Whew, lots of drive-by spammer registration attempts...

[saratogaWX]

It's been busy the last week with over 100 spammer (caught by stopforumspam ) registration attempts which were deleted before registration was completed.  Looks like the spambot registrations have upped their kung-fu and are getting past the latest picture-rotation human test we have installed.

Now off to look for yet another 'human' test to make sure the bots are thwarted.  Course, if the spammers are outsourcing to humans for registrations, then another 'human' test won't make it go away soon.

Yours for a clean and spam-free forum

Ken

[DanS]

It's amazing to me that people put in so much effort with writing scripts and trying different techniques to get spam through.

Thanks for all your combat work, Ken!

[WeatherBeacon]

Thanks for all your combat work, Ken!

Ditto that. I'm sure you do much more behind the scenes for us than we can even begin to imagine. Thanks much, Ken!

[CNYWeather]

Seems to come in waves. I've got a forum that will get 10-20 in a day.
How do they get past the captcha to register in the 1st place beats me

[Downlinerz2]

   Thanks for the good work!!!  I hope things don't get too much harder with the picture ID tests and such.  I have enough trouble with those already!  Some times I have to move to a second cause I cannot read what is there!

[saratogaWX]

Well, I've dealt with over 100 blocked spammer registration requests in the last 2 days.. had 31 to 'approve' yesterday morning.  Ha.. approved them to oblivion instead.

Ended up blocking some new IPs for hosters in China, Ukraine and Russia.. now down to a dull roar again (I hope).

Ken

[sacreyweather]

Ken,

I wish to thank you for all of the work you do here, behind the scenes, and the work you have done on the scripts.

John Sacrey

[Arthurhh]

Forum and forms spammers are a fact of life on the internet today.

It costs 0.000025c cents to have a slave labour nation employee pass the tests of catchpa and attempt to spam.

I get it a lot on my contact forms, my filters deal to it. I have about 3000 rules in my filters on these acconts most are word/phrase based very few are IP based.
Ideal a lot with the China/Russia and ickistan countries so canot just block /24 IP ranges.

I work for one of the largest compnies in my country (New Zealand we see the world before you do) Our mail servers dealt with 2.7 million emails last month we rejected nearly 90% as spam. Failure rate on rejection by our filters was under 1% But the cost to us of running a system like this is huge.

[saratogaWX]

Think I've found the root cause for the spambot invasion over the last few days.. appears a Russian spambot called Xrumer (wikipedia entry here has likely done an automated decode of the stock image sets included with the notCaptcha mod ... so, I've crafted a new set of images to use.. let them decode that

Arthur is right.. spam is cheap.  Hosting is cheap.  Spambots are improved by Russian/Chinese/Roumanian/Ukrainian folks all the time, so it's a arms-race to keep them out.

I'll keep you posted...

Best regards,
Ken

[TNETWeather]

Funny but the number 1 spam I get on my contact forms is an India SEO company looking for business.  I rarely get any other spam.   I use a system that uses StopForumSpam with a rDNS system which then if it gets a hit actually checks the SFS database to get the details.  Been pretty good.

Most of my forums are private, meaning you have to be a member to get an account so there is no big issue there.  New accounts are created when they sign up for a membership at a meeting.  No online signups, just renewals.

[saratogaWX]

We use stopforumspam, httpBL, reCaptcha, and notCaptcha to help keep this forum free of spambot registrations .. the notCaptcha was defeating them fine until the XRumer spambot was 'updated' to decode the default set of icons.  Now with custom icons, I'm hoping they will be defeated again (as they were until the XRumer update).

I too get the SEO spams on various contact forms .. all from .in addresses.  I just route 'em to the junk and they are no longer a bother either

Best regards,
Ken

[mackbig]

"We are a leading India based SEO company providing the best search
engine optimization services........................................ "

I think I got my first one of these a week after putting my contact-us on my site.    After the 20th I think I blocked most of India in my htaccess

Andrew

[saratogaWX]

Spambot registrations thwarted with a new set of images for the notCaptcha.  Only 4 manual spammer registrations overnight (instead of the usual 30 or more).

So.. shields are now up again.

Please let me know via a 'report to moderator' if one manages to make it through the gauntlet and post a spam.

Best regards,
Ken

[WeatherBeacon]

Thanks a lot, Ken!