Notices
Forum Suggestions & User Assistance Have a suggestion for the forums? Need help with the Forums? Post here.

Spam in General

Old 01-04-23, 04:15 AM
  #1  
Cancer survivor (twice)
Thread Starter
 
05 fuji's Avatar
 
Join Date: Nov 2018
Location: Ohio
Posts: 161

Bikes: 2020 Trek Verve 2

Liked 159 Times in 75 Posts
Spam in General

The spam is back in the General section
05 fuji is offline  
Old 01-04-23, 04:53 AM
  #2  
Should Be More Popular
 
datlas's Avatar
 
Join Date: Dec 2007
Location: Malvern, PA (20 miles West of Philly)
Posts: 43,460

Bikes: 1986 Alpine (steel road bike), 2009 Ti Habenero, 2013 Specialized Roubaix

Liked 9,396 Times in 4,343 Posts
Reported. Cleanup needed in aisle 1.
__________________
Originally Posted by rjones28
Addiction is all about class.
datlas is offline  
Old 01-04-23, 06:14 AM
  #3  
Should Be More Popular
 
datlas's Avatar
 
Join Date: Dec 2007
Location: Malvern, PA (20 miles West of Philly)
Posts: 43,460

Bikes: 1986 Alpine (steel road bike), 2009 Ti Habenero, 2013 Specialized Roubaix

Liked 9,396 Times in 4,343 Posts
Bueller??
__________________
Originally Posted by rjones28
Addiction is all about class.
datlas is offline  
Old 01-04-23, 08:09 AM
  #4  
Forum Moderator
 
cb400bill's Avatar
 
Join Date: Jul 2007
Location: Kalamazoo MI
Posts: 20,969

Bikes: Fuji SL2.1 Carbon Di2 Cannondale Synapse Alloy Viscount Aerospace Pro Raleigh C50 Cromoly Hybrid Legnano Tipo Roma Pista

Liked 7,183 Times in 4,060 Posts
This type of thread is unnecessary. All you need to do is report the spam and the mod staff will take care of it. Thanks.
__________________












cb400bill is offline  
Likes For cb400bill:
Old 01-04-23, 08:20 AM
  #5  
Tragically Ignorant
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 15,612

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Liked 9,099 Times in 5,054 Posts
Originally Posted by cb400bill
This type of thread is unnecessary. All you need to do is report the spam and the mod staff will take care of it. Thanks.

Thank you for making that clear. Also, thank you for the immediate response and clean up! That was perhaps the fastest spam dump so far, and I'm absolutely impressed by how fast you guys responded. They obviously are starting these things around 2 a.m. US time when you can't reasonably be expected to be on guard, but someone must have taken care of this as soon as they got up for the morning.
livedarklions is offline  
Likes For livedarklions:
Old 01-05-23, 10:11 AM
  #6  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
I don't follow the general discussion forum, so I've not encountered this problem except indirectly seeing it here. How is this spam propagated? Are these new (bot-created?) accounts, or are existing users' accounts being compromised? Are steps being taken to mitigate the problem?
__________________
Monti Special
smontanaro is offline  
Old 01-08-23, 06:35 PM
  #7  
Should Be More Popular
 
datlas's Avatar
 
Join Date: Dec 2007
Location: Malvern, PA (20 miles West of Philly)
Posts: 43,460

Bikes: 1986 Alpine (steel road bike), 2009 Ti Habenero, 2013 Specialized Roubaix

Liked 9,396 Times in 4,343 Posts
From what I can tell, the spammer gets a new account, posts the daily max 5 posts over a few minutes, then gets another new account, repeats process and an hour later “general” is full of stupid spam ads. Unclear if BF has the ability to prevent this. I am guessing not.
__________________
Originally Posted by rjones28
Addiction is all about class.
datlas is offline  
Old 01-09-23, 03:41 AM
  #8  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
Back in another life, this sort of thing happened with spammers on a bunch of related mailing lists. The solution was pretty simple. Don't allow new members to post for a bit. Sounds like maybe 30-60 minutes would do the trick here.
__________________
Monti Special
smontanaro is offline  
Old 01-10-23, 11:21 AM
  #9  
Senior Member
 
