petzl Posted August 26, 2019 Share Posted August 26, 2019 9 hours ago, RobiBue said: Apologies, but I do see a problem with that. I mean, this is a spam fighting forum, and if someone posts a question about a spam and the words include something that would be filtered, then the OP would have to wait until the admin frees it to the forum... Just need to invoke a CAPCHA or what is 1+2 = or something similar Anyone who can't work this out is not going to be a full quid This forum is being destroyed by spammer static. Google can't search it efficiently and was a good anti-spam resource, Quote Link to comment Share on other sites More sharing options...
Lking Posted August 26, 2019 Share Posted August 26, 2019 8 minutes ago, petzl said: Just need to invoke a CAPCHA we add one several months ago. Sign out and then click the sign up button to see it. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 26, 2019 Share Posted August 26, 2019 2 hours ago, Lking said: we add one several months ago. Sign out and then click the sign up button to see it. Not working it seems? Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted August 26, 2019 Share Posted August 26, 2019 31 minutes ago, petzl said: Not working it seems? Nope, the capcha is not working. I think it was only about two months ago that Richard increased the capcha challenge level. Due to the typos and spaces, I don't think this is done by computer. I think it is done by one or two humans. If it is humans and you try to stop them with a capcha, you will also stop legitimate forum users. But then they have already developed AI on computers that can read any capcha more accurately than humans, so maybe it is a computer. The "typos" as I call them appear to be when copying from a microsoft product where a space is sometimes added at the beginning or end. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 27, 2019 Share Posted August 27, 2019 16 hours ago, gnarlymarley said: Nope, the capcha is not working Just a check box I'm not a robot Quote Link to comment Share on other sites More sharing options...
Lking Posted August 27, 2019 Share Posted August 27, 2019 9 minutes ago, petzl said: Just a check box I'm not a robot Well not working the way we expect. (Surely did not block/slow down any spammers this morning!) On the other hand when I checked earlier, I checked the box and got a series of 4 or 5 'find the traffic lights, car, bicycles' Now it checks the box for me. So I tried changing my IP (moved VPN from Texas to Chicago). Still didn't ask. Cookies maybe?? It did seem to take a second to say I was OK - could be slow network or system was reading a cookie At any rate, It is not significantly blocking spammers. If my anecdotal test is true, a human gets passed the first one, and the bot can do the rest. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 27, 2019 Share Posted August 27, 2019 3 minutes ago, Lking said: Well not working the way we expect. (Surely did not block/slow down any spammers this morning!) On the other hand when I checked earlier, I checked the box and got a series of 4 or 5 'find the traffic lights, car, bicycles' Now it checks the box for me. So I tried changing my IP (moved VPN from Texas to Chicago). Still didn't ask. Cookies maybe?? It did seem to take a second to say I was OK - could be slow network or system was reading a cookie At any rate, It is not significantly blocking spammers. If my anecdotal test is true, a human gets passed the first one, and the bot can do the rest. My bank has three fields, two need different passwords? Maybe a solution, I read though you believe they are manually entered not by Bot? Quote Link to comment Share on other sites More sharing options...
Lking Posted August 27, 2019 Share Posted August 27, 2019 1 hour ago, petzl said: believe they are manually entered not by Bot? I was guessing. IF my experience today is indicative I just suggested that a human passes the capcha then a bot takes over (using the same PC/IP) and creates several accounts to later post the spam. I think there are several approaches in use. 1) A bot, does it all opens account, replies to the challenge email, and post spam. (15min - hr between join and spam). 2) cheap labor does step 1 & 2, bot post spam. 3) Some poor sap does it all. I think a signs of human are changing the photo, posting 'interest', 'about me', sex, location, etc. But most spam accounts don't do anything except post one spam. Quote Link to comment Share on other sites More sharing options...
petzl Posted August 27, 2019 Share Posted August 27, 2019 2 hours ago, Lking said: I was guessing. IF my experience today is indicative Yes I value your experience. Signed out removed all cookies and passed the "captcha" test one click? Quote Link to comment Share on other sites More sharing options...
RobiBue Posted August 31, 2019 Author Share Posted August 31, 2019 Oh dear, I think I created a monster 😉 I haven't been active recently. just been popping in occasionally (lately)... Anyway, back to the discussion: I do believe that the login in created by carbon entities who are promised a certain amount for every successful post On 8/26/2019 at 10:02 PM, Lking said: I was guessing. IF my experience today is indicative I just suggested that a human passes the capcha then a bot takes over (using the same PC/IP) and creates several accounts to later post the spam. I think there are several approaches in use. 1) A bot, does it all opens account, replies to the challenge email, and post spam. (15min - hr between join and spam). 2) cheap labor does step 1 & 2, bot post spam. 3) Some poor sap does it all. I think a signs of human are changing the photo, posting 'interest', 'about me', sex, location, etc. But most spam accounts don't do anything except post one spam. approach 1) I think it's too complicated, as there are too many diverse systems floating around. approach 2) more likely, but still with the differences in the systems somewhat complicated to have bots do it right. although sometimes the resulting spam posts do seem incoherent at best. approach 3) is IMNSHO the most likely scenario. I think what they do is do some bookkeeping to receive their money, and that is what takes them so long in-between, and they probably have different forum systems open and jump from one to the other. Then, at the end, they copy and paste the spam into all the open forum posts they have in their batch. So let's say it's carbon entities and not silicon based bots. Side question: why isn't the advertised "By harnessing the combined knowledge of thousands of Invision Communities, our spam Defense can assess the potential threat of each new user and stop them before they can cause any problems. It's instant and free with all plans." not working? My original thought on marking them as spam by peers, hiding the post in default view after a certain amount of reports, would still be the most feasible option -- if the original developer could/would implement it, that is. Quote Link to comment Share on other sites More sharing options...
