I'm aware that we have been hit by a big increase in spam posts the last few days. The forum does have several anti spam measures that have been effective for years, but it seems the spammers have recently found ways around them. I changed some settings today that should have reduced the numbers but it seems they weren't that effective. I'll look into adding more tomorrow, and if that doesn't work then I'll block the site in China, Russia, India and Pakistan where 99% of the spammers originate from. No need to report any posts I'll pick them up myself.
So you're saying I am not getting the pills I ordered Steve? Should have known it was too good of a deal to be true lol
I do not go on many (in fact, any) forums other than this one. I have seen the spams and it was clear that they didn't belong, but what confuses me is "what is their point". Why would someone from China, Russia or India go to the trouble of creating these useless threads and come up with ways to bypass to "anti-spam" programs? I do not see the profit angle to them although truthfully I didn't read one completely. I don't get it. There must be some point to them, you would think. Please help me understand.
They do it to increase the position in the search engines of their sites. In the case of the Chinese and Russians they (and in house teams) are probably promoting their own sites that either sell counterfeit goods or distribute viruses/malware. In the case of India and Pakistan they are poorly paid grunt workers providing a 'service' to others. Automated software attempts to sign up to thousands of forums and post a message containing links to scores of auto generated gibberish websites hosted by free hosting services - called buffer sites. These in turn link to the real site they want to promote. Google and others count links as a positive vote for a site, so thousands of links from forums such as this pointing to a buffer site give that site authority, and the links from lots of those buffer sites to the real site are artificially regarded as high quality, which in theory should push the real site to the top of the search engines, attract more traffic and distribute more malware or result in more sales. The logs show about one attempted sign up every 2 minutes. The volume is huge and although some get through most are blocked. They must have recently come up with a new way of bypassing the antispam measures, as it seems their bots are now correctly answering the question "In which country is Cancun?" which all new registrations are required to answer - with the intention of filtering out real from fake users.
Steve Thank you for the answer. I truly had no idea. It does show the power of Google (and the like) in today's world. Sounds like "spammimg" and "anti-spams" have become a business in itself. Thanks again, I always enjoy learning something new.
It's all done in scripts. I've seen a few of them leaked on some distribution sites from disgruntled employees. India and China in particular have many SEO service companies who guarantee quick results - and this being one strategy to help get those results. They keep logs and images of the results from their script files and compare data with the goal of increasing registration percentages. The content and amount of data gathered and compared continuously increases as they continue developing their scripts for new versions of the forum software and patches. If something sticks out, for example a static security question, it could be passed on to an online work-from-home contract worker who adds the security answer to the scripts. Steve: A fix currently working for vBulletin is a patch that generates a required dynamic security question called from a host file that contains custom host input-able user questions and defined responses.
Yeah I think someone probably picked up the security question and added it to a database. I changed the question and the spam reduced again, although not to zero. The feature you mentioned is already in the admin, I think I'll add about 12 questions with one of the twelve showing up randomly at each registration. That way even if one question is picked up again and added to a database the chances of that same question coming up again when an automated posting bot attempts to register are pretty slim.
My suggestion would be to not include any question+answer that could be scripted... If adding 12 questions, use 12 new questions and replace the current ones. From what I've been told, as long as the image capture doesn't match from attempt to attempt, you will not raise any flags targeting a manual audit by the SEO IRS. And by deleting the old/current questions, any scripts already in place will no longer work.
