Jump to content


Photo
- - - - -

The Great Spam Storm Of 13-14 July 2012


  • Please log in to reply
54 replies to this topic

#1 CraigD

CraigD

    Creating

  • Administrators
  • 8034 posts

Posted 14 July 2012 - 11:36 AM

As anyone who checked What’s New between about midnight and about 10 AM EDT today is surely aware, we’re in the midst of a spam storm or unprecedented proportions: over 400 posts from 40 new registrations, hawking mostly, it seems, rugby videos. The bulk of them appear to be coming from Bangladesh. Our registration questions and CAPCHAs seem to be no barrier to them, suggesting there are humans involved in this assault.

Where, in the past, spammers seem to me to have generally tried to sneak their crap somewhat inconspicuously among legitimate posts – graffiti on bathroom walls, as it were – this wave is like a carpet bombing of junk mail, intent on rendering our site into a heap unrecognizable as its former self.

For the moment, all we moderators can do is knock these posts down as soon as we notice them – a daunting task, as there seem to be many more of them than of us, and we all have better things to do with our time than clean up after these cybervandals. The tools our forum software (which I’ve long griped about and daydreamed of replacing with more functional stuff) offer to automatically combat spam are deployed to their max, but aren’t much help, having automatically blocked only about 15% or these registrations.

Oh, how I’d love to find a way to punish the folk responsible for this: hit whoever’s profiting from it (for I’m certain money-making is behind it all) with an expensive consequence. Alas, I’m neither a lawyer nor someone rich enough to have lawyers at my beck and call.

If anyone has any ideas along these lines, please brainstorm them here.

We’ve long described hypography as like a common living room, and spammers as pests that post adds on the front door (vs. trolls, who come inside and piss on the floor).

These spammers are really pissing me off! :angry:
  • Moontanman and NimrodTheGoat like this

#2 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 15 July 2012 - 08:12 PM

here we go :headbang:

#3 Turtle

Turtle

    Member

  • Members
  • PipPipPipPipPipPipPip
  • 15452 posts

Posted 15 July 2012 - 10:35 PM

...
Oh, how I’d love to find a way to punish the folk responsible for this: hit whoever’s profiting from it (for I’m certain money-making is behind it all) with an expensive consequence. Alas, I’m neither a lawyer nor someone rich enough to have lawyers at my beck and call.

If anyone has any ideas along these lines, please brainstorm them here.

We’ve long described hypography as like a common living room, and spammers as pests that post adds on the front door (vs. trolls, who come inside and piss on the floor).

These spammers are really pissing me off! :angry:


i have done a lot of reading on the spammers of late and i think we have zero to no chance of prosecuting them, particularly those coming from outside US borders. many of these folks actually filling out the registrations are themselves dupes working for organized crime outfits who lure them with "work at home" schemes. the more views they get on their profiles and posts, the more they get paid. this is one reason i keep urging y'all to delete them, because as long as the profile exists, the money rolls. presuming the spammer group we now have has their ip's & e-mail addresses reported to the agencies you're using, i recommend periodically deleting them all once the agency has their info.

we fight or we die. :piratesword:

#4 Turtle

Turtle

    Member

  • Members
  • PipPipPipPipPipPipPip
  • 15452 posts

Posted 16 July 2012 - 10:57 AM

How To Report Email Fraud & Spam To Authorities
[quotename='Dean Sherwin']Posted Image

A few months ago, I did an article about popular types of email fraud and spam. Well today I want to take a look at how to act on some of the more serious scams and how to report email fraud that we all get in our inboxes regularly.

Unfortunately, even though the Internet is worldwide there is no real organisation which will deal with small, individual cases at an international level. That is left to national and local levels.

In this article I will show you some of the most popular agencies to contact depending on your location and other avenues to explore when you report email fraud.
...[/quote]

#5 LaurieAG

LaurieAG

    Explaining

  • Members
  • PipPipPipPipPipPipPip
  • 1492 posts

Posted 16 July 2012 - 06:41 PM

About the only thing you can do is get the IP range(s) blocked by your ISP if they all appear to come from the same/similar range(s).

Some good info on blacklists etc can be found here http://isc.sans.org/...ght choice/3194

The recent surge is most likely due to the DNSChanger virus and you can check if you have it here http://www.dns-ok.gov.au/

#6 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 16 July 2012 - 09:16 PM

spam and cheese

#7 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 17 July 2012 - 02:36 PM

the difference between two points

the difference between spam and cheese

the differance between
Posted Image



and



Posted Image




they ain't that much different

Edited by belovelife, 17 July 2012 - 02:37 PM.

  • DFINITLYDISTRUBD likes this

#8 LaurieAG

LaurieAG

    Explaining

  • Members
  • PipPipPipPipPipPipPip
  • 1492 posts

Posted 17 July 2012 - 07:15 PM

The spam just keeps coming. I remember an earlier version of hypography when you had to do an introduction post before you were allowed to post in other threads. Is that option still available.