79pmooney's Avatar
 
Join Date: Oct 2014
Location: Portland, OR
Posts: 13,147

Bikes: (2) ti TiCycles, 2007 w/ triple and 2011 fixed, 1979 Peter Mooney, ~1983 Trek 420 now fixed and ~1973 Raleigh Carlton Competition gravel grinder

Liked 4,166 Times in 2,683 Posts
They're back. (The Dubai Call Girls)

They're back. (The Dubai Call Girls, No, I did not open the link to verify.)
79pmooney is offline  
Old 01-10-23, 12:32 PM
  #10  
Randomhead
 
Join Date: Aug 2008
Location: Happy Valley, Pennsylvania
Posts: 24,725
Liked 3,923 Times in 2,677 Posts
People talk about bots a lot. I think they are bots in this instance. Usually I'm pretty sure it's a person, although the user accounts are probably set up by someone automatically somehow. There is good evidence that this is pretty typical, someone sets up the account and someone else uses it to spam. The ones where they make 10 posts must be pretty expensive as these things go.
unterhausen is offline  
Old 01-10-23, 12:36 PM
  #11  
Senior Member
 
79pmooney's Avatar
 
Join Date: Oct 2014
Location: Portland, OR
Posts: 13,147

Bikes: (2) ti TiCycles, 2007 w/ triple and 2011 fixed, 1979 Peter Mooney, ~1983 Trek 420 now fixed and ~1973 Raleigh Carlton Competition gravel grinder

Liked 4,166 Times in 2,683 Posts
Originally Posted by unterhausen
People talk about bots a lot. I think they are bots in this instance. Usually I'm pretty sure it's a person, although the user accounts are probably set up by someone automatically somehow. There is good evidence that this is pretty typical, someone sets up the account and someone else uses it to spam. The ones where they make 10 posts must be pretty expensive as these things go.
You mean this isn't about one and a half call girls for every man, woman and child in this country? I'm disappointed.
79pmooney is offline  
Likes For 79pmooney:
Old 04-16-23, 05:17 AM
  #12  
Should Be More Popular
 
datlas's Avatar
 
Join Date: Dec 2007
Location: Malvern, PA (20 miles West of Philly)
Posts: 43,460

Bikes: 1986 Alpine (steel road bike), 2009 Ti Habenero, 2013 Specialized Roubaix

Liked 9,396 Times in 4,343 Posts
Back again. I already reported it. Wonder if there is a better way to keep it from happening?
__________________
Originally Posted by rjones28
Addiction is all about class.
datlas is offline  
Old 04-16-23, 06:36 AM
  #13  
Advanced Slacker
 
Kapusta's Avatar
 
Join Date: Feb 2017
Posts: 6,246

Bikes: Soma Fog Cutter, Surly Wednesday, Canfielld Tilt

Liked 2,564 Times in 1,447 Posts
Originally Posted by cb400bill
This type of thread is unnecessary. All you need to do is report the spam and the mod staff will take care of it. Thanks.
If not for this thread I would have reported it as well. Would you prefer to get boatloads of people reporting the same spam?
Kapusta is offline  
Old 04-16-23, 06:47 AM
  #14  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
This is clearly an ongoing problem. Is there any indication from the devs that they are actively working the problem? In Ann earlier post I mentioned forcing new users to wait before posting for the first time. Another option is to put all new users on moderation for a bit (n posts or m days, something like that).
__________________
Monti Special
smontanaro is offline  
Old 04-17-23, 12:54 AM
  #15  
Randomhead
 
Join Date: Aug 2008
Location: Happy Valley, Pennsylvania
Posts: 24,725
Liked 3,923 Times in 2,677 Posts
It's a difficult balance between newbies leaving the forum forever because of the rules and catching spammers. This forum dies without new people signing up. You can scan through this subforum and see the bitter complaining people do about the limited controls we have in place now. Others just leave right away.

