BS PM on Forum

[Tully Mars]

Anyone else receive a BS PM like this?-

Quote:

Dear Tully Mars,

You have received a new private message at Scuba Forum - Scuba Diving Forums and Discussion Board from G39EOgk, entitled "Ave".

To read the original version, respond to, or delete this message, you must log in here:
http://forum.scubatoys.com/private.php

This is the message that was sent:
***************

I've edited out the link addy, not interested in helping this spammer, but if you received a PM similar to this lets report them and weed out this BS.

[cowgirldiver]

Yeah, I got the same message-didn't follow the link and when I got to the forum it wasn't in my PM file so I figured it was a spammer and maybe the guys had already taken care of it.

[Tully Mars]

Just got another one from a user going by "u3JUIYq"

I Mod on another, non-scuba, forum. My guess is it's a Bot, I've reported it.

I'd encourage folks not to follow the link.

[scubadiver888]

It has been a while since I signed up. Does the forum have any security for creating a user account? I know there are two ways I see most often. The first is the board sends you an email and you have to click the email to activity the account. The second is to have some graphic that requires the user to enter some letters/numbers to validate they are really a human being.

Does this place use either? If they are using the email to validate, can we find out which domain the spammer is using and have it blacklisted?

[chinacat46]

Saw a couple of offensive usernames today on the Current Active Users list. Was wondering about them.

[Tully Mars]

Quote:

Originally Posted by scubadiver888

It has been a while since I signed up. Does the forum have any security for creating a user account? I know there are two ways I see most often. The first is the board sends you an email and you have to click the email to activity the account. The second is to have some graphic that requires the user to enter some letters/numbers to validate they are really a human being.

Does this place use either? If they are using the email to validate, can we find out which domain the spammer is using and have it blacklisted?

The guys are on top of it. Were before I even posted this thread.

And yes this software allows them to ban the IP of the spammer. It's a game and the spammers are always finding new ways to play the system.

Good news is before I made this thread they were on top of it.

They'll get it, just a hassle for the staff and Mod team.

[ScubaToys Larry]

Quote:

Originally Posted by scubadiver888

It has been a while since I signed up. Does the forum have any security for creating a user account? I know there are two ways I see most often. The first is the board sends you an email and you have to click the email to activity the account. The second is to have some graphic that requires the user to enter some letters/numbers to validate they are really a human being.

Does this place use either? If they are using the email to validate, can we find out which domain the spammer is using and have it blacklisted?

We do both... but the spam bots are getting clever enough to read the captcha graphics and guess what the letters and number are... and they do have to respond to emails - but they do that automatically... and as far as domains - it's not domains - but IP addresses, and everytime one gets through, we ban that one as well. I have a black list of about 2000 IP addresses and domains now.

It's really not anything to get too excited about. No matter how many locks you put on your doors, someone will try to break in - you see where, you fix that hole, then go on.

The problem is when you make it so hard for spammers to get in, then you also make it harder for real folks like you. Answering test questions before posting, slowing down the number of posts or PM's per hour you can do, etc.

We are putting some other things in place to keep battling this - but for the time being, not too many get through, and if you see something, just please notify us right away so we can stop it ASAP.

Thanks!

[MSilvia]

Any chance we can get a "report user" button on PMs?

[Foo2]

Quote:

Originally Posted by MSilvia

Any chance we can get a "report user" button on PMs?

At this point, just copy the url of the user's profile and PM it to Larry.

[scubadiver888]

Quote:

Originally Posted by ScubaToys Larry

Quote:

We do both... but the spam bots are getting clever enough to read the captcha graphics and guess what the letters and number are... and they do have to respond to emails - but they do that automatically... and as far as domains - it's not domains - but IP addresses, and everytime one gets through, we ban that one as well. I have a black list of about 2000 IP addresses and domains now.

It's really not anything to get too excited about. No matter how many locks you put on your doors, someone will try to break in - you see where, you fix that hole, then go on.

The problem is when you make it so hard for spammers to get in, then you also make it harder for real folks like you. Answering test questions before posting, slowing down the number of posts or PM's per hour you can do, etc.

We are putting some other things in place to keep battling this - but for the time being, not too many get through, and if you see something, just please notify us right away so we can stop it ASAP.

Thanks!

Sounds a lot like real locksmithing. There is no such thing as a home that cannot be broken into. The trick is to make it more trouble then it is worth for the thief.

One trick we used to use was secrecy. If the thief didn't know what he was dealing with it made it harder to break in.

I like this sort of stuff. It is like a challenge. How long can I keep the spammers at bay.

The first trick that pops to mind for your situation would be to have the email which is sent out have many links. At the top of the message place a message telling the user which link to click. You can change the order of the links each time you send the message out. If the 'user' clicks the wrong link it takes them to a page that informs them their IP address has been banned for 24 hours. You then invalidate the good link you sent then send them another scrambled email with a new link with a message saying to try again tomorrow.

Just like the real world, they'll figure a way around that as well. You just have to stay one step ahead of them.

I wonder if you could block the MAC address of their network card. If they didn't know you were blocking the MAC address, that could be your secrecy. TCP/IP has the query for MAC address. That is, when you get down to the IP address, TCP/IP uses Address Resolution to get the machine's MAC address. If you could find out the MAC address and block that it might slow them down as well.

Mind you, the moment they realize you are blocking the MAC address they'll start using fake MAC addresses. Not as easy to change as the IP address but still changeable via software.

I remember when I was running a private bulletin board (before the Internet) I found the article on caller id at MIT and built my own caller id box, before caller id was available to the public. I then had the user input the phone number their modem was calling from. If they input the wrong number I'd let them get a little further then cut them off. Because they had no way of knowing I knew their real phone number they didn't know that is what cut them off.