Spam: Trends & Solutions
I want to start looking more critically at spam problems across Vanilla sites (both cloud and open source) to see if we can diagnose some patterns and find low-hanging solutions in the short term. To start, let's start collecting spam problems definitively and gathering more information.
Prerequisites for reporting a spam issue:
- Open source: Using 2.2 or master.
- Captcha is in use.
- Registration option "Require users to confirm their email addresses" is checked.
- Default roles are properly designated on Roles page ("default: unapproved" etc are showing under descriptions).
- A "Unapproved" role exists AND has restricted permissions (NO *.Add or Profile.Edit).
- Akismet is on (and using our cloud key if a client).
- StopForumSpam is on and the threshold have been lowered appropriately (all in 5-15 range).
- Ranks IS NOT set to Verify users with less than 10 posts.
- Editing posts timeframe is restricted to a day or less (at least for new members if using Ranks).
- Burner Blocker plugin is enabled or the spam is not from burner email domains.
Information to collect:
- What is the RATE & RATIO of spam users registering (to legit users)?
- What is the RATE & RATIO of live spam posts (to legit posts)?
- What patterns can be found in the user profiles? "Status" (About), Photo, IP address, and email are all common vectors.
- Do the users appear to be bots or humans?
How to differentiate a bot from a human:
- Humans tend to register multiple accounts from the same IP address and email domain consecutively in a limited timespan.
- Bots tend to register in sustained waves with no discernible pattern in IP or emails, often with longer periods between each individual registration.
- Bots tend to use regimented username patterns (ex: 4-letter word + 2 digits + 3-letter word).
- Humans tend to keyboard-mash usernames (jladsjksad) or be creative.
- Bot usernames RARELY (if ever) match emails ("Bobby123" with email "Bobby123@hotmail.com").
Let me know if you have more good telltale signs of a bot, prerequisites, or good information you find.
The floor is open! Let's see some investigation results.
PLEASE re-check all the prerequisites before adding a case.
Comments
-
The only thing I have been seeing, is some spam bots (or humans) are getting around
$Configuration['Garden']['Profile']['EditPhotos'] = false;This is Open Source, using Master from Github Version 2.2.101.3
0 -
Do we support the new captcha? Is it any better at stopping bots?
0 -
Came across this company called: http://www.claim.io/welcome/pricing.php, which spam bombed my site in creating multiple accounts(over 500+ in a 3 day period). They did not spam the community with content, but created numerous profiles, added the company logo and posted their story in activity page.
I did meet all the requirements, in the checklist. This is just a good example to also ask customers to study the referrals too. Sometimes this can help.
Solution I used was to turn off show activity, usually a vector for spammers:
$Configuration['Garden']['Profile']['ShowActivities'] = false;
They were still able to get around the editing of photos restriction.
Now it's more an annoyance than anything for user count.
0 -
@Lvez said:
Do we support the new captcha? Is it any better at stopping bots?Not yet, but that seems like something we'll tackle as a side project in Q1. I don't have information on it being more effective; it's primary goal to my knowledge was better user experience (which is significant). We want to implement the new one in a "generic" way so that we can support alternate captchas generally and not have 1 Google solution hard-coded.
0 -
Having multiple captchas (at least one non-Google option) would be great, particularly for China-based users.
0