Some threads and posts do get moderated, but it's a bit much to expect that volunteer moderators will handle the workload from expanding that system to every new user. I suspect there is something that can be done. But it seems like they do an occasional probe, we delete everything, and then they go away for a while. It's hard to believe they are making money off of the kind of spam they are posting now, but who knows?
unterhausen is offline  
Old 04-17-23, 05:04 AM
  #16  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
As I indicated in post #8, it can be pretty automated. I'll bet if the devs looked at the post and sign-up history of the spammers, they'll see it was at most a few seconds between sign-up and first post.

In the email world, most spam is sent from compromised computers. It doesn't take long for ISPs to detect suspicious activity and isolate machines or subnets to stop the spam. By forcing an automatic delay between sign-up and first post (a few minutes will do), much spammy content can be avoided.

I think what most people complain about are arbitrary limits on post counts before pictures can be embedded. That's necessary because the camel's nose is already under the tent (heck, the camel just walked in through the open tent flap). If an initial waiting period was instituted (again, just a few minutes, time for a non-bot to make a cup of coffee), many downstream barriers could be reduced. If new users were moderated for their first five or ten posts, mods could tell pretty quickly if a user's first pic was of a naked bike or a naked woman.

Then there are various captcha-type systems, likely also pretty effective at separating the wheat from the chaff.

These are all well-understood tools. We encounter them all the time, mostly without noticing them. I am led to believe Internet Brands has a bunch of forum sites running on the same PHP-based software. Implementing some of these guards would ikely apply across the entire collection of websites.
smontanaro is offline  
Old 04-17-23, 07:43 AM
  #17  
Tragically Ignorant
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 15,612

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Liked 9,099 Times in 5,054 Posts
Originally Posted by smontanaro
As I indicated in post #8, it can be pretty automated. I'll bet if the devs looked at the post and sign-up history of the spammers, they'll see it was at most a few seconds between sign-up and first post.

In the email world, most spam is sent from compromised computers. It doesn't take long for ISPs to detect suspicious activity and isolate machines or subnets to stop the spam. By forcing an automatic delay between sign-up and first post (a few minutes will do), much spammy content can be avoided.

I think what most people complain about are arbitrary limits on post counts before pictures can be embedded. That's necessary because the camel's nose is already under the tent (heck, the camel just walked in through the open tent flap). If an initial waiting period was instituted (again, just a few minutes, time for a non-bot to make a cup of coffee), many downstream barriers could be reduced. If new users were moderated for their first five or ten posts, mods could tell pretty quickly if a user's first pic was of a naked bike or a naked woman.

Then there are various captcha-type systems, likely also pretty effective at separating the wheat from the chaff.

These are all well-understood tools. We encounter them all the time, mostly without noticing them. I am led to believe Internet Brands has a bunch of forum sites running on the same PHP-based software. Implementing some of these guards would ikely apply across the entire collection of websites.

I think you've already gotten your answer on the moderated first post bit--the volunteers really aren't going to find that a reasonable unpaid workload.

I don't want to spell this out too much, but this appears to me to be manually done, I don't think an automated program would do things in the sequence this is being done, it's taking hours to do what could be done in minutes. They're averaging approximately one post a minute, I think a properly automated system would be a lot faster than that. Hell, I think a person doing this could post a lot more nearly simultaneously but I don't want to give the spammers any ideas.
livedarklions is offline  
Old 04-17-23, 07:48 AM
  #18  
Randomhead
 
Join Date: Aug 2008
Location: Happy Valley, Pennsylvania
Posts: 24,725
Liked 3,923 Times in 2,677 Posts
I think you are underestimating how patient spammers can be. If they have to wait 5 minutes they'll just program it into their bots. Signup and spam is often different people/bots. I have seen accounts that are over a decade old when they are used to spam the first time. Regular people are nowhere near as patient.


I imagine IB would fix picture uploading if they could, it causes everyone some degree of headache. The mod staff has suggested allowing new users to post pictures.

