URGENT-WE MAY BE UNDER ATTACK

wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
9,975
Reaction score
8,874
Credits
45,255
All Members please hold off on reports, we have handled over 100 spammers today.

More tomorrow

Thanks

Wizard
 


Morning Chris [or Gd'evening to you]
{no reply required immediately, I know you are busy}

David had a load yesterday evening, I see today they are getting a bit more intense and using multiple memberships.
I don't know if it's possible on this board, But the last one I moderated on had an automated filter system where you could but in a block of script, telephone number or similar, and the system would delete them and substitute the phrase of your choice
 
Probably some broke scammer trying to steal crypto.
 
Many, ....Many , scammers
 
Brian, do you remember what forum software they used
It was a modified php BB, I don't know if it was a standard add-on or a script written by the site founder, for example you would take a common script in the title such as" COINBASE Email support?" and replace it with "Warning this is spam", it was only a short term measure as they would eventually change the wording, but it did cut us a little time,and stop the members opening a possible infested post
 
We it be an idea to add a Captcha during account signup?
 
@Condobloke
to continue, we were only a small forum 90% British membership, we tried the usual block the ISP, but this caused us many more problems as members would be in the same ISP block, and we would get many e-mails on the emergency address that they could not get onto site,
on the short time I have been away [breakfast time] I see we have been inundated again, I don't relish the work facing Chris, David and Rob today
 
We it be an idea to add a Captcha during account signup?
I stand to be corrected but the way the spam was coming onto the site last night [at 15 to 25 min intervals] in each forum it looked like a human attack to me, so Capatch would not help
 
ALL Members whilst we are being spammed Is it is causing you aggravation, as it is taking over the latest post and what's new sections making it harder to spot new proper post, you can clear them from your screen by hovering over the member icon and clicking the ignore box, then refresh your page, this is working well at the moment as they are multiple spamming under each name and you only need to hit the ignore button once for each name
 
Looks like the mongrels keep office hours.

As europe/usa etc goes to sleep and Australia wakes up, they go to bed, after a hard nights exertion....attempting to stuff up what belongs to someone else. **%^#$**
 
Or add a required $1 donation as a signup fee, I'm sure they don't want to spend money to create spam accounts.
 
How did they get through the "spam filters" so effectively?

I have zero understanding of how such filters work, but if they are dependent on lines of 'code' similar to the lines found in Linux folders/files etc etc....is it not possible to introduce a line whereby if a phone number etc is showing in any new members first 10 posts, then that is picked up by the 'filters', stopped and that account goes across a moderators desk for inspection etc etc...

or, am I just dreaming?
 
*dons mod hat*

For some transparency sake:

Things may be dying down now. I've only had 33 incidents today.

How did they get through the "spam filters" so effectively?

They don't. Not normally. Not really.

Ideally, you never see the spam. We're pretty effective at dealing with it before you see it. We see it in the 'approval queue'. That's where we tend to deal with it, but processing the queue while looking for false-positives can take some time.
 
I've only had 33 incidents today.
Only 33.....that's 33 too many.

What in hell do these imbeciles actually achieve?....apart from you giving you a rough time ....
 
What in hell do these imbeciles actually achieve?....apart from you giving you a rough time ....
It makes their pee pee feel good and they have quotas to reach as well.
QSZwaWQ9QXBp
 
What in hell do these imbeciles actually achieve?

Linux.org ranks well on Google and other search engines.

Links here have added weight, being associated with the site.

My Linux-Tips site gets *hundreds* of attacks per day, not just spam attempts.

Here, quite a few of these attacks are weeded out during the signup process and verification process.

They aren't people, as a general rule. They're bots that perform all these actions.

About 90% of the traffic online isn't actually humans. It's just bots. Computers talking to computers. Not all bots are bad, for the record. Bots do things like find sites and evaluate them. Bots also do things like search for exploits and the likes.

I use a few bots. None of them are malicious. Good bots will do things like obey the robots.txt that every webmaster should have configured.

For example:

 
Just so folks know a little bit more about what goes on behind the scenes.

Most spammers don't make it past this page:

Selection_056.png


This particular visit to the approval queue was pretty easy. They were all from the same person, all the same messages, and all easily marked as 'spam' and dealt with accordingly.

You don't see the messages until after they've left the queue. There are often false-positives/legitimate users in and among them. In the pictured image, there were actually a total of 10 new spam attempts.
 
I'm glad you got this under control. When I was in charge of the spanish podcasting association's forum I got some taste of this situation, and it's not nice when they get past the moat and you have to deal with them by hand.

Apologies for my fistful of reports in probably the worst moment!
 


Top