Human Verification

[matt_turpin]

I've recently become overrun with spam-members. I'm thinking they're all bots, but I've tried all three human verification techniques, and they seem unstoppable. I ban one gibberish username a day lately, and if I don't get to them fast enough they spam my boards with sex messages or, because my website is gaming based, WoW gold ads (a human would get the game right, I'd imagine. Not wow). I don't know what to do. I don't mind banning daily, but I'd prefer a preventative measure.

I've used all three human verification techniques.
I've enabled email verification.
I used to have enabled manual new user verification, but it was too hard to distinguish certain bot names from certain legit users, so I gave that up.

You all have bigger, better boards than I do. How do you deal with this problem? It seems like it started overnight and now I can't keep up.

[Zachery]

Have you tried customized Q&A ?

[matt_turpin]

Yes, I asked the following two questions:

Are you a human or an automated spamming program?
Human, human

You're not a bot, are you?
No, no

EDIT: It had boxes I didn't know what to enter, when setting up that system, so I'll try it again and see if I can't put something in every box.

[TheInsaneManiac]

Quote:

Originally Posted by matt_turpin

I've recently become overrun with spam-members. I'm thinking they're all bots, but I've tried all three human verification techniques, and they seem unstoppable. I ban one gibberish username a day lately, and if I don't get to them fast enough they spam my boards with sex messages or, because my website is gaming based, WoW gold ads (a human would get the game right, I'd imagine. Not wow). I don't know what to do. I don't mind banning daily, but I'd prefer a preventative measure.

I've used all three human verification techniques.
I've enabled email verification.
I used to have enabled manual new user verification, but it was too hard to distinguish certain bot names from certain legit users, so I gave that up.

You all have bigger, better boards than I do. How do you deal with this problem? It seems like it started overnight and now I can't keep up.

I had the same problem at one point. I have a gaming site and I would get those pesky WoW ads. You won't to know something? There's nothing to stop them from registering. You can limit them, prevent them, but you can't stop them all. There is one thing you can do however. You can stop them from posting those garbage links. If they can't post the links they have no point in staying. Do they?

Back when I had this problem I enabled the recaptcha system in VBulletin 3.7. This drastically reduced the amount of garbage I got. It still let some through, but not all. I then enabled Check4SPAM and added that pesky WoW spam to the black list.

I have read that this does wonders also, but I do not like external applications to run.
https://vborg.vbsupport.ru/showthread.php?t=176481


How they work:
Bots are designed to recognize key words such as "human" so if they see a box they will automatically fill in human. Some bots, can also bypass the Recaptcha system by using an algorithm to detect the letters in the field. This algorithm does not always work and will work great on the original VBulletin captcha system.

Some bots may not even be bots upon registration. Some sites pay their members to go register on popular sites and give their database their account details. Later on these details are run through their bot script and spam the forums and even sometimes private messages. This is why before I delete a spam bot I would delete their private messages. I remember one time a bot sent out 1,000 messages to most of my members. Luckily I caught him before he sent it to the rest as I have a lot of members.

[CarlitoBrigante]

Quote:

Originally Posted by TheInsaneManiac

Some bots may not even be bots upon registration. Some sites pay their members to go register on popular sites and give their database their account details. Later on these details are run through their bot script and spam the forums and even sometimes private messages. This is why before I delete a spam bot I would delete their private messages. I remember one time a bot sent out 1,000 messages to most of my members. Luckily I caught him before he sent it to the rest as I have a lot of members.

Exactly. There are many offering a few bucks for every successful registration and posting to forums. And not all of those doing so are mysterious shady companies; even the big guys do the same, sometimes camouflaging such offers as "fan packages" or supporter packagers and stuff like that. Needless to say, there is no protection against this type of spammer.

In my experience, gaming and movie forums are the most affected by this, especially since viral marketing became such a big business.

[matt_turpin]

Thanks for the tips everyone. Once, I was listening to The Tech Guy podcast by Leo Laporte and he was talking about this one trick companies are using, in which they put strippers on websites, and they somehow mirror the relevant security image to the same site, and to remove clothes from the stripper you have to enter the correct answer. I thought it was ingenius then, before I faced the problem head on, but it's not so ingenius now.