studiot Posted April 6, 2023 Posted April 6, 2023 I note that the titles in the current spate of spam contain certain words - Airlines, printers ....... My old outlook express allows the use of filters that I can set up to simply block email with titles containing certain words and I see 20 years on viagra still comes in and is blocked. Could the admins write a small routine to perform the same here perhaps dumping/delaying them to a mod queue as is already done for some posts. Especially if the mods could easily add or remove troublesome words as the spammers react ?
TheVat Posted April 6, 2023 Posted April 6, 2023 Just saw this. Sorry to start a separate thread - for some reason, I didn't see this one. I also wonder if more challenging security questions would help in the new user registration form....maybe just make registration a bit more work, not so much as to drive away real members but enough to make spammers not want to bother.
iNow Posted April 7, 2023 Posted April 7, 2023 7 hours ago, TheVat said: but enough to make spammers not want to bother. One of the true “what’s next?” stories around GPT-4 and related large language models is the explosion of easier spam and automated selling activities like these.
NTuft Posted April 7, 2023 Posted April 7, 2023 (edited) 13 hours ago, studiot said: Could the admins write a small routine to perform the same here perhaps dumping/delaying them to a mod queue as is already done for some posts. 7 hours ago, TheVat said: I also wonder if more challenging security questions would help in the new user registration form....maybe just make registration a bit more work, not so much as to drive away real members but enough to make spammers not want to bother. Perhaps set new account registering pending approval. Maybe have some questions about science interests to screen for a human-esque reply. I don't think the forum is really burgeoning with new registrations(?), so it might be less work to approve members one by one if the spamming continues to be a problem. Edited April 7, 2023 by NTuft
iNow Posted April 7, 2023 Posted April 7, 2023 Adding more friction to new member participation isn’t conducive with growing online communities. More harm than good comes by pursuing such an approach, and it would be a repetitive recurring daily annoyance and burden to the people volunteering their time here.
mistermack Posted April 7, 2023 Posted April 7, 2023 It seems to me that it's probably revenge spamming, by someone who got banned. If it was easy, I'd restrict new members to just one post, in the first 24 hours temporarily. That might reduce the spam posting by a factor of five, because the new member could be banned on the first spam post. And longer term, it looks like an "I am not a robot" box is needed in the new member application form. Which would cut it out, unless it was some nutter doing it manually.
Cap'n Refsmmat Posted April 7, 2023 Posted April 7, 2023 7 hours ago, mistermack said: And longer term, it looks like an "I am not a robot" box is needed in the new member application form. Which would cut it out, unless it was some nutter doing it manually. We have one (using Google's reCAPTCHA) already. Evidently a number of spammers really do work manually (perhaps by paying people a few cents to click the button) or have a way of defeating the CAPTCHA. We also limit new members to 5 posts in the first day, but of course a few people making 5 spam posts is already a lot of spam in a day. I've previously tried adding custom questions to the registration forum, like asking about a well-known science fact, and spammers get right through those too. I think spam people are willing to put in quite a bit of work, like keeping a database of all the questions they're asked on registration forms and the right answers to them.
studiot Posted April 7, 2023 Author Posted April 7, 2023 6 minutes ago, Cap'n Refsmmat said: We have one (using Google's reCAPTCHA) already. Evidently a number of spammers really do work manually (perhaps by paying people a few cents to click the button) or have a way of defeating the CAPTCHA. We also limit new members to 5 posts in the first day, but of course a few people making 5 spam posts is already a lot of spam in a day. I've previously tried adding custom questions to the registration forum, like asking about a well-known science fact, and spammers get right through those too. I think spam people are willing to put in quite a bit of work, like keeping a database of all the questions they're asked on registration forms and the right answers to them. I'm not sure if folks caught my meaning properly. If the word 'airlines' appearing in a new thead title automatically suspended the thread to the mods and the modes could also reactively change this word if the spammer changed to say 'insurance' , wouldn't that make life easier for them ? I have lived very happily for 20 years + without emails entitled ...SEX.... or .....Viagra..... or one or two other things.
