Hey New Folks! Are you getting PM spam?

Status
Not open for further replies.

areteus

Super Member
Registered
Joined
Jun 4, 2011
Messages
2,636
Reaction score
183
Location
Manchester UK
I have something that looks suspiciously like spam today... it certainly smells of scam to me. Will send you a PM copy of it...
 

Deleted member 42

Is this still relevant or have the spammers finally decided to turn their backs on this forum? Just wondering. Doesn't seem like there were any recent attacks. Since last year, actually. So technically, this thread could be unstickied/archived and if there were still some spammers, it could just be reopened if necessary. Just tryin' to help. :)

Yeah, we just banned a PM spammer today, so it's still relevant.
 

SuspiciousCookie

Deliciously Ominous
Super Member
Registered
Joined
Apr 12, 2013
Messages
666
Reaction score
57
Location
Krashoire
Website
athousandkeystrokes.wordpress.com
All right, good to know. And according to areteus they are not (just) targeting newcomers anymore, I guess. Will keep my eye out then.
(Actually, that may be unhealthy. I think I'll keep my eye in, rather.)

Cheers,
Cookie
 

LucindaBilya

Thick skinned fish returning
Registered
Joined
May 11, 2008
Messages
35
Reaction score
0
Location
Near Never Never Land
Website
lucindabilya.weebly.com
Getting all misty-eyed here. I have missed this place sooooo much.

I have returned under new name, so I look like a newbie. No spam yet. I do like Turkey Spam, but only the canned variety.

You all are so fun. (doing happy dance to celebrate coming home)
 

Roger McMillian

Super Member
Registered
Joined
Jan 2, 2007
Messages
97
Reaction score
8
Location
Eureka, IL
PM Spam, ya say? Can't rightly say that I've encountered that critter, yet. Only spam I've seen was that c-ration stuff by Hormel.
 

EarthPark

Super Member
Registered
Joined
Aug 3, 2014
Messages
64
Reaction score
0
Location
NKY
Website
twitter.com
Don't know if it's this website, my computer or ME but I have been getting two blank white add windows each time my screen refreshes. It happens only on this website. Each time I click onto a forum those darn windows flash back up then I have to exit each one, EVERY time. And again it could be just ME?!?! It started about the timeline as your yummy spam forum. Just saying?
 

Friendly Frog

Snarkenfaugister
Super Member
Registered
Joined
Sep 23, 2011
Messages
4,098
Reaction score
4,942
Location
Belgium
Not sure if it's relevant but I've just received a PM from a new and unknown member offering his website and services as a... penciler?


ETA: Just realised that's probably penciler as for art, not writing. Duh. Had me scratching my head for a while there. Still not sure what I'm supposed to do with it.
 
Last edited:

MacAllister

'Twas but a dream of thee
Staff member
Boss Mare
Administrator
Super Moderator
Moderator
Kind Benefactor
VPX
Super Member
Registered
Joined
Feb 11, 2005
Messages
22,010
Reaction score
10,705
Location
Out on a limb
Website
macallisterstone.com
Friendly Frog, yes -- that's VERY relevant. And it's spam. Please forward the PM to me or to AW Admin, and thank you!
 

ScottyDM

Badger, mushroom, snake oh a snake.
Registered
Joined
May 5, 2013
Messages
37
Reaction score
3
Location
Near Pikes Peak, Colorado, USA
Spam bots are evil.

A few years back I was a member on a little-used forum (vBulletin powered). The owner only logged in every couple of weeks or so. Without a helper the forum spam would pile up--until the owner logged in and cleared it out. I volunteered to help and he gave me access to some of the inner workings of the system.

By carefully reading the daily signups in the user database I learned some fascinating things.
  1. That forum had about 10x as many bots sign up as ever posted anything.
  2. It was an option during signup that users set their timezone. The first timezone in the list was something crazy like +14 hours east of GMT, which is a cluster of tiny islands in the equatorial Pacific. Everyone, even the guy who was banned and kept coming back to signup for new accounts, set the timezone selector--except the spam bots. Every single spam bot didn't bother to set the timezone.
  3. The owner had added a nonsense question to the signup process and made it required: "If you could transform into anything at all, what would it be?" You'd think there's no wrong answer to a question like that, but spam bots always answered the same thing--their user name. Canpharm576's answer would be Canpharm576.
  4. The majority of spam signups didn't post, but they did add a link on their new user profile that pointed to an obviously spammy website. Not a strong indicator, as many humans link to websites. The ratio was about 33% of humans, 98% of spam bots.
  5. That rev of vBulletin kept track of time to the nearest minute, and it kept track of when the new user downloaded the signup page and when they submitted it. Human: two or three minutes might pass. Spam bot: most would download and submit within the same minute. So the time a bot takes to fill out the form is probably a fraction of a second. The total time was dominated by download and response return times.
  6. There was a captcha, but I did some Googling and found professional spam-bot software that claimed to be able to read captchas, at least some of the time. Think about it. If the bot only gets the captcha right 10% of the time it's good enough. Bots don't get tired and they don't give up.

The captcha is a Turning test. It's purpose is to discern which new user is human and which machine. But the whole signup process could be turned into a Turing test. Besides the criteria above one could also use the following:
  1. Remember how many pages a new user visits on the site before they hit the signup page. Bots keep lists of signup pages. If a new user suddenly appears on the signup page with no other history, it's probably a bot.
  2. Have your HTML submit button, but wrap that in a JavaScript button, and then wrap that in a Flash button. When the user submits remember which button they used. Very few bots run JavaScript, and none I know of run Flash.
  3. Attach JavaScript to text boxes to measure keystroke cadence. Submit the variation in cadence (min/mean/max) with the signup form. Yes, many bots don't run JS, but this could catch those that do.
  4. Actually measure the time (to the second) the new user takes to fill in the form and submit it.
  5. Keep your captcha, but only keep track of how well the new user did. 8 of 9 characters? Not perfect, but okay. Without a single-point of failure one can afford to be generous.
  6. Might even try browser fingerprinting, but that could be overly invasive to real humans and might not be very effective against bots.

Some of these measures can trip up blind users. But checking the user's browser ID string could help. Spam bots lie about their browser, but will lie in favor of a popular browser. Blind users will have a rare but easily identifiable ID string.

I think of this as something like a credit score. Each parameter is worth so many points. If you get a high score you get an account right away (after e-mail verification). Middle score gets set aside for human scrutiny. Low score gets the success page (like everyone else) that the e-mail's been sent, but in reality the signup got dropped. This could drive spam-bot operators nuts. Run the bot, get the success message, but no e-mail and no access. Go to the site manually and give the same responses as the bot, get the success message, and get the e-mail and the access. Run the bot, no access. Human, access. :Headbang:
 

Charles Gull

Registered
Joined
May 27, 2017
Messages
19
Reaction score
2
In the 24 glorious hours of my membership so far I have received no private messages of any kind.

I am beginning to feel a little bit left out.:e2cry:
 

nelehjr

Green as the meadow grass
Registered
Joined
May 21, 2013
Messages
36
Reaction score
1
Location
Wyoming
Website
www.teenink.com
Haven't had this problem. I'm commenting irrelevantly so I can have more posts under my belt. XOXO
 

Cyia

Rewriting My Destiny
Super Member
Registered
Joined
Nov 15, 2008
Messages
18,615
Reaction score
4,029
Location
Brillig in the slithy toves...
Why post irrelevantly? You've been a member for over four years. One post a month would have gotten you almost to the crit threshold.
 
Status
Not open for further replies.