Jump to content
Science Forums

The Great Spam Storm Of 13-14 July 2012


CraigD

Recommended Posts

As anyone who checked What’s New between about midnight and about 10 AM EDT today is surely aware, we’re in the midst of a spam storm or unprecedented proportions: over 400 posts from 40 new registrations, hawking mostly, it seems, rugby videos. The bulk of them appear to be coming from Bangladesh. Our registration questions and CAPCHAs seem to be no barrier to them, suggesting there are humans involved in this assault.

 

Where, in the past, spammers seem to me to have generally tried to sneak their crap somewhat inconspicuously among legitimate posts – graffiti on bathroom walls, as it were – this wave is like a carpet bombing of junk mail, intent on rendering our site into a heap unrecognizable as its former self.

 

For the moment, all we moderators can do is knock these posts down as soon as we notice them – a daunting task, as there seem to be many more of them than of us, and we all have better things to do with our time than clean up after these cybervandals. The tools our forum software (which I’ve long griped about and daydreamed of replacing with more functional stuff) offer to automatically combat spam are deployed to their max, but aren’t much help, having automatically blocked only about 15% or these registrations.

 

Oh, how I’d love to find a way to punish the folk responsible for this: hit whoever’s profiting from it (for I’m certain money-making is behind it all) with an expensive consequence. Alas, I’m neither a lawyer nor someone rich enough to have lawyers at my beck and call.

 

If anyone has any ideas along these lines, please brainstorm them here.

 

We’ve long described hypography as like a common living room, and spammers as pests that post adds on the front door (vs. trolls, who come inside and piss on the floor).

 

These spammers are really pissing me off! :angry:

Link to comment
Share on other sites

...

Oh, how I’d love to find a way to punish the folk responsible for this: hit whoever’s profiting from it (for I’m certain money-making is behind it all) with an expensive consequence. Alas, I’m neither a lawyer nor someone rich enough to have lawyers at my beck and call.

 

If anyone has any ideas along these lines, please brainstorm them here.

 

We’ve long described hypography as like a common living room, and spammers as pests that post adds on the front door (vs. trolls, who come inside and piss on the floor).

 

These spammers are really pissing me off! :angry:

 

i have done a lot of reading on the spammers of late and i think we have zero to no chance of prosecuting them, particularly those coming from outside US borders. many of these folks actually filling out the registrations are themselves dupes working for organized crime outfits who lure them with "work at home" schemes. the more views they get on their profiles and posts, the more they get paid. this is one reason i keep urging y'all to delete them, because as long as the profile exists, the money rolls. presuming the spammer group we now have has their ip's & e-mail addresses reported to the agencies you're using, i recommend periodically deleting them all once the agency has their info.

 

we fight or we die. :piratesword:

Link to comment
Share on other sites

How To Report Email Fraud & Spam To Authorities

 

A few months ago, I did an article about popular types of email fraud and spam. Well today I want to take a look at how to act on some of the more serious scams and how to report email fraud that we all get in our inboxes regularly.

 

Unfortunately, even though the Internet is worldwide there is no real organisation which will deal with small, individual cases at an international level. That is left to national and local levels.

 

In this article I will show you some of the most popular agencies to contact depending on your location and other avenues to explore when you report email fraud.

...

Link to comment
Share on other sites

About the only thing you can do is get the IP range(s) blocked by your ISP if they all appear to come from the same/similar range(s).

 

Some good info on blacklists etc can be found here http://isc.sans.org/diary/Blacklists+-+make+the+right+choice/3194

 

The recent surge is most likely due to the DNSChanger virus and you can check if you have it here http://www.dns-ok.gov.au/

Link to comment
Share on other sites

Not to brag, but after lots of IP address block banning, we’ve made it 24 hours without a single blatant spam post.

 

Thanks, everyone, for your suggestions, and keep 'em coming. I and the other hypo mods and admins are reading them, even if we don’t reply to them.

 

The downside of IP banning is that we’ve effectively excluded millions of people in such places as Bangladesh, India, Pakistan, and Thailand, from where most of the spam comes, from joining hypography – the internet equivalent of having our bouncers keep people out of our club because we can tell they come from a bad neighborhood. Given the practical need to keep our posts from being drown in a 20-to-1 or worse spamstream, though, and the limitations of our current tools, it is, for the time being, an unavoidable unfairness.

Link to comment
Share on other sites

What ever happened to not being able to post anything beyond text and smilies until you earned the privilege through a minimum # of legitimate posts? Worked for the old hypo.

 

Perhaps just automagically letting anyone in with full privileges should be given serious rethinking. Several of the other forums I frequent does not allow links and uploaded content not only for a specified number of posts but also by days visited...and I've yet to see spam..., let alone spam at the level it's at here.

 

A couple also require approval from the admin/mod staff before you are allowed to link or attach uploads. Basically they look at your post content then vote on if you are to be trusted. If they decide you are ok you gain privileges if not no dice try again later.

 

 

One forum looks at what other sites you belong to and how you behave there before you are even allowed to join...could be viewed as an invasion of privacy but they NEVER have spam...not too practical here though.

 

For Hypo though the best possible option would be to require a member to 1. meet a specified number of LEGITIMATE POSTS no padding (like the old days) and 2. meet a required number of hours or days before being allowed to post links or attachments including avitars, profile pics, etc. make it very very not worth their time to join here. 3. receive approval from mods or admins to post links and attachments for a probationary term. (they submit uploads and links for approval and the mods either approve or deny based on content. If approved the mods forward it to the post or poster's account )

Link to comment
Share on other sites

I'm having very similar issues to belovelife. I just tried to report a post and it came up with the same warning. It may have also happened with some spam profiles I reported the other night (I don't quite remember), as I notice they are still there.

 

These are the comments/profiles I reported, FTR:

 

http://scienceforums.com/topic/10781-i-want-to-learn-french/page__view__findpost__p__320705

 

http://scienceforums.com/user/32575-brandoren/

 

http://scienceforums.com/user/32945-michellehitz/

 

One comment I would make about your spam bots that use the status update feature to spam websites (I linked a couple) is that you might consider making a 10 or 20 post count limit before members can use the feature. I know it's in another forum that uses the same software as this one after a bout of status spammers and it's been 100% successful since. For some daft reason you can't do the same thing for members leaving profile comments on other profiles, which would be very handy since it's a very hard one to pick up on without accidentally spotting one of the comments, receiving one yourself or having a member report it.

 

The same forum also has a few bot admins that catch a fair number of the spam bots before they have a chance to do anything by scanning for certain features. Off the top of my head I don't remember what they are and I definitely have no idea how to code such a thing, but it does greatly preclude the need for IP blocks.

Edited by hypervalent_iodine
Link to comment
Share on other sites

I'm having very similar issues to belovelife. I just tried to report a post and it came up with the same warning.

It did file the report in the report forum despite the warning. The others showed up as reported too but it just took a while to get to them. I don't have the time I used to have here to be more proactive at fighting this.

Link to comment
Share on other sites

It did file the report in the report forum despite the warning. The others showed up as reported too but it just took a while to get to them. I don't have the time I used to have here to be more proactive at fighting this.

 

Oh, I completely understand that. I had just wondered if maybe the same error had popped up and they hadn't gone through.

Link to comment
Share on other sites

×
×
  • Create New...