PDA

View Full Version : Spam messages with links



BrianShaw
12-Nov-2016, 13:02
Help me understand this annoying phenomenon the forum experiences every weekend:

1. Who are these people
2. How do they repeatedly register as members
3. Aren't the mods getting sick-and-tired of delegating those junk posting

???

Jac@stafford.net
12-Nov-2016, 14:06
Amen, my friend.
See post: http://www.largeformatphotography.info/forum/showthread.php?134759-I-mean-it-s-not-going-to-hurt-our-feelings&p=1361742&viewfull=1#post1361742

BrianShaw
12-Nov-2016, 15:25
Oh, and I meant 'deleting' but the spell corrector had its own mind made up on what I meant. DELETING, as in what a mod needs to do with the spam link that was just posted moments ago!

Ralph Barker
12-Nov-2016, 15:43
Help me understand this annoying phenomenon the forum experiences every weekend:

1. Who are these people
2. How do they repeatedly register as members
3. Aren't the mods getting sick-and-tired of delegating those junk posting

???

1. Presumably, they are people who are being paid by someone to post this stuff on as many forums as they can.

2. By going to the trouble of filling out the registration form.

3. Yep, you betcha, as they say up north. We filter new registrations, and while a dozen or two get rejected every day, a few don't match the filter criteria, and get through. We've considered various methods of reducing it further, but zapping them when they post is the easiest. This adds them to the database so they can't register again with the original parameters. Thus, they have to go to considerable trouble to re-register and post again, only to have the new post deleted within a few minutes.

Oren Grad
12-Nov-2016, 15:55
We haven't had time to investigate them all, but I can report that a block of IP addresses for these spammers that I looked at when the current storm started traced to Bangladesh.

Oren Grad
12-Nov-2016, 19:02
...as did the one I just swatted. But the mastermind, whoever it is, could be anywhere.

Leigh
12-Nov-2016, 20:29
I can report that a block of IP addresses for these spammers that I looked at when the current storm started traced to Bangladesh.
Realize that blocking a single IP address can block millions of legitimate users.

That might have worked 20-30 years ago.
It definitely does not work today.

- Leigh

rdenney
13-Nov-2016, 20:27
My wife recently watched a video by some idiot sales woman who was recruiting people to post streaming links. They didn't say where, but the recruits are paid by the click-through so it pays them to post as many as possible. I showed her what we are dealing with, but until I did, she didn't understand the problem.

Leigh, if someone is rejected because of their IP address, they can contact us for advice on how to register with a differentIP address. I can't recall a single case of that (maybe there was one), though we have had one case where a person's email address showed up in the Stop Forum Spam database. We get contacted all the time by people who try to log in with Hotmail addresses, which became so spam-ridden that we reject the whole domain. Most just get a gmail address and try again. No indication yet that millions are trying to get in and aren't able.

For now, we just keep playing whack-a-mole.

Rick "rarely faster at it than Quick-Draw McGrad, however" Denney

Eric Woodbury
13-Nov-2016, 20:59
If a newbie couldn't post for 24 hours, would that drive away anybody except these spammers? Or don't allow posted links in the beginning, but that would be probably a software change.

rdenney
13-Nov-2016, 23:34
If a newbie couldn't post for 24 hours, would that drive away anybody except these spammers? Or don't allow posted links in the beginning, but that would be probably a software change.

Doubt it. We had a rash of spammers a while back who joined, posted a few vacuous messages, and then came back in a month to post spam in the FS forums. Those were mostly from South Asia, as I recall.

This needs to hit the streaming sites so they lose the incentive to pay people to post links. I don't know how to do that, but all the scams seem to lose interest after a while.

Rick "restricting links is hard" Denney

Leigh
13-Nov-2016, 23:45
One simple solution is to prevent posting of any active links anywhere on LFPF.

This would be a simple change.
There's already an option on the composition page to "Automatically parse links in text".
Disable that everywhere by default and remove that option from the page.

All browsers I know of will directly access a link that's presented as a text string.
You highlight the text string, then right-click and select "open in a new tab" or similar option.

The advantage of this is you see the real URL, not some phony text string.

- Leigh

koraks
14-Nov-2016, 09:27
That would also affect e.g. Flickr links and it could also affect image links depending on the implementation. The former could be acceptable (although it would cripple some discussions); the latter would obviously be beyond reasonable.

Dan Fromm
14-Nov-2016, 14:36
One simple solution is to prevent posting of any active links anywhere on LFPF.

This is an excessively harsh reaction to a minor nuisance.

Mark Sawyer
14-Nov-2016, 14:41
This is an excessively harsh reaction to a minor nuisance.

Agreed.

Oren Grad
14-Nov-2016, 15:19
Agreed. We're not going there.

Leigh
14-Nov-2016, 16:25
Agreed. We're not going there.
It's the moderators who defined this as a problem in the first place.

- Leigh

jnanian
14-Nov-2016, 16:57
i like the links
and the spam, its good fried.
and now i have watched
some great sporting events too

rdenney
14-Nov-2016, 19:01
It's the moderators who defined this as a problem in the first place.

- Leigh

We did?

Rick "okay, I get the subtext now" Denney

djdister
14-Nov-2016, 20:11
The most egregious spammers that plague this and other forums are not just trying to sell crap, in many cases what looks like one thing is actually something else - for example, the link says that you will get to stream a football game or something, but the actual link points to a PDF file, which in many cases can contain malicious code which will infect and take over your computer. Or, it will place a bot on your computer, which some bad dude can control at the time of his or her own choosing to launch a botnet distributed denial of service (DDoS) attack anywhere on the Internet, just like the big DDoS attack on 21 October. So these spammers that include fake links to malicious documents or websites are not just irritating, they are downright dangerous to your computer and potentially many others.

One solution is to run a scanning routine which examines the contents of every posting on a bulletin board. All you do is plug in some keywords to look for (which shouldn't be too hard to identify) and if it finds the keyword(s), it quarantines the post, disables the html link, or just deletes the post altogether. With even more advanced logic, it could only scan posts from newly registered users, or users with very low post counts (< 5) for example. It wouldn't be that hard to do, if the bulletin software allowed for some customized code (PHP, Python, Javascript or whatever) and a mechanism to execute it. Unfortunately, I don't think this forum software can handle that, but if it did, the scanning routine and the rules it follows could be fairly trivial to write. Just my $0.03...

BrianShaw
14-Nov-2016, 20:22
Isn't it possible to block messages with links posted by "members" with fewer than 10, say, post count?

EDIT: I just read the prior post. Apparently my great idea has already been suggested!

cowanw
14-Nov-2016, 20:29
How does one get past one post if your first one is always blocked?

BrianShaw
14-Nov-2016, 20:30
Is that a rhetorical question or Socratic teaching?

cowanw
14-Nov-2016, 21:05
Doh!;)

Mark Sawyer
15-Nov-2016, 10:45
Not all posts, just posts with links.