Genady Posted April 7, 2023 Posted April 7, 2023 4 hours ago, Cap'n Refsmmat said: We have one (using Google's reCAPTCHA) already. Evidently a number of spammers really do work manually (perhaps by paying people a few cents to click the button) or have a way of defeating the CAPTCHA. We also limit new members to 5 posts in the first day, but of course a few people making 5 spam posts is already a lot of spam in a day. I've previously tried adding custom questions to the registration forum, like asking about a well-known science fact, and spammers get right through those too. I think spam people are willing to put in quite a bit of work, like keeping a database of all the questions they're asked on registration forms and the right answers to them. I've noticed that the current spam posts appear in quick successions. Is it possible to limit new members to 1 post per 10 minutes for the first day? It would take about an hour to post the 5 allowed posts. 1
MonDie Posted April 8, 2023 Posted April 8, 2023 I have no skill here, but it's an idea. It seems like it would be possible to create a robo-mod, separate of the forum software, that would take whitelist or blacklist requests from a pinned thread. It probably will need to un-delete accidentally deleted threads. For security, run from any system or VirtualSystem or any network or 5Gbs/month hotspot. It only needs the scripts and the account password. It would navigate with the keyboard: Tab + Enter to navigate; arrows and Ctrl+C/V to copy/paste thread titles; Ctrl+Alt+T to open Ubuntu Terminal and then to paste posts or titles into Bash scripts, scripts which then decide whether to repeat the same macro or execute a new macro that will execute a new script, for example a script that deletes the second or third thread in All Activity after the top ones have been whitelisted. Possible hurdles: it will need the power to un-delete threads that are not whitelisted in time, or else it cannot run constantly and run on a whitelisting principle --it shouldn't accidentally delete a whitelisted thread if it doesn't have to reload the page, unless it isn't whitelisted in time--; it may need to ignore troll posts by simultaneously copying the username or user status and the user's posted content, which are in separate boxes; the robo-moderator would preferably have forum privileges limited to deleting or undeleting threads; OR ELSE, it needs a very clever algorithm for combining the lists via commands like Bash diff command; Ubuntu Terminal, which would take script prompts, only takes paste commands via mouse and not keyboard. *KEYBOARD NAVIGATION: mouse navigation would have to respond to differences in box size, but the keyboard can hit Tab 27 times or 27 + 5*Z number of times. 1
Sensei Posted April 8, 2023 Posted April 8, 2023 On 4/7/2023 at 1:15 AM, iNow said: One of the true “what’s next?” stories around GPT-4 and related large language models is the explosion of easier spam and automated selling activities like these. ..only a real idiot would use A.I. to bypass a website's CAPTCHA to send a spam email.. when he could tell to hack X, Y, Z.. 12 hours ago, Cap'n Refsmmat said: I've previously tried adding custom questions to the registration forum, like asking about a well-known science fact, and spammers get right through those too. ..don't add it to HTML form data (it can be automated).. make it JavaScript prompt() https://www.w3schools.com/jsref/met_win_prompt.asp prompt() -> set localstorage variable (they are JS only available, unlike cookies) -> pass to normal website -> check whether localstorage is the right one. e.g. md5( prompt question answer + random salt + ip of a person )
Dave Posted April 8, 2023 Posted April 8, 2023 I've added a new plugin to try to address the recent surge in spam - we'll see if that works! 3
exchemist Posted April 8, 2023 Posted April 8, 2023 1 hour ago, Dave said: I've added a new plugin to try to address the recent surge in spam - we'll see if that works! So far so good. Thanks for addressing so quickly. !
studiot Posted April 8, 2023 Author Posted April 8, 2023 Feedback The rats are still trying I note that couple of new alphasoup members an hour ago, that joind and came back 3/4 hour later but came to nothing. Then just now another as member joined and successfully posted within 2 minutes.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now