I have noticed recently that spammers have hit the SDMB several times recently, it seems also that they are spam bots, that is computer programs that set an account automatically; but, are they spambots indeed or/and spammers have targeted us frequently these past days?
We’ve always had spammers. Usually spam posts are promptly reported, and since most forums have more than one mod, they get wished into the cornfield quickly. Just as our mods can moderate in any forum, they are also allowed and encouraged to take care of spammers and spam posts as soon as they notice the offenders.
I don’t know if the latest invasion is due to spambots or what. We have noticed certain characteristics about the latest wave, and we’ve taken what steps we can to block them. I really don’t want to go into further details, as I don’t want spammers to know what we do to block them.
There is a Russian spambot called Xrumer that has been making the rounds of many message boards in the past several weeks. On recent days, forum spamming has gotten much, much worse. It can break the vBulletin 3.0.* captcha; the SDMB hasn’t upgraded to 3.6.*, which has an unbreakable captcha.
from XRumer FAQ:
- Isn’t it a spam-bot?
In no way XRumer acts like a spam-bot since spam is defined in legislation as ‘unsolicited email’, whereas XRumer simply posts messages created by users, which cannot be illegal providing the user does not violate the legislation by provoking racial hatred or anything prohibited by the law
bastards !
A couple of weeks ago, I reported a new user that is very likely a spammer, considering that their very unique username is registered on thousands of other message boards, and associated with a Web site dealing with “high yield investment programs” (otherwise known as Ponzi schemes) to the SDMB staff. No response, and the spammer is still listed as a registered user on the SDMB. Should we even bother to report suspicious users or spam? Running vBulletin 3.0.7, the SDMB is pretty much wide open to spambots that can crack that version’s captcha.
Well, the spammer is still there.
RabotaeMcom: their SDMB profile
Evidence that they registered on thousands of other message boards
Their Web site: RabotaeM dot com
Really, should we report spammers that we’ve seen elsewhere on the Net? Do you want our help?
And a new one that just signed up: Livecondom
Google hits for the username: 13 now, some on other message boards. Watch the number grow.
He’s gone. Thanks.
He’s now gone too. Thanks.
Yes, we appreciate all help. Sometimes life gets in the way of being efficient. The usual is when a spammer actually spams the board, he gets reported and banned rather quickly.
Interesting. The two examples given in this thread have been banned from SDMB, not deleted, even tho they made no posts. Why not just delete all traces?
Mods/admins: if answering this would reveal security info, please don’t bother. But I’m battling the same situation on another board I administer and I simply don’t want any vestige of them left behind or clogging up the user lists, so I delete their ass. And if you’re keeping the name around to avoid re-registering under the same name, I rarely observe that behavior. Typically they use a name for only a few days; most don’t even use the same one for multiple boards, as it makes it too easy to identify them as spammers as the google links show.
I doubt if they are targetting us specifically, and they sure are bots. But there has been a recent runup of activity in this area, most of it from Russia. Many do not even try to complete the registering process or post, being content with just links to their web sites showing up in profiles. Or so it seems, as I can’t figure out why else they would do it.
Wasted here, of course, but on boards that allow user database searching, the search engines will pick up the links from their profiles and if they have a lot of links worldwide, it will look like they are popular and get a better spider ranking. I guess; I don’t have the mind of a spammer.
I had a message board for my company and I wound up just doing away with it because of all the spam. Same thing with the guest book for my page. I know of a couple of other boards that were taken down because of all the bots. It really has gotten pretty annoying.
Oh, it certainly would be easier, no doubt, just to remove all traces of the spambot, but on a board where the members have (rightfully so, in my opinion) requested transparency in moderator actions–including bannings–I see no problem in leaving the names in our database. That way, should questions arise, we can produce the name and the reason for the banning.
My board recently had an upswing in spambots (ever since they broke the captcha system I was using–which won’t be an issue in the next board upgrade), but I took care of it by creating a custom field at registration that requires an exact response; the spambots just fill the field in randomly, and can’t get past the registration page.
When we move the spam posts (or any posts, for that matter) into the Moderation forum, the posts don’t register for a post count. We don’t delete the spammer’s registration and posts because sometimes we can figure out a pattern which will help us identify a problem and maybe even prevent it in the future. I don’t know if that info will help you on your board, but that’s why we do it this way.
I do the same thing; move their posts into a “deleted threads” subforum where posts aren’t included in the user post count, and ban the user, keeping the account to find spamming patterns and indicators.
Thanks, Lynn. I have the advantage of a small board and I don’t allow anyone to register without my approval. I decided to go this way to avoid the drive-by scam posters even though it makes it harder for legitimate users. Such is the nature of life these days.
It was a problem for my company’s board a couple of months back as well. It got so bad we were spending more time deleting spam than doing anything.
I fixed it by turning on email verification, blocking free mail providers, and then hard coding a simple–but nonstandard–capcha into vbulletin. I figure if the spammer’s automated programs figure that one out I can get weirder, if necessary (“Click on the three kittens wearing cowboy hats in the picture below…” 
).
We went from dozens of spammer registrations to zero pretty much instantly. Haven’t had a single spammer since…
If your board is small enough or slow enough that you can approve all posters before they post, that’s one effective way of handling it. I’m on a couple of boards that work that way, and while I find it a minor annoyance as a poster, it’s better than going to a message board and finding that 99% of the posts are spam posts, and it’s hard to dig out the relevant information from the dross.
A question to all of you using capchas: Are there no blind people who want to register on your forums? How do you know that?
The first person that emails me and claims to be blind I will probably believe and register them. But the next 1,000 similar claims will probably be spammers, dontcha think?