responded. Maybe he will respond to you. There may be a very good reason why CAPTCHA won't work but it's hard to imagine that a web site can't do better than this and come up with a solution or at least communicate to the users why a solution is elusive or impossible. This, as the error messages when posting a photo continue to be a problem for so many of us, now 10 months into the launch of PN2.0.
  • Like 2
We didn't need dialogue. We had faces!
Link to comment
Share on other sites

Supriyo, I'm sitting here on Sunday night watching spam roll into PN once again. I wasn't going to say anything, but I will now. I've asked Glenn at least three times in the last couple of weeks about using CAPTCHA for new accounts. I asked in threads he was currently active in, and I have no idea why he hasn't responded. Maybe he will respond to you. There may be a very good reason why CAPTCHA won't work but it's hard to imagine that a web site can't do better than this and come up with a solution or at least communicate to the users why a solution is elusive or impossible. This, as the error messages when posting a photo continue to be a problem for so many of us, now 10 months into the launch of PN2.0.

 

Fred, I agree. I don't think its ever possible to make a site completely hack-proof, but using CAPTCHA and other measures can at least close the most vulnerable loopholes for hackers/spammers to target. It's likely that these people (spammers) look for weak points on the net to exploit, and PN just provides them with one. Now that the site has become more functional than before, security should be a priority for the admin, thats my opinion. From the time when I posted the OP until now, spam threads have grown even more in number.

 

You said that you raised this issue several times in the past and no none responded. That makes it even more alarming, suggesting that the admin may not have a concrete action plan to protect our contents and postings.

  • Like 1
Link to comment
Share on other sites

If Glenn or other admin personnel are reading this thread, I would suggest the following to reduce the chance of spam flooding:

 

1. Prevent automated creation of accounts by using CAPTCHA and other image based tests, plus email verification.

2. Prevent new accounts from posting in forums unless a moderator reads and approves the posts (this is standard practice in many other forum websites). The restrictions can be placed for the first 10 posts or so.

3. Place restrictions on creating multiple threads (e.g. limit to three at a time) in the same forum by any member at a given time.

 

You have a fairly state of the art forum software, so these safeguards should not be difficult to implement.

 

If anyone has any other suggestions, feel free to pitch in.

  • Like 1
Link to comment
Share on other sites

i believe we're solid against bots we have a number of ways to catch those - so this most recent string of attacks are from humanoids logging in and doing their thing - we're limiting new users ability to post until we see they are here for the right reasons. there is no 100% solution to this when we're a CGC (consumer generated content) site however excellent moderation (which we have) and numerous filters to limit them is the best you can do. As you can imagine - I've done a fair amount of research on this subject and that is my conclusion so far but open to suggestions from those that have been there and done that.
Link to comment
Share on other sites

Here's some new spam in the ABSTRACT forum. It's in the B&W thread. Not a new thread, but posts within a thread this time. And, weirdly, only these spam posts have a SPAM link next to the REPORT link at the bottom of the post. The legitimate posts don't have the SPAM link under them. I didn't want to click on the SPAM link for fear of not knowing what might happen.

 

spam.thumb.jpg.1a3e1fa367e81365800dced0e304c17a.jpg

We didn't need dialogue. We had faces!
Link to comment
Share on other sites

And, weirdly, only these spam posts have a SPAM link next to the REPORT link at the bottom of the post.

 

This does occur, infrequently, on other posts, although I have not yet detected any discernible pattern. Are they possibly there for when a new member has fewer than a certain number of posts, to assist the Moderators in detecting Spam more readily ?

Link to comment
Share on other sites

I want to warn the moderators that the level of spam is alarmingly on the rise. Two days back, I saw two spam threads opened in the 'Business of Photography' forum. Today, there are 11. Its getting flooded. Why are these fake users allowed to post in forums without verifying their accounts? I am worried, these people (or bots) may be testing the water, and we may have a bigger attack soon that can take the site down. Can we make sure new account creation is made more secure by using advanced CAPTCHA and image based tests, plus limits are placed on how many threads one person can open in a particular forum at the same time?

 

 

Also, some forum sites place additional safeguards on new members. For example, threads posted by new members have to be approved by a moderator before being displayed in the public forum. This can be done for a limited period for each new member before that person is trusted to post stuff without vetting.

 

Captchas are meant to catch bot spammers - and we feel we're OK there. We're dealing with a few humans that are getting a kick out of posting and there is never an absolute 100% solution to that regardless of what you might read or hear. We are limiting posts by new users until we can see they are here for the right reasons, we have filters set up to catch most common spam not only posted here but as well as on other sites (xenforo add ons built for this) so for now - we're better than we were this week and much better than we were two weeks ago - next week we'll probably be better than this week - so we believe the spam trend is heading in the right direction - now will we be 100% spam free - no...but we'll be getting better every day.

Link to comment
Share on other sites

Great! Thanks. I hope the new measures play out well in reducing the spam volume. As PN becomes more visible to the online world, it will draw the attention of more rogue elements I think. So the security measures have to be continuously adapted as well.
Link to comment
Share on other sites

Here's some new spam in the ABSTRACT forum. It's in the B&W thread. Not a new thread, but posts within a thread this time. And, weirdly, only these spam posts have a SPAM link next to the REPORT link at the bottom of the post. The legitimate posts don't have the SPAM link under them. I didn't want to click on the SPAM link for fear of not knowing what might happen.

 

[ATTACH=full]1214856[/ATTACH]

 

this was likely the human spammers testing our filters - there is a special place in hell for these people, I'm sure of it.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...