Dealing with Forum Spammers?



  • As you may or may not have noticed, a certain spammer keeps spamming the forums. Aside from deleting all the messages, is there anything that can be done to stop this without placing an undue burden on the majority of users (requiring posts/users be moderated, etc)?

    Keep in mind this is a person, not a bot, and the individual uses a few different IPs, meaning a normal CAPTCHA and IP-Bans won't work...





  • How do you know it's not a bot? Maybe they are just using one of the famous "mechanical turks" to pass the captcha... (Or someone figured all the words that get cycled... not like it would be hard...)

    In that case, tried doing the usual stuff? Like renaming the critical pages or adding a "I'm not a spammer" check box on the "register" page?

    If he's really a human, he will probably read this topic as well, so I don't think there is much to do besides iwpg's solution.



  • This was on some news site a few weeks back.

    http://www.caveyourtrolls.com
    It might also work as a spam filter perhaps, since you say it's a human spamming. 

    I'm unsure if it would actually work though. I actually think it won't. But i thought i might mention it.

     
    The other option would be to  delete posts on specific content (since from what i've seen he's pretty single minded about what product to spam). But those kinds of things tend to backfire.



  • If it's just a regular idiot with a bunch of dynamic hosts, IP-based bans will work fine; just because somebody is using half a dozen different /24s doesn't mean you can't ban them all. If it's an idiot with a botnet, it's usually not that hard to programmatically detect and block, and it's probably already in the blacklists anyway.

    CAPTCHAs have never worked, except to deflect the most moronic of spammers towards easier targets. I can bust them in my sleep, and so can the spammers. 

    Far more determined spammers have tried far harder than this, and all have fallen. There is no such thing as a spammer that you can't detect and block. The problem with spam isn't that you can't block them, it's that you can't block the next one before they slip at least one spam past you.

    No further meaningful comment is possible with the information provided.



  • Almost every message/username I've seen involved the word Nike. Although that's a lame block method.


    Another method would be to boost the number of moderators.


    Or slash-dot style moderation


    Rent a bot-net and DoS.


    Have a karma system, and prevent low karma users from posting alot (the more karma they have the less flood barrier they have).



  • I'm currently citing the tibet.org website for the "reason" part when I delete his posts (so he receives incriminating content), hoping that this might one day draw the attention of the Chinese authorities towards him - when they confiscate his PC, he might stop spamming this forum.



  • What boggles the mind is that if this is in fact a real person, how didn't they get the hint yet that there's exactly 0% chance of anyone on this forum being interested in his products.

    Furthermore, I'm curious as to what's the sense behind the spam and annoy marketing technique is he using, and why (presumably, since he persists to use it) does it actually work in some places.

    Almost every message/username I've seen involved the word Nike. Although that's a lame block method.

    I second this motion. I don't think there's any legitimate reason for anyone to be advertising running shoes in this forum anyway.



  • @Alex Papadimoulis said:

    Keep in mind this is a person, not a bot

    How do you know it's a person? The posting pattern doesn't seem to match human-ness.



  • @Sunstorm said:

    What boggles the mind is that if this is in fact a real person, how didn't they get the hint yet that there's exactly 0% chance of anyone on this forum being interested in his products.

    Furthermore, I'm curious as to what's the sense behind the spam and annoy marketing technique is he using.

    Those questions are pretty easy to answer. That he's not a bot (which I still don't believe) doesn't mean he can't use bot-like marketing techniques. It was never intended to sell anything in this forum. It's just about link farming. He hopes that if he leaves enough links here google will eventually pick it up and up the page rank. I don't think this technique still works but we saw already in the other threads how amazingly behind the times some people can be...

    The other theory is of course that he is in fact a disgruntled manager/initech employee who found his code featured here and now wants to destroy this site as his revenge ... by gnawing it off ... piece ... by ... piece...



  • @dhromed said:

    @Alex Papadimoulis said:
    Keep in mind this is a person, not a bot

    How do you know it's a person? The posting pattern doesn't seem to match human-ness.

    One can never be 100% certain about this, but looking over the log files, the user downloads all JS/CSS/images, and has a standard-time click pattern (as opposed to instantly going from page to page). Plus, everytime the account gets banned, a new one is created. While someone could certainly develop such software, it'd probably be easier and less time consuming to pay some Chinese guy (or be that Chinese guy) ...



  • @Alex Papadimoulis said:

    @dhromed said:
    How do you know it's a person? The posting pattern doesn't seem to match human-ness.

    One can never be 100% certain about this, but looking over the log files, the user downloads all JS/CSS/images, and has a standard-time click pattern (as opposed to instantly going from page to page). Plus, everytime the account gets banned, a new one is created. While someone could certainly develop such software, it'd probably be easier and less time consuming to pay some Chinese guy (or be that Chinese guy) ...

    That's pretty convincing, yes.

    Maybe it's a robotic contraption pressing keys and moving the mouse.



  • If he's in it for the links, then why not alter all links to point to a re-direct script.
    http://worsethanfailure.com?redirect=UrlEncoded( url )

    Then implement the redirect script not with a header redirect but with javascript.After that it won't matter anymore, because no search engine will understand that that's a link to another site.  

    The only problem would be, that he might not understand that his spamming isn't having any effect anymore on this site.

     

    It isn't the greatest of idea's but i figure your better of trying to fight the reason he does it, then fighting him doing it. 




  • Another idea, rather sophisticated: Instead of locking the account, which only causes him to create a new one, set a mark on his account so every post he makes triggers a timer that causes the post to be deleted after 3-10 minutes, using one of several pre-defined reasons ("go away", "you suck", "free tibet") etc. So he thinks that this forum has very busy admins and probably goes away.

