NV200 Forum banner
1 - 14 of 14 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
contact [email protected]

website. MyGameShopOnline.Com – Buy Amazing Gaming Products

PlayStation®5

The PS5™ console unleashes new gaming possibilities that you never anticipated.

Experience lightning fast loading with an ultra-high speed SSD, deeper immersion with support for haptic feedback, adaptive triggers, and 3D Audio, and an all-new generation of incredible PlayStation® games.

Lightning Speed
Harness the power of a custom CPU, GPU, and SSD with Integrated I/O that rewrite the rules of what a PlayStation® console can do.

Stunning Games
Marvel at incredible graphics and experience new PS5™ features.

Breathtaking Immersion
Discover a deeper gaming experience with support for haptic feedback, adaptive triggers, and 3D Audio technology.
3526
 

·
Registered
Joined
·
191 Posts

9 Ways to Eliminate Spam in Your Community Forum
3 minute read

Luc Vezina
October 29, 2020
Spam is the scourge of the internet and can do significant damage to your community if left unchecked. That's why it's important to monitor your community and ensure that this distasteful posting is kept far away.
It can be a difficult task, however there are some things that you can do to make it much easier. That being said, this post will provide you with 9 tips on how to keep spammers at bay in your community.

There are two kinds of spammers that you need worry about: spambots and human spammers.
Spambots are unintelligent software programs that automate the posting of spam and can usually be easily defeated since they are rigid in their behaviour.
Human spammers, on the other hand, present a greater challenge since they can bypass the traps that catch bots and can quickly change their behaviour.
For example, you might have run across a spam post that says something like this:
"Interesting post. It's almost as interesting as making $700 per week working from home..."
Why would humans be spamming your forum and how can this make money? Most forum spammers aren't trying to get you to buy something, they are attempting to get higher rankings in search engines by creating lots of links from your pages to their own site. In other words, they're trying to use your community to boost their SEO.
The Big Book of Search Engine Optimization1-1
Nevertheless, you don't want your community forum to be riddled with spam—that being said, here are 9 suggestions on how to defeat the spammers.
1. Ensure links in your forum are set to ‘nofollow’
This tells search engine crawlers not to follow the links and therefore, SEO spammers will derive no benefit from spamming your forum. (Vanilla’s links are nofollow by default.)
2. Make sure registration includes a CAPTCHA
Captcha’s are those slightly deformed images of words and you see on sign up pages. Captcha’s do a pretty good job of keeping out spam bots.
3. Require email confirmation
Ensure that you require your members to confirm their email before you allow them to post. Bots and humans can get around this but it's an extra bit of efforts that most real people won't mind.
4. Enable anti-spam plugins
These plugins can automatically detect suspected spam based on links, IP addresses, email addresses and the comment itself. Keep in mind that these plugins are not 100% effective and do sometimes return false positives.
5. Don’t allow editing of comments after a few minutes have passed
A frequent trick used by spammers is to create a comment that doesn’t look out of place (For example: "This is a great post, very insightful.") and then will come back after a couple of weeks and edit the comment to include spam links.
6. Get the whole community involved
Ask members to help out moderators and flag spam. In Vanilla, this can be done with the Spam Reaction.
7. Be ruthless
Moderators and admin should review the spam queue on a daily basis, ban spammers and delete all their content.
8. Restrict who can post links
Only allow members that have proven themselves and have a reputation to be allowed to post links. In Vanilla, it’s possible to prevent members with a low Rank from posting links, editing comments, etc. Ranks are earned by accumulating reputation points or making a certain number of posts.
9. Clearly layout your community rules
Provide information on advertising and partnering opportunities you might offer and make it clear in your community guidelines what is and what is not acceptable promotion. This can help with accidental spammers who are trying to legitimately sell something to your audience.
While spammers are always looking for ways around your defences, following these suggestions will help to eliminate spam.
 

·
Registered
Joined
·
191 Posts
Forums >
General Discussion

Paul
Forum Spammers
Avatar

by PAUL THURROTT
Posted on OCTOBER 4, 2018
Share Tweet 0 Share 0
21


As you probably have noticed, we’ve had serious issues with massive amounts of spam, typically in the forums, since last week. We’re still working on this, but I wanted to provide a quick update so you at least know what’s happened.
First of all, there are no security issues. There is nothing wrong with your site, or your accounts. And as a reminder, we don’t have, and we have never had, access to your credit card information if you’re a Premium member.
Dried and Fresh Herbs
×











Volume 0%
















The issue is that someone, or some entity, is creating hundreds of accounts and plastering our forums with spam. What’s weird about this is that it’s working: We literally have multiple layers of spam protection, and none are catching any of this despite how obvious it is.
The spam is mostly in the form of new forum threads, though I did see a few spam comments from these same accounts over the weekend.

