CodeWalrus

CodeWalrus Website => Site Discussion => Site Discussion & Bug Reports => Topic started by: DJ Omnimaga on February 16, 2016, 10:36:09 am

Title: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 10:36:09 am
I have done a massive scan of the CW userbase to detect spam accounts that have slipped by in the past, undetected. Many date back in Early 2015. There were some false positives (or at least, accounts that looked legit) that I re-approved afterwards, but anything suspicious (for example, e-mail addresses such as firzdiwznxiwrtls@yahoo.com which don't match the account name) is now requiring approval. So if you notice that our total member count suddenly decreases by 140, then it's because Streetwalrus just cleared the spam account queue.
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 16, 2016, 10:37:34 am
Well damn.
/me wipes the list. :P
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 10:41:22 am
Yeah, if you notice, all of those look likee the newer accounts >.<. I just checked the user list again now and it looks much cleaner, although there still seems to be some undetected suspicious accounts.

We should do that once or twice a year, but if you do it, make sure to check the flagged accounts afterward, to ensure you are not about to delete a legit account. (especially older accounts. Basically don't just delete anything where only the IP is flagged as spam, because most people use dynamic IP addresses)
Title: Re: Massive spam account purge
Post by: Dudeman313 on February 16, 2016, 11:17:58 am
Why might anyone make a spam account in the first place? It's not like it benefits anyone.
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 16, 2016, 11:23:11 am
It's just robots that crawl the internet and register accounts on forums to try and post advertisement. It's nasty but there isn't really a way to prevent them.
Title: Re: Massive spam account purge
Post by: aeTIos on February 16, 2016, 11:25:45 am
And they can do it FAAAST. I remember on omnimaga a few years ago one came through. He posted 144 replies to a topic he created in less than a minute. In the end I think they had to remove like 500 posts o.o
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 16, 2016, 11:28:19 am
Do you mean the bot that created almost 200 topics in less than 10 minutes while the admins were asleep freezing all activity because it made the site unusable ? :P
Title: Re: Massive spam account purge
Post by: Dudeman313 on February 16, 2016, 11:40:41 am
Wow. O.O That's bad. Well, I have a friend who's a ninja both on the computer and with his fancy, numerous weapons who could help with encryption.

And for some strange reason, when I try to view sites on Opera Mini Mobile, the best browser for my Nokia E63, sometimes it asks me to approve some sort of certificate thingy before I can view a topic or post a reply. What's up with that?
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 16, 2016, 11:43:47 am
Old browser not supporting modern encryption properly, that's unrelated to spambots.
Title: Re: Massive spam account purge
Post by: Dudeman313 on February 16, 2016, 11:56:03 am
I've seen what spambots can do; One got into my mom's email and sent more than 50 asking for dates to different email accounts, all within the same minute!

So, where  would my ninja go to sign up for this stuff?
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 04:37:46 pm
It would be cool if everyone replied back to spam automatically, effectively DDoS'ing spam computers/servers :P
Title: Re: Massive spam account purge
Post by: Juju on February 16, 2016, 04:46:41 pm
Eh. Spambot makers can do anything to inconvenience site admins if you have no protection in place effectively turning the whole site in ads in some cases, although StopForumSpam served us and Omnimaga well and blocked most of the spam.
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 16, 2016, 04:55:15 pm
Actually I think spambots mostly use forums to get better referencing on google considering how many links they post.
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 06:13:36 pm
Yeah, site ranking is the main reason. By posting many spam links or putting spam links in their signatures on as many forums as possible, many search engines will rank the advertised site higher.

Same with any site, kinda. For example, if CW members put http://codewalr.us in their forum signatures or profile URL on other forums and sites they frequent, then CW search ranking will go up. But spamming will sometimes cause the opposite, because some search engines detect spam (eg if the linked site is completely irrelevant, such as a Casino/muscle growth link on a programming/gaming site).
Title: Re: Massive spam account purge
Post by: c4ooo on February 16, 2016, 07:36:22 pm
Why not use a CAPCHA?
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 08:10:41 pm
CAPTCHA is useless. Every single bot software is programmed to circumvent them. Recaptcha could work, but even then I bet that bots can get past it.

