fake/spam accounts driving us insane

[Digital Doctor]

While various spam prevention methods tend to work on bots there's an increasingly number of "human" spammers, mainly from the third world and those people stupid enough to believe they are going to get paid $1,000s per week to act like pork chops on online communities. We had an ongoing battle to get rid of the pricks, excuse languages, and finally discovered the full proof method. Turn off signatures and PMs for new members We're still getting a huge sign up at one movie site but once they discover they can't use a sig they don't post and move onto the next target. Simple solution folks, and you get a membership number clicking over satisfactory. Make the spammers work for you!

Spam Tip: Turn off signatures and PMs for new members

Great Tip.
There should be a TIPS entry on Spammers

If Xenforo.com had a wiki i'd enter it myself.

 

[AnthonyCea]

That does not 'turn off homepage link slots', that field has to be removed from vB user profile forms for all new users because that is what automated spammers are hitting to stay under the radar.

 

[Andy.N]

Is there any way to do a sql query to search for all wall posts to check for some keyword (html, sales, etc) in VB forum?

 

[AnthonyCea]

Sure, if you are an SQL expert or a coder, which I'm neither.

 

[Andy.N]

I just need to know which table hold wall posts

 

[Jaxel]

Spam Tip: Turn off signatures and PMs for new members

I disagree with this. Leave signatures and PMs on, it makes it easier to find the spammers.

Check out my mod XenUtiles... it has stop forum spam and a "spam bot finder". The spam bot finder works by searching for URLs in people's profiles. If it finds them, it lists the user in the list, with their relevant information. From there you can decide if they are a bot or not and delete them.

 

[AnthonyCea]

I just need to know which table hold wall posts

I guess Mike or Kier will have to get with you on that.

Jaxel, that sounds good, any tool is better than nothing when chasing spammers in your database already, there are not really any great tools within forum scripts other than common IP search which shows the same spambot under the same IP with many forum user names.

The IP search tool in vB is great for after the fact spambot moron finding.

 

[Jo.]

I see you are using vb3.8.6

On our vb3.8 forum we have a question & answer, using a custom profile field. "2+2=".. and that sort of helps out, but many get past that.
What really helps out is having another custom profile field with a default value being a letter (any letter), then asking people to type another letter into the box. For some bizzare reason the normal spammers cannot seem to get past that.

Admincp -> user profile fields -> Add New User Profile Field
title: Type the letter 'H' in this box
default value: W
Single line text box
Field required: Yes, at registration and profile updating
Field editable by user: Only at registration
Private field: Yes
Field Searchable on Members List: No
Show on Members List: No
Field required: Yes, at registration and profile updating
PCRE expression: ^[hH]$
Display page: edit your details

I tried this today, and so far it's working well. We've been having several spam registrations an hour the past few days, but since I did this, 8 hours ago, we haven't had a single spam account registered. Thanks for suggesting this. It seems to have helped a lot so far!!

 

[Jaxel]

I guess Mike or Kier will have to get with you on that.

Jaxel, that sounds good, any tool is better than nothing when chasing spammers in your database already, there are not really any great tools within forum scripts other than common IP search which shows the same spambot under the same IP with many forum user names.

The IP search tool in vB is great for after the fact spambot moron finding.

I just updated XenUtiles... it now searches for posted links in people's profiles...

 

[AnthonyCea]

Well, I would simply disable all homepage and signature links until a member has so many posts or is moved into a user group with links as an option.

 

[Carlos]

I would like to say:

"Silly rabbit. Spam is for kids!"

 

[Dean]

I tried this today, and so far it's working well. We've been having several spam registrations an hour the past few days, but since I did this, 8 hours ago, we haven't had a single spam account registered. Thanks for suggesting this. It seems to have helped a lot so far!!

Please let me know how well it works out for you long term.

 

[TNCclubman]

bots cant guess what color my eyes are so a question/answer registration hurdle is imperative. Yes a real person can beat it, but Id rather deal with the odd human vs millions of bot scripts.

 

[Jo.]

Please let me know how well it works out for you long term.

will do!

 

[AnthonyCea]

Jo, these are not fake spam accounts, they are real spam accounts !!!

 

[Jo.]

Jo, these are not fake spam accounts, they are real spam accounts !!!

lol yeah I know... I don't always use the right words (I have a learning disability), but you knew what I meant.

 

[AnthonyCea]

I knew what you were saying, just busting on you like I do to Kier and Brogan !!

PS: Spam is hot, look at how big your thread got in a hurry !!

 

[Jo.]

lol

 

[Wired]

Removing / putting a lock on the homepage option is a great idea for vB. Haven't looked at XF settings in great detail yet. Sorry, just haven't gotten around to mucking around in the back end since I bought it eheh.

I've started keeping a manual log of spammers I find in a Google doc. Helps to very quicky identify patterns, e.g. spam links from 3 certain domains, or email name patterns, or certain domain names that they use (e.g. a lot of yahoo.co.uk accounts recently). Also searching certain profile fields for BBCODE or HTML where they shouldn't have it (location for example), and YES, HTML / BBCODE is disabled in profiles, but it doesn't stop them from attempting it

 

[Andy.N]

Is there any way to do a sql query to search for all wall posts to check for some keyword (html, sales, etc) in VB forum?

Wow, I just had a feeling I have to investigate this further so I looked at the VB 3.8 tables and run some SQL queries.

You know what I found? I found out about two dozen spammers who signed up, posted a link on their own profile page and never log in again.

1) Disable profile view for guests
2) Can Post Visitor Messages to Own Profile


3) Run this query from your ACP

select * from visitormessage where pagetext like '%http%'

This will display all kind of hidden stuff that you would otherwise not know about. Then go on and delete those accounts.