The current set of spammers has really figured out the forum rules and come up with one of the few kinds of spam that would work here. It must be incredibly low yield. It's a bit baffling. The side effects of making changes can be extensive. I'm a bit worried that a lot of innocent new users would be caught up in any mitigation effort.

Last edited by unterhausen; 04-17-23 at 08:04 AM.
unterhausen is offline  
Old 04-17-23, 08:47 AM
  #19  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
Originally Posted by livedarklions
I don't want to spell this out too much, but this appears to me to be manually done, I don't think an automated program would do things in the sequence this is being done, it's taking hours to do what could be done in minutes. They're averaging approximately one post a minute, I think a properly automated system would be a lot faster than that. Hell, I think a person doing this could post a lot more nearly simultaneously but I don't want to give the spammers any ideas.
I guess I'm indirectly laying the blame at the feet of the forum devs (paid, I believe), not volunteers. By not implementing solutions which are available, they are the ones increasing the workload on the moderators.
__________________
Monti Special
smontanaro is offline  
Old 04-17-23, 09:11 AM
  #20  
Tragically Ignorant
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 15,612

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Liked 9,099 Times in 5,054 Posts
Originally Posted by smontanaro
I guess I'm indirectly laying the blame at the feet of the forum devs (paid, I believe), not volunteers. By not implementing solutions which are available, they are the ones increasing the workload on the moderators.

At this point, I think it best to let the mods handle it in conjunction with the devs behind the scenes. My guess is they probably don't really want to discuss security measures in a public forum--why tip off the spammers?
livedarklions is offline  
Old 04-17-23, 09:13 AM
  #21  
Tragically Ignorant
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 15,612

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Liked 9,099 Times in 5,054 Posts
Originally Posted by unterhausen
The current set of spammers has really figured out the forum rules and come up with one of the few kinds of spam that would work here. It must be incredibly low yield. It's a bit baffling.
TBH, I almost think this is a DDOS campaign disguised as spamming.
livedarklions is offline  
Old 04-17-23, 09:28 AM
  #22  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
Originally Posted by livedarklions
TBH, I almost think this is a DDOS campaign disguised as spamming.
Nah, you wouldn't get dozens. You'd get thousands upon thousands.
__________________
Monti Special
smontanaro is offline  
Old 04-17-23, 09:30 AM
  #23  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
Originally Posted by livedarklions
At this point, I think it best to let the mods handle it in conjunction with the devs behind the scenes. My guess is they probably don't really want to discuss security measures in a public forum--why tip off the spammers?
Sure. I wasn't suggesting they should. I was offering possible mitigation techniques I've seen work elsewhere, developing spam filters and being a mailing list admin.
__________________
Monti Special
smontanaro is offline  
Old 04-17-23, 09:43 AM
  #24  
Tragically Ignorant
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 15,612

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Liked 9,099 Times in 5,054 Posts
Originally Posted by smontanaro
Nah, you wouldn't get dozens. You'd get thousands upon thousands.

I chose the phrase "almost think" for a reason--point is it's a really stupid spamming strategy because it requires immediate removal to restore the usefulness of the forum. Something less aggressive would be up for much longer.
livedarklions is offline  
Old 04-17-23, 10:01 AM
  #25  
Senior Member
 
Join Date: Aug 2007
Location: Evanston, IL
Posts: 5,234

Bikes: many

Liked 1,468 Times in 811 Posts
This is just an educated guess.

Over time, search engine crawlers figure out the frequency of updates for various websites and web pages. Those which change more often (forum sites would qualify) are crawled more often. My guess is the spammers wanted to get their links sucked into the search engine, this generating crawling and by the sheer number of references on various spammed websites, get search engines to rank their sites higher in search results pertaining to whatever they are selling on their sites. (Search for Page Rank Algorithm.) It's very indirect, but when the scheme is executed at scale, I'm sure it helps.
__________________
Monti Special
smontanaro is offline  

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Your Privacy Choices -

Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.