Projektprojecting is the latest and all of the posts went in at the same time.
  • JMJones0424 likes this

#9 CraigD

CraigD

    Creating

  • Administrators
  • 8034 posts

Posted 19 July 2012 - 09:17 AM

Not to brag, but after lots of IP address block banning, we’ve made it 24 hours without a single blatant spam post.

Thanks, everyone, for your suggestions, and keep 'em coming. I and the other hypo mods and admins are reading them, even if we don’t reply to them.

The downside of IP banning is that we’ve effectively excluded millions of people in such places as Bangladesh, India, Pakistan, and Thailand, from where most of the spam comes, from joining hypography – the internet equivalent of having our bouncers keep people out of our club because we can tell they come from a bad neighborhood. Given the practical need to keep our posts from being drown in a 20-to-1 or worse spamstream, though, and the limitations of our current tools, it is, for the time being, an unavoidable unfairness.
  • Turtle likes this

#10 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 19 July 2012 - 04:41 PM

:spam:

the strorm has let up, just a few showres afterward

#11 DFINITLYDISTRUBD

DFINITLYDISTRUBD

    tsilcycrotom live

  • Members
  • PipPipPipPipPipPipPip
  • 2291 posts

Posted 19 July 2012 - 05:06 PM

What ever happened to not being able to post anything beyond text and smilies until you earned the privilege through a minimum # of legitimate posts? Worked for the old hypo.

Perhaps just automagically letting anyone in with full privileges should be given serious rethinking. Several of the other forums I frequent does not allow links and uploaded content not only for a specified number of posts but also by days visited...and I've yet to see spam..., let alone spam at the level it's at here.

A couple also require approval from the admin/mod staff before you are allowed to link or attach uploads. Basically they look at your post content then vote on if you are to be trusted. If they decide you are ok you gain privileges if not no dice try again later.


One forum looks at what other sites you belong to and how you behave there before you are even allowed to join...could be viewed as an invasion of privacy but they NEVER have spam...not too practical here though.

For Hypo though the best possible option would be to require a member to 1. meet a specified number of LEGITIMATE POSTS no padding (like the old days) and 2. meet a required number of hours or days before being allowed to post links or attachments including avitars, profile pics, etc. make it very very not worth their time to join here. 3. receive approval from mods or admins to post links and attachments for a probationary term. (they submit uploads and links for approval and the mods either approve or deny based on content. If approved the mods forward it to the post or poster's account )

#12 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 19 July 2012 - 05:25 PM

i think, mabe we could have a vote button that makes it spam

:drummer: :spam:

#13 CraigD

CraigD

    Creating

  • Administrators
  • 8034 posts

Posted 19 July 2012 - 09:13 PM

i think, mabe we could have a vote button that makes it spam

We do - the "Report" button. It doesn't immediately suspend the poster, but notifies us mods and admins.

#14 belovelife

belovelife

    psionicist - preserver lv.143

  • Members
  • PipPipPipPipPipPipPip
  • 1397 posts

Posted 19 July 2012 - 09:37 PM

i tried, it told me i didn't have access while not loggen in, but i was logged in

#15 hypervalent_iodine

hypervalent_iodine

    Curious

  • Members
  • Pip
  • 9 posts

Posted 20 July 2012 - 03:10 AM

I'm having very similar issues to belovelife. I just tried to report a post and it came up with the same warning. It may have also happened with some spam profiles I reported the other night (I don't quite remember), as I notice they are still there.

These are the comments/profiles I reported, FTR:

http://scienceforums...post__p__320705

http://scienceforums...2575-brandoren/

http://scienceforums...5-michellehitz/

One comment I would make about your spam bots that use the status update feature to spam websites (I linked a couple) is that you might consider making a 10 or 20 post count limit before members can use the feature. I know it's in another forum that uses the same software as this one after a bout of status spammers and it's been 100% successful since. For some daft reason you can't do the same thing for members leaving profile comments on other profiles, which would be very handy since it's a very hard one to pick up on without accidentally spotting one of the comments, receiving one yourself or having a member report it.

The same forum also has a few bot admins that catch a fair number of the spam bots before they have a chance to do anything by scanning for certain features. Off the top of my head I don't remember what they are and I definitely have no idea how to code such a thing, but it does greatly preclude the need for IP blocks.

Edited by hypervalent_iodine, 20 July 2012 - 03:13 AM.

  • Moontanman and JMJones0424 like this

#16 C1ay

C1ay

    ¿42?

  • Administrators
  • 6488 posts

Posted 20 July 2012 - 09:30 AM

I'm having very similar issues to belovelife. I just tried to report a post and it came up with the same warning.

It did file the report in the report forum despite the warning. The others showed up as reported too but it just took a while to get to them. I don't have the time I used to have here to be more proactive at fighting this.

#17 hypervalent_iodine

hypervalent_iodine

    Curious

  • Members
  • Pip
  • 9 posts

Posted 20 July 2012 - 09:53 AM

It did file the report in the report forum despite the warning. The others showed up as reported too but it just took a while to get to them. I don't have the time I used to have here to be more proactive at fighting this.


Oh, I completely understand that. I had just wondered if maybe the same error had popped up and they hadn't gone through.