• From: Curitiba, Brazil
  • Registered: 2006-05-31
  • Posts: 32

Topic: Next wave of spam: Be prepared!

From the recent evolution of spam in forums, everything indicates that forum spam is using more and more techniques of e-mail spam. Filters and addons used for forums and going to be more and more like SpamAssassin rather than just a keyword blocking addon. I am pretty sure that in a near future, spam forum will be like this: non sense garbage in the subject line or words like "V1AGRA", "P0RN", "phaarmaccy" to by-pass filters, and in the message, just one large clickable image, just like spam that you get in your Gmail account.

A possible solution to this problem would be having a "Report" button on each post, linked to a backend central server used by many forums in the world, to list all blacklisted IP addresses. If spammer Jack sends a gambling spam on Bob's forum, Jim clicks the "Report" button to report Jack's IP address to the central server. Bill also has a forum which system knows the blacklisted IP right away, and when Jack tries to post his spam on Bill's forum, he gets an error message because his IP address is blacklisted. After 3 people click the "Report" button, the user is erased, his message as well, and his original IP address is sent to the central server.

Forums spammers will do their best for messages to get through, they will be as carried away as for e-mail spam. We just have to be prepared. No good built-in protection will ruin the forum experience the same way spam killed Usenet that once was very popular.

Charles.

calande's Website

2 Reply by hcgtv

  • hcgtv
  • hcgtv
  • Senior Member
  • Offline
  • From: Charlotte, NC
  • Registered: 2004-06-25
  • Posts: 1,991

Re: Next wave of spam: Be prepared!

Nice site design, I see you're running phpBB.

I understand what you're proposing but we also have to take it to the sign up process, lately I'm getting a lot of signups with funky names. A lot of these signups never acknowledge their email confirmations, all I can attribute it to is a way for their product to be spidered from their user names.

PHPCrossRef . TXP Make . TXP Themes . TXP Tags . TXP Planet . We Love TXP

hcgtv's Website

  • From: Curitiba, Brazil
  • Registered: 2006-05-31
  • Posts: 32

Re: Next wave of spam: Be prepared!

Exactly, I have also noticed it. I'm not sure about the proportion of true and fake registration, but I would say that more than 50% for sure are false registration in a sense that these registrations will never send any post on the forum. Also, when I do some research on the web looking up these usernames, they are already present in a number of forums with...Zero post! I have only one explanation for this practice: These people are creating thousands of accounts on thousands of forums with not a single post....For now. One day they could all of the sudden use these usernames to start filling the whole Internet with one single message. What sort of message? I don't know... Maybe a single product, maybe political, maybe an adult web site... I have no idea, but the thing is that on the PC-BSD forum for instance, there are thousands of fake usernames, I guess, under the control of a remote central bot. At any time this bomb can explode and the spam bot can trigger all of its usernames around the world to send one single message to promote their product.

PS: Yes, the PC-BSD forum is phpBB, sorry. Actually I moderate a simple punBB forum on www.interactionchat.com

Charles.

calande's Website

4 Reply by hcgtv

  • hcgtv
  • hcgtv
  • Senior Member
  • Offline
  • From: Charlotte, NC
  • Registered: 2004-06-25
  • Posts: 1,991

Re: Next wave of spam: Be prepared!

calande wrote:

Also, when I do some research on the web looking up these usernames, they are already present in a number of forums with...Zero post!

Yes, I researched one user name the other day after he, she or it posted a few spam posts on one of my forums.

Found out that the user name was being used on quite a number of forums and wikis. From the user name, ForexMan, and the spam post, I deduced it was from a website called Forex dot com that was selling some stock trading software.

I fired off an email to the support team on their site and told them that either their paid spammer stops or we'll all get together and start a negative spam campaign against them. I was prepared to leave the spam post but change the wording to reflect that the software sucked big time and contact every forum and wiki that this user was registered on.

I received an email back saying sorry and I've yet to get any more spam from said user. It's just one person's battle against an army but I believe we can make a difference in the war if we work together.

PHPCrossRef . TXP Make . TXP Themes . TXP Tags . TXP Planet . We Love TXP

hcgtv's Website

  • From: Curitiba, Brazil
  • Registered: 2006-05-31
  • Posts: 32

Re: Next wave of spam: Be prepared!

Definately.

Charles.

calande's Website

  • From: TX, US
  • Registered: 2004-09-28
  • Posts: 46

Re: Next wave of spam: Be prepared!

Have y'all seen this website? (and the software they sell)

http://fp.icontool.com/

  • From: Curitiba, Brazil
  • Registered: 2006-05-31
  • Posts: 32

Re: Next wave of spam: Be prepared!

Well, expect that this tool is in its infancy. Shortly these guys will offer a lot more than forum spamming, they will also spam in blog comments, wiki entries, phpMyFAQ comments, and hundreds of other web applications that are probably not prepared. And they will also protect against flooding or bot detection, using a random delay between posts. They will also randomize text of each post and subject to by-pass filters just like in e-mail spam techniques.

Charles.

calande's Website

8 Reply by Paul

  • Paul
  • Senior Member
  • Offline
  • From: Wales, UK.
  • Registered: 2003-08-13
  • Posts: 3,089

Re: Next wave of spam: Be prepared!

I know I keep jabbering on about this but I really think a powerful set of spring cleaning tools is just as important as all the clever ideas for keeping spam out in the first place. If a mod or admin can dispose of spam posts, non posting users etc in a matter of seconds rather than minutes it makes spam far less of a nuisance. It also means that the mods and admins have no excuse for not removing rubbish every visit to the board rather than leaving it to when they have time to spare. It might even put spammers off if they see their hard work being deleted almost as soon as it appears.

It also has to be said that while there are many reasons why effective anti spam measures are hard to implement there really isn't much of an excuse for not providing tools for getting rid of it.

  • From: Curitiba, Brazil
  • Registered: 2006-05-31
  • Posts: 32

Re: Next wave of spam: Be prepared!

Why don't you help out creating these tools, Paul? tongue smile

Charles.

calande's Website

10 Reply by Paul

  • Paul
  • Senior Member
  • Offline
  • From: Wales, UK.
  • Registered: 2003-08-13
  • Posts: 3,089

Re: Next wave of spam: Be prepared!

I'm the markup end of this operation, I don't do code or at least, I don't do it to an acceptable standard.

11 Reply by equineguardian (edited by equineguardian 2006-10-11 21:24)

  • Registered: 2006-10-11
  • Posts: 1

Re: Next wave of spam: Be prepared!

I know exactly what you guys are talking about, I had to delete my old forum because of Spam Usernames with zero posts! Now I require email verification. It would indeed be very helpful to have tools that do that.

Also, I also have/are running a PhpBB board like calande. But my current forum is a punBB, as I see it both are good software.

That's my two cents!