Forum spam

Prince of Persia related subjects that do not have their own boards.
User avatar
atrueprincefanfrom18
Site Shah
Site Shah
Posts: 1782
Joined: January 21st, 2020, 2:53 pm
Contact:

Re: Forum spam

Post by atrueprincefanfrom18 »

Norbert wrote: November 8th, 2017, 12:03 pm It also means reCAPTCHA isn't working, because actual humans do some of the spam work (the challenge–response and making a single post).
That is done by websites like 2Captcha.com, which basically provide API for spammers to send the CAPTCHA over to their server and the sender is issued a key so that they can get the Google CAPTCHA Token (discussed later). 2Captcha pay human operators (from countries where per capita income is low), and the human operator solves the CAPTCHA. After solving CAPTCHA, google issues a token (kind of key, which proves that the user is not a robot). This token is received by 2Captcha and they update the database. On the other hand, the spammer keeps hitting the URL after few seconds in order to get the Google token.

In such a way, they just bypass the thing. The only way it doesn't work when the IP doesn't match up. As of now, Google reCAPTCHA v2 doesn't require the IP of the user who wants the CAPTCHA solved and the one who really solved it (However, if the spammer uses proxy, that is bypassed again).

(For more info, visit the website and you will understand how it works).

Funny things, how technology has moved on. Spammers have taken solving CAPTCHA as a challenge and they are always trying to improve things. Hopefully in some way, some day, spammer stop spamming (well, then technically, yes, they wouldn't be called spammers).

Related and interesting video I had seen few months ago:





By the way, are these two: (this and this) profile users belong to a single person?
Love to create new MODS :)

My complete list of mods until now!

My channel. Do consider subscribing it! :)
Falcury
Calif
Calif
Posts: 565
Joined: June 25th, 2009, 10:01 pm

Re: Forum spam

Post by Falcury »

The topic of account creation recently came up again in this thread:
viewtopic.php?p=31671#p31671

The current anti-spam policy at the forum requires new users to send an e-mail to the webmaster (me) first, before they can sign up at the forum. This has been very effective at preventing spam accounts, but it is not very welcoming for new users.

Account creation at the wiki has also been restricted some time ago. As it stands now, you have to ask for a wiki account at the forum so that an admin can create it for you.

Maybe the time is right to loosen the restrictions on account creation again, or at least for while to see how it goes.
At least we know that we have the option to easily fall back to a more strict policy.

Edit: changed anti-spambot countermeasure setting to reCAPTCHA v3. Hopefully it will be manageable.
crem
Efendi
Efendi
Posts: 13
Joined: December 4th, 2020, 8:29 pm

Re: Windows 10 Pro 1909 OEM ESD March 2020 Free Download

Post by crem »

Wow, so in the new UI registration is completely switched off (it says "The solution you provided was incorrect" even though there's no task to solve), but spammers still manage to register somehow.
crem
Efendi
Efendi
Posts: 13
Joined: December 4th, 2020, 8:29 pm

Re: Windows 10 Pro 1909 OEM ESD March 2020 Free Download

Post by crem »

Ah actually from the second attempt it did allowed me to register, so it's clever spammers who could trick the recaptcha.

It was actually me who asked to simplify the registration, now I see what happens when you do that.
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

I moved the spam post to the trash and crem's posts to this thread.
(You can see the title of the spam post after the "Re:" in crem's posts.)

(Related discussion: viewtopic.php?p=31563#p31563)
User avatar
atrueprincefanfrom18
Site Shah
Site Shah
Posts: 1782
Joined: January 21st, 2020, 2:53 pm
Contact:

Re: Forum spam

Post by atrueprincefanfrom18 »

crem wrote: March 2nd, 2021, 10:55 pm It was actually me who asked to simplify the registration, now I see what happens when you do that.
Nah, it's actually fine, at least there aren't much than that time.
Love to create new MODS :)

My complete list of mods until now!