Lking Posted August 31, 2019 Share Posted August 31, 2019 1 hour ago, RobiBue said: My original thought on marking them as spam by peers Several thoughts. You had marked 4 of the 12 spam I cleaned up just now. In the morning (when you read this) one member, sometimes two, will mark the spam before I delete it even when I sleep in. Another way to look at it is On "Thursday" 10 members visited the forum 6 show 1 post and have 1 warning point (i.e. been band for spamming) 2 have joined and not posted yet. That leaves 2 members in good standing ( + me) Quote Link to comment Share on other sites More sharing options...
RobiBue Posted September 1, 2019 Author Share Posted September 1, 2019 (edited) 17 hours ago, Lking said: Several thoughts. You had marked 4 of the 12 spam I cleaned up just now. In the morning (when you read this) one member, sometimes two, will mark the spam before I delete it even when I sleep in. Another way to look at it is On "Thursday" 10 members visited the forum 6 show 1 post and have 1 warning point (i.e. been band for spamming) 2 have joined and not posted yet. That leaves 2 members in good standing ( + me) If I read this correctly: 10 members visited the forum; that is everybody that logged in/signed up(registered) (but not guests) to read and/or post (including me) 6 of the 10 have all been now banned for spamming and received a warning point (for posterity) this leaves 4 (including me and you) and 2 of them have not posted yet so who posted the other 6 spams? I am a bit confused... And according to what you say, there aren’t enough people around to mark the spam... bummer! Edited September 1, 2019 by RobiBue Added som comment Quote Link to comment Share on other sites More sharing options...
petzl Posted September 1, 2019 Share Posted September 1, 2019 just looking at latest forum flood https://pil4pedia.com/krygen-xl/ 198.54.125.159 NAMECHEAPHOSTING.COM https://topwellnessblog.com/control-x-keto/ 185.61.152.24 NAMECHEAPHOSTING.COM Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted September 3, 2019 Share Posted September 3, 2019 On 8/26/2019 at 6:39 PM, Lking said: If my anecdotal test is true, a human gets passed the first one, and the bot can do the rest. I can cut and paste from wordpad almost faster than running a scri_pt anymore these days. A few months ago, we had some duplicates where the email subject (or the post's title) where one started with "http" and the other started with " http". So if a bot is posting it, would the bot randomly add a space in the title? (Either at the beginning or the middle.) On 8/26/2019 at 9:02 PM, Lking said: (15min - hr between join and spam) I think the quickest one I saw a few months ago was between three and four minutes. If I was going to automate any part of this (via a bot), the sign up portion would be what I would automate. Most of the providers have imap or pop and the fetchmail command can output the email directly to a scri_pt. I expect that if I were to do this, the posts would show around the first 10 seconds of every minute. (It could be they do a randomized sleep, but cron starts at the top of the minute.) Quote Link to comment Share on other sites More sharing options...
petzl Posted September 3, 2019 Share Posted September 3, 2019 (edited) 1 hour ago, gnarlymarley said: I can cut and paste from wordpad almost faster than running a scri_pt anymore these days. A few months ago, we had some duplicates where the email subject (or the post's title) where one started with "http" and the other started with " http". So if a bot is posting it, would the bot randomly add a space in the title? (Either at the beginning or the middle.) I think the quickest one I saw a few months ago was between three and four minutes. If I was going to automate any part of this (via a bot), the sign up portion would be what I would automate. Most of the providers have imap or pop and the fetchmail command can output the email directly to a scri_pt. I expect that if I were to do this, the posts would show around the first 10 seconds of every minute. (It could be they do a randomized sleep, but cron starts at the top of the minute.) The log-in IP is not a Bot'; Namecheap runs 1000's of Bot's from their domains, all with different IP's. Domain blocklisting is now the most effective way of stopping forum spam.https://www.spamhaus.org/news/article/786/mta-developers-allow-use-of-domain-dnsbls-at-the-smtp-level latest floodhttps://topwellnessblog.cXm/fungus-eliminator/ 185.61.152.24 abuseXnamecheap.cXm Edited September 3, 2019 by petzl Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted September 12, 2019 Share Posted September 12, 2019 On 9/2/2019 at 8:53 PM, petzl said: The log-in IP is not a Bot'; Namecheap runs 1000's of Bot's from their domains, all with different IP's. Domain blocklisting is now the most effective way of stopping forum spam. This is in part why I try to put a note for the reports going to legitimate hosters such as "You might want to work with your customer to clean up their compromised system." Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.