1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Human Spammers & Hotmail

Discussion in 'XenForo Questions and Support' started by MattW, Mar 9, 2013.

  1. MattW

    MattW Well-Known Member

    Has anyone noticed an increase in human spammers and @ hotmail accounts?

    I've been through a load of accounts on my site this morning posting profile spam (getting past KeyCaptcha and XenUtiles) and all were using hotmail accounts.
  2. MattW

    MattW Well-Known Member

    Well I think I found the issue on my site. For some reason, the option to use KeyCaptcha had totally vanished!?! The key was still there, and it was still installed, but not being used. So anything getting past XenUtiles wasn't being presented with a Captcha :(

    Re-installed KeyCaptch, and it's working again.
    Digital Doctor likes this.
  3. tenants

    tenants Well-Known Member

    Yes, I would have said that was strange. You don't normally get swarms of human spammers, swarms of spam bots yes, but human spam is fairly rare (when you compare it to thousands of applications all with the ability to automate thousands of threads in the same instance, on a vast list of forums).

    Glad to see KeyCaptcha is up and running for you again ;)

    This is one of the reasons I think it's wise to have more than one barrier... especially for bots. When 1 barrier breaks, the swarms can kill your forum (and it can take a while to clean up)

    If you have multiple barriers, then there's never really an issue (you just have to fix the broken barrier). But, at the same time, you don't want to make humans have to jump through hoops to register, or wait for multiple APIs, or even wait for each post to be checked
    MattW likes this.
  4. MattW

    MattW Well-Known Member

    Yep, I've got 3 barriers now, and apart from KeyCaptcha, normal members won't notice a thing.

    It does look like the hotmail ones are getting around XenUtiles though, I have all 3 API and RegTimer activated (the below got through while KeyCaptcha was not activated)

  5. tenants

    tenants Well-Known Member

    XRumer users now (actually they've been using it a while) use something called xblack.txt, this is basically a list of know reporting sites. What this allows them to do is avoid detection for longer, so the public API's become less affective at catching spam bots (Indecently, if your site reports lots of spam bots, you'll get attacked by bots less because of this)

    APIs will become less affective overtime, but they're still fairly good for now

    To be honest, I'm not a big fan of using multiple API's to stop bot spam, 1 good one is often suffice (StopForumSpam/StopBotters seem to catch the most for XenForo), the more you add, the slower it becomes for the user to register.

    But multiple mechanism (that never affect humans), that is useful (for as long as the bots don't bypass them)

    Hotmail/Gmal/mail.ru... it's all the same, botters will pick one favourite for a while, and then change
    Sometimes certain email providers make it easier to automate email account creating (Yahoo was a favourite a while back for this), but you'll see cycles of patterns as the botters (sometimes just a handful or actual bot users) jump from one preference to another.

    What you might be seeing is.. that this pattern is from one (or a few) botters that are using xblack.txt, and they have recently automated email accounts against hotmail.. that's it. The pattern probably wont persist for more than a few weeks (if that). I don't believe Hotmail is currently a botters preference for email creation, they are all as easy as each other to automate.
  6. MattW

    MattW Well-Known Member

    Totally agree. Most of the bots on trying to register are failing on my site through the registration timer, and aren't even getting to the API point.

    PS. Love the latest mod you've done for Profile spam (y) That is where the human spammers we do seem to get through post all their crap, so that should see an end to that as well.

Share This Page