Given the severity of the spam—literally thousands of forum threads created over two days last weekend—we removed the forum link and widget from the home page, and we implemented various new anti-spammer tools, including Stop Spammer, Google Captcha, Askismet.
This actually worked for a few days. But as of today, the spammers are back. And they’re bypassing all of our measures, including the ones noted above.
So now we’ve temporarily removed the ability to create a new forum thread until we can figure this out. We’re reaching out to experts at WordPress, CleanTalk, and elsewhere in the hopes that someone will stop passing the buck and actually help.
Users can now post new topics again as of 10/5/18. We may have to reverse this in some sort of emergency -Tim
Anyway, sorry for the disruptions here in the forums. We’re working on it. And I will provide a more detailed account of what happened whenever we do get past this.
Thanks!
Paul

A quick update from Tim (10/5/18 @ 12EST)
Comments (21)

  1. infloop
    Thanks for the update, Paul. I do hope that the team can get help from the various providers about this problem and get it resolved. I can only imagine what a headache it must be.

    Looking forward to the next update.
    2 years agoLog in to Reply
    0

  2. faustxd9
    Wow, that is a huge amount of additional investment to exist on the internet these days! I hope they haven't hijacked a admin account and are using that to generate accounts. Thanks for the post and all the hard work!
    2 years agoLog in to Reply
    0

  3. disco_larry
    I'm surprised it's financially worthwhile for spammers. I can't imagine many people click on those links.
    2 years agoLog in to Reply
    0

    • wunderbar

      All it takes is a very tiny percentage. Same reason spam callers work.
      2 years agoLog in to Reply
      0
      • Avatar

        hrlngrv
        In reply to wunderbar:
        A tiny fraction of, say, Disqus users reading all sorts of blogs and web sites would be one thing, but would those of us following tech sites click on obvious spam links? Selling pyramid schemes to high schoolers, patients in rehab, residents at senior centers is one thing, selling them in police bunko squad rooms is quite another.
        OTOH, maybe thurrott.com was a convenient testing ground for all sorts of nasty hacking tools.
        2 years agoLog in to Reply
        0

  4. Daekar
    Good grief, who the heck has so little to do that they work to bypass comprehensive spam filters? Definitely looking forward to hearing all about it when you get them put in their place!
    2 years agoLog in to Reply
    0

    • gardner
      Apparently the ability to communicate with the smart people that frequent this forum is worth the extensive effort it takes to overcome these obstacles. Unless this is some sort of personal attack, and not motivated by "spam economics".
      2 years agoLog in to Reply
      0

  5. skborders
    You guys are really getting hammered. Thanks for your hard work.
    2 years agoLog in to Reply
    0

  6. wolters
    Thanks for the update...glad I know I wasn't going crazy looking for the forums tab.
    2 years agoLog in to Reply
    0

  7. Tim
    I launched an update last night after collaborating with one of our anti-spam services. At their request, we loosened some of the measures that were causing many false-positives and keeping some of you unable to log into the site.

    I added some tools for our admin team to report/remove spam a little easier. Part of this is meant to send more data to the anti-spam tool, the theory is that it will continue to learn the nature of this particular SPAM attack and get better at preventing it.

    One thing to keep in mind is that this means we will likely see some batches of SPAM come through, but this is meant to decline over time.

    I would also like to speak a little to the nature of our systems in place.

    Google reCAPTCHA
    This is sort of the first line of defense. It is arguably the best captcha system available, leveraging the insane powers of Google's machine learning capabilities. This is in front of all account registrations and as of this week is also a part of submitting a new thread to the forums. We have not implemented this for comment replies as it is a little more cumbersome then I think we'd prefer for this interaction but...never say never.

    It's worth noting that even this is not fullproof: Now anyone can fool reCAPTCHA

    IP and Email Address Known SPAM Databases
    We leverage a service that has access to several of the largest databases of known/reported SPAM email addresses, top level domains, and IP addresses. Every user registration, comment, and forum post passes through this filter, and many are blocked every day. We have had nearly 10,000 positive hits in the last week alone.

    We are able to see global reports on every individual email and IP address. I would like to point out that in manually investigating many of the SPAM addresses from the incident this week, almost every one I spot checked had zero incidents of SPAM until the last 2-3 weeks at which point reported incidents skyrocketed. This indicates to me that this is a new attack that is being launched across various corners of the internet.


    Content Analysis
    We pass content over to a service that also analyses the author information (IP, username, email address) but also examines the actual content of what's being posted in an attempt to flag SPAM as SPAM. All of our comments pass through this system but new forum posts had not been getting through this system. This is the biggest change that has been made in the last 48 hours. Now every piece of content posted by a user is passed through this filter. It was short-sighted that forum posts weren't put through this system but this has been addressed.

