Who the hell is this guy?
Subscription Note:
Choosing to subscribe to this topic will automatically register you for email notifications for comments and updates on this thread.
Email notifications will be sent out daily by default unless specified otherwise on your account which you can edit by going to your userpage here and clicking on the subscriptions tab.
This has been happening for a while now. Annoying af.
I don't know if it's a fucking Indian pseudo-doctor advertising or a fucking religidiot trying to mess up the site. I don't get it how he's posting so many of these in a matter of seconds.
Have you read some of those ads though? I think I need some of that black magic shit to fix my sex life.
I noticed that the sign-up page now has a Captcha trap. Hopefully that will stop mass-postings by this idiot.
It's been happening daily for the past few weeks. Large numbers of these stupid messages start popping up in one of the forums and then spread to the others. It usually happens around midnight in NY (mid-afternoon here).
Well so much for Captcha. Another load of spam has just spattered all over the Debate Room at around 1am NY time (2pm here).
Captcha has been on this site since at least before February of this year. (When I signed up.)
To me it looks like someone would create an account (captcha cant stop that), and then, set some bot he found on the internet, loose upon the website, which would go on until and admin member logged on, noticed the account, then ban the account.
It looks like this version of the forums does not have some of the anti spam tools available to forum administrators.
Purely guess work at this point, but: I am guessing the admin of these forums would have to update these forums, possibly losing or screwing up a bunch of data, and causing website down time, as well as security concerns protecting peoples anonymity.
If there was a simple switch they could pull like: new accounts can only create new topics 48 hours after account creation, and new topic formation is limited to once every 10-90 minutes (random to help defeat bots,) for a month after that, I imagine at this point they would of pulled that lever by now. I am guessing there is quite a bit going on behind the scenes that we are not aware of.
I signed up around April last year. I don't remember seeing Captcha then, but I could be wrong.
These spam posts are coming from dozens of different accounts. One just popped up from something called "traditional healer Jajazedde +27783223616", which I've never seen before. So somehow they're creating new accounts as soon as the old ones get banned. That means whoever it is has a way to by-pass Captcha.
I hope the admins find a solution soon.
I saw one spam bot with the name asdffdasdf or something like that, which indicates to me, it was created by a human. (any account name that features the letters a s d f a lot, indicates that it was quite likely created by a person.) So some kid somewhere would create an account the old fashion human way, then, turn on the bot. If it was pure bot, we would see combination of dictionary names. Bots that can defeat captcha are not nearly as easy to get as bots that can spam a website once the account is created.
The frequency of it indicates its malicious and not intended to drive click/phone traffic to a site/phone service but instead to "troll" these forum boards. My guess some kid googled forum spam bots, looked around and picked this one, then the person every so often, creates a new account, runs the bot for a bit, until it gets banned. Once you have the software, it is frighteningly easy to spam the forums, in this forums current anti spam setup.
Easiest way to deal with this, is to get your web-admin to ban the HDD serial number of the computer it is posting from. Pretty fool-proof in banning spammers.
That isn't really possible.
You mean MAC Address, which is better than IP banning, but far from fool proof.
I frequent a lot of boards. The ones that have 48 hour holds on new postings, and 5-90 minute (random ascending,) delays between new posts, are the ones that have better luck keeping spamming under control. They also have to force strong passwords and unique names. They are also forced to regularly update the forum software to fix known security loop holes, which causes site down time, and frequently all kinds of havoc with the postings.
Just to be clear; visiting a webpage with a standard browser can not reveal any of your serial numbers. Visiting a webpage with IPv4 can not reveal your MAC address. IPv6 encodes your MAC address into your IP address so it can reveal your MAC address; but it is a trivial task to tell your computer to generate phony MAC address(s) and use those to generate the IPv6 address. For example in "Windows family" OSs: netsh inter ipv6 set privacy state=enabled.
In my experience, running message boards, it worked great to weed out spammers. Obviously, its not ultimately foolproof- nothing is, in the digital world. But 99% of spammers are not computer savvy folks who know how to generate fake MAC addresses and mask real MAC addresses, so it works in terms of effectiveness.
Again, you don't even need to generate phony MACs. Standard browsers do not push that information upstream; so there is nothing for the website to collect. And spammers don't even use browsers to spam. In fact, I don't use a browser to read this website.
I use chrome with plug ins that strip out all pictures/video/flash/java/html 5 animation etc, basically a text ripper, what do you use Nyarlathotep out of curiosity?
basically wget
This loon attacks the forums selectively one at a time. Yesterday he/she/it started with Forum Support. Today the Debate Room has been hit first. It's also started a few hours earlier than normal. It sounds like a human rather than a robot is behind this idiocy. I wonder if someone who was excluded for misbehavior has gone postal.