1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Crowdsourced Human Spammers

Discussion in 'Forum Management' started by Shiro, Oct 31, 2015.

  1. Shiro

    Shiro Well-Known Member

    You may be aware of services like Amazon Mechanical Turk or Microworkers. These are crowdsourcing services that allow vendors to pay small amounts of money for the completion of tasks. These tasks often range from things like helping Google and Bing rank search results (human experience), and completing surveys. However, as I discovered today, spammers are using these systems on a massive scale to recruit human spammers.

    A typical example of spam recruitment jobs:
    Screen Shot 2015-10-31 at 8.26.13 AM.png

    Step one will link you to a google search results page for "smp toronto", which is the keyword the spammer is targeting. You're then asked to find blogs or forums to post a spam comment on within those keywords, when you do so you'll visit the second link and see this:

    Screen Shot 2015-10-31 at 8.25.53 AM.png
    Look familiar? This is the same type of stuff that bots post in forums all the time. Now rather than paying for an xRumer license, spammers can pay less than 25 cents per human-generated spam comment. This type of operation is particularly challenging to defend against via automated means. CAPTCHA is obviously completely useless, since you're dealing with a 100% human operation. Checks on registration are useless, because these are regular users who have probably not engaged in malicious activity anymore. You're left with keyword filtering, and services like Akismet. Any suggestions on how to deal with this type of spam? I'm looking into having Trust+ checks ran at post time, and the ability to detect spam patterns currently.

    After looking through these types of jobs, I have also seen solicitations to post a "one hundred word product review" on a random forum, and of course this pays higher because the user needs to come up with the text. They then request the user post a link back to their site. Even spam detection services that work on patterns may not be entirely effective against this type of spammer.
     
  2. Chris D

    Chris D XenForo Developer Staff Member

    We find spam phrases and IP blocking very effective here.

    They aren't instant solutions, of course. They require work. For example our spam phrases block basic things like links being posted, but it also blocks certain phrases that crop up very often in spam posts.

    upload_2015-10-31_12-53-20.png

    Instead of deleting, we actually move spam posts via the spam cleaner to a special forum. If people want to get better at reducing the spam on their forum, this is a good tactic. It gives you some data to go back and look at. You'll start noticing patterns, and ultimately, give you a fairly comprehensive list of terms that are commonly posted by human spammers.

    We moderate the content, rather than blocking completely, so it still requires work to clean them up, but I would estimate that 90% of our spam posts go straight to moderation, therefore only a small amount that actually slip through the net and actually are visible on the forum before being cleaned.
     
    kontrabass, Alfa1 and Shiro like this.
  3. Shiro

    Shiro Well-Known Member

    The spam phrases functionality is really good, I totally agree. I guess my point with this thread is that a lot of anti-spam solutions focus on the spammer and on registration checks, and ultimately it is becoming a lot more important to focus on content. I personally use spam-phrases along with Akismet which is working okay for me. Eventually, content-screening functionality is going to be something that we built into Trust+, with the aim and intent to intelligently detect both keywords, and patterns used by spammers in their posts and send them to the moderation queue. However, I fear that spam is evolving and so are spammers. I feel like we're going to see more of the "write a 100 word review about our product on a forum" type jobs, rather than the "post these keywords and link" jobs in the future. There are some blanket terms that can always be blocked, like the l*sing weight and ***** enlargement, but ultimately spammers respond to us just as we respond to them. I'd also like to point out, due to the specific niche of my community, I experience weirder spam. Usually it's people selling random alternative-medicine books.
     
  4. Anthony Parsons

    Anthony Parsons Well-Known Member

    One tool: https://xenforo.com/community/resources/stophumanspam-anti-human-spam.1480/

    That is all you need. I see pages of daily logs on my forum, being nearly the same size as Xenforo, as such what gets through without links is maybe 1 or 2 spam posts per week.

    That simple. I have zero links set until about 50 posts, or more... then the users are serious about being there having more than that in posts.
     

Share This Page