    Moving Forward
    Brad has been begging, as well as many of you, for some simple SPAM reporting features from users. This was meant to roll-out in the next major release we have been working on for the last several months (which we'll likely be sharing information about soon) but I am accelerating this feature and hope to have it out sometime early next week.


    These things are an ongoing arms race, we will ultimately win this battle but the war will go on...IE, SPAM will always be an issue. No website is SPAM free, it's just not feasible in today's world. I actually really believe the SPAM on our site is relatively minimal and fairly well managed internally (I know this because I work on and have worked on dozens of other websites across many topics)-- we currently lack hugely in giving our user's the ability to help us manage it; we're working on that (as mentioned above). You will likely continue to see some junk posted over the next few days...bare with us.
    2 years agoLog in to Reply
    0

  8. lordbaal1
    Just put some lettuce, tomatoes, and bacon on it.
    2 years agoLog in to Reply
    0

  9. maethorechannen
    Maybe the forums should be made premium only. That would either block the spam or make you more money.
    2 years agoLog in to Reply
    0
  10. Avatar

    hrlngrv
    Thanks for the update. FWIW, y'all might consider a banner on the top page just under the menu at the top which could mention when some usual web site features were disabled temporarily.
    Now some cynicism. Is your Forum and comments system easier for spammers to abuse because BWW developed them in-house? I know you know what you're talking about with respect to Windows, but it's a lot less clear BWW knows what it's doing developing thurrott.com forum and commenting systems.
    I've never noticed Disqus or comments on ZDNet, The Verge, or similar needing to go down due to spam attacks. I can accept that BWW is doing everything it can given usual constraints of having few people working on the problem, but perhaps problems like this can only be addressed effectively when the budget to do so is well into 6-figures in US dollars. That is, perhaps thurrott.com doesn't bring in enough revenue to be able to afford to respond to this sort of spam attack effectively.
    Tangent: if you're using pattern matching to identify repeated posts, are you replacing all the HTML spaces (varying widths) and change of writing direction characters with plain spaces or nothing? E.g., the following are NOT the same: foobar f‏oo‎b‏a‎r. Note: necessary to reverse the order of characters between ‏ and ‎.
    2 years agoLog in to Reply
    0


    • "Is your Forum and comments system easier for spammers to abuse because BWW developed them in-house?"
      We are using the same systems that are available to all available forum platforms at the moment. So...I'm not so sure.

      "I've never noticed Disqus"
      This is just literally not true, on this site specifically we had an enormous SPAM problem with Disqus.

      We are leveraging 3 major anti-spam platforms congruently and this "attack" continues to beat all three (perhaps most notable is Google..). We are in talks with all of these platforms...who's business is beating SPAM and have large 6+ figure budgets.

      I think your generally theory is reasonable given the context but the reality is that SPAM is generally not an issue on Thurrott.com. In fact, it's significantly less of an issue than when we were on Disqus. It's significantly less of an issue on these forums than on the Petri forums which are VBulletin (god I hate that software).

      The commenting system isn't perfect (yet?) but a single incident like this over the course of 3 years with a team as small and budget-limited as we are...I dunno, I think the track record is more good than bad.
      2 years agoLog in to Reply
      0

  11. bharris
    Phony phone calls, junk e-mails & now fake forum posts. It's amazing how much time & effort we have to invest just to use technology without being harassed....and at least with the phone calls, I see no real solution. It's ridiculous...
    2 years agoLog in to Reply
    0
You must be logged in to post a comment.
 

·
Registered
Joined
·
191 Posts
Day 3. You guys must be busy.
If only there was someone to delete spam...That doesn't hurt spammers feelings of course.
 

·
Registered
Joined
·
191 Posts
contact [email protected]

website. MyGameShopOnline.Com – Buy Amazing Gaming Products

PlayStation®5

The PS5™ console unleashes new gaming possibilities that you never anticipated.

Experience lightning fast loading with an ultra-high speed SSD, deeper immersion with support for haptic feedback, adaptive triggers, and 3D Audio, and an all-new generation of incredible PlayStation® games.

Lightning Speed
Harness the power of a custom CPU, GPU, and SSD with Integrated I/O that rewrite the rules of what a PlayStation® console can do.

Stunning Games
Marvel at incredible graphics and experience new PS5™ features.

Breathtaking Immersion
Discover a deeper gaming experience with support for haptic feedback, adaptive triggers, and 3D Audio technology.
View attachment 3526
View attachment 3527
...
 

·
Registered
Joined
·
191 Posts
Yeah I'm pretty sure I did. It's funny. Some turd burglar reported one of my posts a while back and the mods were on it like white on rice. Oddly enough it was that spammy weirdo that posted stuff about chinese scan tools all the time.

I only post here because my memory is horrible. It's easier to go back an look at wtf I did last week.

Merry Covid btw!
 
1 - 14 of 14 Posts
Top