We just use Stop Forum Spam database, which runs a scan when a member signs up on CW.
Title: Re: Massive spam account purge
Post by: c4ooo on February 16, 2016, 08:21:27 pm
Quote from: DJ Omnimaga on February 16, 2016, 08:10:41 pm
CAPTCHA is useless. Every single bot software is programmed to circumvent them. Recaptcha could work, but even then I bet that bots can get past it.

We just use Stop Forum Spam database, which runs a scan when a member signs up on CW.

I heard that reCAPCHA gets updated every 2 weeks  ;)
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 08:30:26 pm
My main concern about Recaptcha though is when their server is down. On Omni we once used Recaptcha and had to get rid of it because everytime their server was down, nobody could register on the forums.
Title: Re: Massive spam account purge
Post by: utz on February 16, 2016, 09:17:01 pm
Make the answer to the verification thingy a word, eg. question would be "what's the coolest animal?" On 1bitforum, not a single bot has gotten through since we have that procedure in place, only some human spammers.
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 16, 2016, 09:18:30 pm
We try to keep our questions as simple as possible, though, so we had an hard time figuring out a good easy question that can't be misspelled easily.
Title: Re: Massive spam account purge
Post by: Streetwalrus on February 20, 2016, 10:57:49 am
Recaptcha is owned and hosted by google now, there shouldn't be any concern of it going down. :P
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 20, 2016, 03:11:26 pm
What if the NSA shuts down Google and Apple for refusing to decrypt their user info? :P
Title: Re: Massive spam account purge
Post by: Dudeman313 on February 23, 2016, 12:51:50 am
Then we'll all beg the world's richest man for mercy. :P
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on February 23, 2016, 04:54:23 am
And what if himself or Microsoft/Linux distros suffers the same fate? :P
Title: Re: Massive spam account purge
Post by: Dudeman313 on February 23, 2016, 02:53:55 pm
Then we'll all go back to the stone age, where all our phones had more buttons than your Xbox controller. :P
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on May 19, 2016, 01:11:59 pm
Street gave me permission to do another spambot purge. We went from 603 users to 471 in the process. 4 accounts among those 471 were approved, but require email activation, since they looked spammy, but had the same username as their email (which is sometimes an hint that it's legit). If they don't activate their account within next week or so then Street, aeTIos and Juju can probably delete them.
Title: Re: Massive spam account purge
Post by: alexgt on May 19, 2016, 01:36:03 pm
Awesome! Purge out all the Jedi Spammers
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on May 19, 2016, 01:37:28 pm
Why purging the Jedi's? D:

Also we blocked over 15K spammers so far (about 1400 slipped by and were flagged as spam or were detected later)
Title: Re: Massive spam account purge
Post by: Dudeman313 on May 21, 2016, 03:22:25 pm
Quote from: alexgt on May 19, 2016, 01:36:03 pm
Awesome! Purge out all the Jedi Spammers


Quote from: DJ Omnimaga on May 19, 2016, 01:37:28 pm
Why purging the Jedi's? D:

Because the force makes Iron Walrii look bad. :P
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on May 24, 2016, 06:25:21 am
But Jedis aren't all that bad XD


Also when I deleted accounts I noticed that @Streetwalrus forgot to remove one bot account that actually advertised on the forums last year, then the same bot logged in again months later to spam again, and was never banned. That's the most lax intervention I have ever seen on a forum against a spambot O.O
Title: Re: Massive spam account purge
Post by: alexgt on May 24, 2016, 12:24:45 pm
Quote from: DJ Omnimaga on May 19, 2016, 01:37:28 pm
Why purging the Jedi's? D:

Also we blocked over 15K spammers so far (about 1400 slipped by and were flagged as spam or were detected later)

Because we are sith lords :trollface:

Quote from: Dudeman313 on May 21, 2016, 03:22:25 pm
Quote from: alexgt on May 19, 2016, 01:36:03 pm
Awesome! Purge out all the Jedi Spammers


Quote from: DJ Omnimaga on May 19, 2016, 01:37:28 pm
Why purging the Jedi's? D:

Because the force makes Iron Walrii look bad. :P

Naw iron walrii shall always win!
Title: Re: Massive spam account purge
Post by: aeTIos on May 28, 2016, 01:53:02 pm
I rejected another 68 members today as well. Such a pain.
Title: Re: Massive spam account purge
Post by: DJ Omnimaga on May 28, 2016, 06:10:09 pm
I wish it wasn't split by pages. :P