     



  • @stratos said:

    If he's in it for the links, then why not alter all links to point to a re-direct script.
    http://worsethanfailure.com?redirect=UrlEncoded( url )

    Then implement the redirect script not with a header redirect but with javascript.After that it won't matter anymore, because no search engine will understand that that's a link to another site.  

    That has got to be one of the more roundabout methods to simulate the rel="nofollow" attribute on links that I've seen in quite a while.



  • Tweak the site code so that you can flag accounts as Chinese spammers (add another column to the users table or something), at which point all page requests respond with 301 redirects to random "free Tibet" websites. Should be easy - you can probably drop the code into a master page somewhere.



  • @asuffield said:

    @stratos said:

    If he's in it for the links, then why not alter all links to point to a re-direct script.
    http://worsethanfailure.com?redirect=UrlEncoded( url )

    Then implement the redirect script not with a header redirect but with javascript.After that it won't matter anymore, because no search engine will understand that that's a link to another site.  

    That has got to be one of the more roundabout methods to simulate the rel="nofollow" attribute on links that I've seen in quite a while.

    Although your right, you can't be sure search engines will be nice enough to respect that. 



  • @stratos said:

    @asuffield said:
    @stratos said:

    If he's in it for the links, then why not alter all links to point to a re-direct script.
    http://worsethanfailure.com?redirect=UrlEncoded( url )

    Then implement the redirect script not with a header redirect but with javascript.After that it won't matter anymore, because no search engine will understand that that's a link to another site.  

    That has got to be one of the more roundabout methods to simulate the rel="nofollow" attribute on links that I've seen in quite a while.

    Although your right, you can't be sure search engines will be nice enough to respect that. 

    Google invented it, yahoo and MSN respect it. Who gives a damn about any other search engines? 



  • The chance that some no-name search engine won't respect nofollow is no reason to cut off hyperlinks for any browser that has JavaScript disabled (cough NoScript cough) or doesn't support it.



  • Make a user's first 20 posts go through a review process before they show up on the site.



  • Can someone explain the idea of using tibet.org as a reason?  I understand the idea of China wanting to ban some 'Free Tibet' websites, but I'm just not following the chain of events that links deleting spam posts to the spammer's PC being confiscated, etc.



  • @shadowman said:

    Can someone explain the idea of using tibet.org as a reason?  I understand the idea of China wanting to ban some 'Free Tibet' websites, but I'm just not following the chain of events that links deleting spam posts to the spammer's PC being confiscated, etc.

    When a post is deleted, the admin enters a reason and a mail (including the reason) is sent to the author of the post.

    Idea: If Chinese authorities scan the internet traffic for "inappropriate" content, they might notice that a certain individual receives data containing those "bad words" more often than others, thus they might want to take a look why this happens. Though I think this is rather unlikely to really happen, the pure prospect might be enough to scare away the spammer.

     



  • Waitwaitwait... so that means I can get random chinese people arrested and tortured to death if I simply write them a mail containing "Free Tibet"?



  • @PSWorx said:

    Waitwaitwait... so that means I can get random chinese people arrested and tortured to death if I simply write them a mail containing "Free Tibet"?

    Probably not. But then, who knows? 



  • All his posts are about shoes. I say someone should run a script which replaces the word "shoe" with "porn", just for kicks. Then you do something that limits foruma to having topics opened with the word "porn" in the first post at most once a day so the spammer doesn't fill a forum with trash.

    After some time, we could use that as our own joke meme, and "porn" would be our secret code for real "shoes".

    This would be some mean yet funny thing to do because a) we could poke fun at people who actually follow this spammer's link and get frustrated by getting into a fake Nike shoes store and b) if the chinese government ever caught the spammer, he'd be in as much trouble due to the porn references as if he had Tibetan and Taiwanese independence propaganda. I'm serious on b).

     Also, I'm with Lingerance when he says DoS.



  • Nonononono - flag his account so next time he logs in and does a page request, he instead gets an infinite-length repeating plain text file containing as many "inappropriate" words as possible.  Hopefully the bot won't catch on, and will keep the connection open long enough that the several megabytes of "free tibet porn free tibet porn free tibet porn" will raise a red flag at Chinese Government HQ.



  • @Lingerance said:

    Almost every message/username I've seen involved the word Nike. Although that's a lame block method.


    Another method would be to boost the number of moderators.


    Or slash-dot style moderation


    Rent a bot-net and DoS.


    Have a karma system, and prevent low karma users from posting alot (the more karma they have the less flood barrier they have).

    Gaak!  I vote with a hearty no on the /. style moderation.  That definitely crosses the line of "placing an undue burden on the majority of users".  Sorry, I'm a long time /. hater.  I have a low 5 digit slashdot id, and I had a three year partial exile from the Intertron in college, and when I came back the whole of slashdot had gone down the tubes. 

    A large part of the problem with /. is their moderation system is totally a 'solve social problems with more technology' approach, and it's created a poisonous community.  Between the karma whores and troll community that amounts to the WWW equivalent of a VD (see the LA Times Editorial Wiki incident -- not that that wasn't a fabulously stupid idea to begin with but...).  We have a pretty healthy community here, and /.ing the page would ruin the forum and particularly the main page comments.  (I'm not going to touch the problems with their editorial board.)

    However, the Free Tibet and Taiwan material is great.  I also liked the shoe <=> porn idea (that's not an undue burden, but an in-joke--it only works once though). 

    Finally, I really like the moderator bot which just deletes his posts after 3-10 minutes.  I thought that was hilarious.
     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.