My channel. Do consider subscribing it! :)
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

Spam is coming from a user who made legitimate posts back in 2017: search.php?author_id=2597&sr=posts
(Note: Only admins and mods will see the trashed spam posts.)

I think spammers hacked this account.

The spam posts all come from a single IP address, different from the IP address used for the legitimate posts.

I will ban the account for now.

I wonder if we can get it back to its legitimate owner?
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Forum spam

Post by Norbert »

David wrote: July 17th, 2021, 5:06 pmI wonder if we can get it back to its legitimate owner?
I've just sent an email to the user.
Maybe the user will get back to me/us after reading that.
User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Forum spam

Post by Norbert »

Spammers still active on this forum.
I had to remove 10 spam posts just now.
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

I reported all spam posts in the trash to Stop Forum Spam, except those which I could not report.

(The button does not appear on posts by deleted users.)

I could not report the following posts, because the "Report to Stop Forum Spam" button displayed an error: "AJAX error", "Service Unavailable".

What's common in all these posts is that they contain non-ASCII characters.
viewtopic.php?f=114&t=4807 -- Arabic
viewtopic.php?f=114&t=4806 -- Arabic
viewtopic.php?f=114&t=4777 -- square bullet
viewtopic.php?f=114&t=4264 -- Russian

Norbert has already run into a problem with that last post, for the same reason, when he tried to report the post within the forum's own report system.
Falcury
Calif
Calif
Posts: 565
Joined: June 25th, 2009, 10:01 pm

Re: Forum spam

Post by Falcury »

The anti-spambot countermeasure for new user registration has been switched back to the Q&A method (for now). In the current set-up, new users have to send an e-mail to ask for the password to be able to create an account.
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

David wrote: July 17th, 2021, 5:06 pm Spam is coming from a user who made legitimate posts back in 2017: search.php?author_id=2597&sr=posts
(Note: Only admins and mods will see the trashed spam posts.)

I think spammers hacked this account.

The spam posts all come from a single IP address, different from the IP address used for the legitimate posts.

I will ban the account for now.

I wonder if we can get it back to its legitimate owner?
This happened again with a different user: search.php?author_id=2832&sr=posts
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

User avatar
Norbert
The Prince of Persia
The Prince of Persia
Posts: 5743
Joined: April 9th, 2009, 10:58 pm

Re: Forum spam

Post by Norbert »

People must be using really easy-to-guess passwords, plus phpBB apparently has no effective brute force protection.
David
The Prince of Persia
The Prince of Persia
Posts: 2846
Joined: December 11th, 2008, 9:48 pm
Location: Hungary

Re: Forum spam

Post by David »

I wonder if it's a good idea to block/ban IP addresses of spammers, especially for an indefinite length?

I am asking this because a few days ago Shauing PMed me because he was blocked by IP address.
Thankfully the problem solved itself because he got a new IP address.
However, this also means that spammers can easily evade IP-based blocks as well, if they have a dynamic IP address?


Below is our PM exchange:
Shauing wrote: December 25th, 2023, 3:33 am Hello there David. I'm writing a PB to you because for some reason my IP got blacklisted and can't post messages in this forum. Is there anything that can be done to remove the blacklisting?
David wrote: December 30th, 2023, 2:43 pm Hello Shauing,

I see that more than 200 IP addresses are banned in the forum (by our moderators/admins), mostly because they were used by spammers.
I don't know which one is affecting you.
The forum can show me what IP address was used for a post, but can't show this for PMs.
I see that your IP address changes regularly. Perhaps this problem will disappear when you get a new IP address?

David
Shauing wrote: December 31st, 2023, 5:26 am Huh, yeah, it seems I got a new IP address; but for the past two weeks or so I had the same one, thus it wouldn't let me post anything.
Seems to be fixed now. Thank you in any case for letting me know what could have been happening and how it could resolve itself!
Post Reply