Spam Fest at AAC.

Thread Starter

GopherT

Joined Nov 23, 2012
7,983
This morning we had a spam attach - I'm not sure it is advertising or just crap but mostly in non-English / repeating posts. More than 40 according to user's profile page. Almost every sub-forum impacted.

No moderator on duty.

I think the problem could be solved in the future if new users are limited to starting 2 or 3 new threads in 24-hours.

image.png
 

OBW0549

Joined Mar 2, 2015
2,951
I think it's "having" a spam attack, not "had"-- the tsunami of garbage is still coming in, with 200+ posts in just over an hour under numerous usernames.

The solution you suggest would certainly work, though I would tighten it up even more, perhaps to one new thread a day or even less.
 

Bordodynov

Joined May 20, 2015
2,354
I would still limit the appearance of new members of the forum, or limited the possibility of creating one new topic by a new user.
 

OBW0549

Joined Mar 2, 2015
2,951
I would also welcome a 24- or 48-hour timeout between new user registration and when the new user is allowed to post anything. That would pretty much eliminate attacks like this one, in which the spammer is repeatedly registering new user names to post his garbage from.
 

Thread Starter

GopherT

Joined Nov 23, 2012
7,983
I would also welcome a 24- or 48-hour timeout between new user registration and when the new user is allowed to post anything. That would pretty much eliminate attacks like this one, in which the spammer is repeatedly registering new user names to post his garbage from.
It would suck for students logging on to ask their first homework question. Or someone creating an account to ask a question about their current emergency breakdown/repair project.
 
  • Like
Reactions: #12

OBW0549

Joined Mar 2, 2015
2,951
Wow. The tide continues to rise: an hour and a half after it began, we're now closing in on 300 spam posts. And still no moderator in sight. The first one to arrive on board is going to have one helluva nasty surprise.
 

Kermit2

Joined Feb 5, 2010
4,158
At least my Amazon order was not cancelled again. Again.
And my EBay account STILL needs me to log in and verify that I'm stupid enough to fall for it.(I don't have an account)

Bored chinese script kiddies learning how to hack.
 

Thread Starter

GopherT

Joined Nov 23, 2012
7,983
Wow. The tide continues to rise: an hour and a half after it began, we're now closing in on 300 spam posts. And still no moderator in sight. The first one to arrive on board is going to have one helluva nasty surprise.
I think all of the other Mod's will be thinking, "gee, i wish I could have found that spam mess, I would have handled it like a Boss. That would have been a great story to keep telling the other mods... Crap, the mod that found it will keep telling ME this story!"
 

djsfantasi

Joined Apr 11, 2010
5,474
I would guess stopping the attack is a jrap issue. Moderators will need to assist in cleaning up the mess.
 

#12

Joined Nov 30, 2010
18,076
I think the problem could be solved in the future if new users are limited to starting 2 or 3 new threads in 24-hours.
I think you have a Bingo. I suspect that no valid user has ever opened 3 valid Threads in 24 hours.
I know I haven't, and I've been here for 7 years.:cool:
I've never had Chrome offer to translate AAC for me.
It's a real Chinese invasion!
I tried Google Translate. It failed.:(
 

#12

Joined Nov 30, 2010
18,076
attacks like this one, in which the spammer is repeatedly registering new user names to post his garbage from.
Might be countered with an ip address search...or not.
Hackers can spoof their ip address.:(
See: smurf attack
 

djsfantasi

Joined Apr 11, 2010
5,474
I think you have a Bingo. I suspect that no valid user has ever opened 3 valid Threads in 24 hours.
I know I haven't, and I've been here for 7 years.:cool:
Then the script kiddies will create a new user every three posts.

Obviously, it's too easy to register. Need to add Captcha as a requirement.
 

Reloadron

Joined Jan 15, 2015
4,466

jrap

Joined Jun 25, 2006
1,020
Then the script kiddies will create a new user every three posts.

Obviously, it's too easy to register. Need to add Captcha as a requirement.
We have Google Captcha, a 'hidden' captcha, honeypots, ban specific email domains, and ping out to 2 different spam services to check username/email/IP. It's unfortunately always going to be an ongoing battle.

I agree with the suggestion of limiting the number of threads or replies a new member can make. That's a great idea.
 
Top