Users getting scammed via Conversations

e9coupe

Member
I'm sure some of you are aware of this but I'm getting new users (real people) joining the forum and contacting other users that are looking for parts. I run an automotive related forum. User post WTB ads and the scammer contacts them via private message and tells them they know someone who has the part for sale and gives them their email address.

I manually validate all the new accounts and I'm trying really hard to vet the new users, but because they're a real person they're getting through. I added a User Group Promotion making new users post at least ten to maybe slow them down or make it more obvious but it doesn't seem to be working right. They don't have to post any messages.

Does anyone have any ideas for me? I even check their IP location, which started out in Nigeria but now they've figured that out and they're all in the U.S.
 
A couple of options:
  • Put a notice block at the top of the page for all conversations warning users to be careful
  • Install this addon to block VPN's and also block offending countries from creating new accounts
  • Install this addon so, given time, your users know who the reliable sellers are
As for your promotion issue, make sure the "Registered" group has these permissions set:

1.webp

For the group they are promoted into at 10 posts, switch those to yes.
 
A couple of options:
  • Put a notice block at the top of the page for all conversations warning users to be careful
  • Install this addon to block VPN's and also block offending countries from creating new accounts
  • Install this addon so, given time, your users know who the reliable sellers are
As for your promotion issue, make sure the "Registered" group has these permissions set:

View attachment 219828

For the group they are promoted into at 10 posts, switch those to yes.
Thanks, I'll look into this.
 
This scam is still going on but now they've been able to validate their own new accounts! We've changed all of our passwords and removed all non-essential Admin accounts (one or two) and they're able to create a new account and validate within minutes. I already manually validate accounts.

This sucks. Any ideas? What's the safest way to validate new accounts? I don't get that many.
 
I'm a member of a forum that requires 50 posts for pms. New people are watched closely and one liners to get to 50 yield a short ban. Repeats are permanent. Done right, this can work, although the one admin thinks his job is to ban people rather than interact w them in a reasonable way. I've pretty much left that forum. He's a jerk.
 
If manual validation is required, there is no way a new member can validate their own account - it requires an admin account.

The admin log will confirm if that is the case and the IP address of the entry will determine if it was legitimate or not.

You have previously posted about your forum account being compromised here -- https://xenforo.com/community/threads/limit-email-notifications.172214/#post-1384641 -- so it's possible whoever is doing it still has access to one or more accounts, including email.

There may even be malware/keylogger software on your computer, the server could be compromised, etc.
 
I validate by changing the status on the users profile, which shows in the Admin changelog. The latest scam user is valid without any history in the Admin changelog. I've asked the host previously to look into anything suspicious and they didn't see anything. I don't know what they should look for so I wasn't any help and didn't know what questions to ask.
 
This scam is still going on but now they've been able to validate their own new accounts! We've changed all of our passwords and removed all non-essential Admin accounts (one or two) and they're able to create a new account and validate within minutes. I already manually validate accounts.

This sucks. Any ideas? What's the safest way to validate new accounts? I don't get that many.
change your captcha type. I find doing this once a month or so eases spam for a while until they catch on
 
I validate by changing the status on the users profile, which shows in the Admin changelog. The latest scam user is valid without any history in the Admin changelog...
How could that be? Particularly because you require manual approval of all new members.
 
What works for us is to have an addon that scans for keywords/phrases and sends suspect conversations to a moderation queue without the user noticing it. If the member becomes aware then they can try different keywords and figure your configuration out.
You will need access to member conversation in case such conversation trips up the keyword alerts or if a member solicits contact through public posts in a suspect manner.
 

This keeps lots of the spam away for me from signups... This alongside a decent location checker/blocker..
 
Yes, that will help with spambots, but it won’t help the OP. They have a issue with a human and most likely a compromised site/device.
 
Go through every file (usually by re-upping clean ones) and ensure they belong there an have not been altered. That goes for all files on the server.
 
That's a reason to use a 2.x version. It checks all the files for any changes from the original upload. Will it look for extras as well? Bet so.
 
Back
Top Bottom