How do spambots defeat spam filters on message boards?

Another board I’m a member of keeps getting the shit spammed out of it by robots selling trainers and vinyl siding and all sorts of other bullshit. The board is a bit more basic than this one but even this one gets the occasional spambot. I’m just wondering how they’re able to circumvent all the various safeguards put into place. How do they know the answer to the spambot questions? How are they able to verify their e-mail addresses? Why is it so difficult to stop the little bastards? Thanks in advance.

Some spammers are human(sort of).

They’re not always bots. The filters may not be as sophisticated as the bots (it’s an ongoing, and likely neverending war).

Perhaps one of the most amusing tricks, and quite brilliant in a warped way, was porn sites that provided access to a set of pictures apparently protected by a captcha. What was actually happening was that the site was redirecting a captcha from a legitimate site and using the results to gain entry for a bot. I have no idea if such tricks are still being used, but it would not surprise me.

Sadly, the other source of human brainpower is simply subsistence wages paid in 3rd world countries.

Yep, that’s my guess for our spammers based on their behavior.

It’s frustrating, but we ban them as we see them.

:slight_smile:

The spambots are usually easily filtered. There are anti-spam services that you can use that will catch a lot of those. We filter a lot of spambots here, and a lot of the bots end up not completing the registration process as they don’t manage to validate the e-mail.

The ones that answer the security question and validate the e-mail are usually human(ish), and not bots. You can ban IPs, but they have ways of getting around those, too. For example, there’s a company called Peg Tech that is located in California that is actually owned by a Chinese firm, and it’s basically a spam factory located in California to circumvent country bans on Chinese spam. Some spammers will use tor nodes (anonymizers) or hosting services located in other countries to circumvent IP bans.

Another thing that they do is make posts that don’t contain any spam, which gets them past the spam filters, then they edit the post to put the spam links into it. Our friendly little a-hole from Bangladesh (the idiot who posts all of the live stream crap here) is fond of this technique. He also tends to copy existing thread titles so that it’s harder to spot his spam if you just look down the thread list.

Another technique that they use is they make 3 or 4 innocent posts, usually generic one-liners like “that’s a good post”, and then they’ll create a post with a link. Some message boards will filter you off if your fist post contains a link.