Forum under attack by fakers

Post Reply New Topic

Sometimes I get up in the middle of the night and find pages and pages of spam. I report them all but they reload very fast. It seems to me that the instant they are reported, they are removed, so it's worth doing. Then mods or somebody can evaluate when they have time (as if they ever have time, my apologies).

The gaming forum I am on gets spammed by BabaJi too and there are 2 or 3 threads about it there.
These spambots get in wherever they can. I'm just hoping some hacker somewhere will put BabaJi's spamming to an end.

It's an ever escalating war. I can't fathom what it takes to keep something of this scope in line, let alone trying to prevent or stave off these attacks.

I know the mods work like the devil here keeping things cleaned up for us.

And, I do appreciate all the efforts to keep this place going. I know and can say with certainty that this place came along to me at the right time. I don't know where I would be in my head if not for this place.

Thank you moderators for the wonderful security and clean up work you do!

I wish we could get a documentary team to go track down the spammers at their houses and ask them why they do this to people and what exactly do they get paid for doing it. To Catch a Spammer.

I've had my share of contact with the 'shadowy side of things' in my life. And it doesn't matter what you ask them. They will have a reason based on 'how bad they have it' and it's 'just capitalism at work' or, 'it serves them right for being stupid'. It's always a justification based on anything that will justify their actions.

I've never seen spam like this before, but I've never ventured outside of my few usual online places. It's frustrating because legitimate posts get buried. That said, the people who run this place are doing a good job. I can't imagine trying to deal with this as an administrator.

What amazes me is that it takes some of us ten or more attempts to submit a single post, while multiple spammers from India can fill up ten or more pages with posts and not get Captcha'ed at all.

The problems with posting seem to be more about device used than anything else. At least that's what I;ve gleaned.

It would also seem to be an assumption that the spammers are not being 'captcha'ed'.

I would think it's just a basic bruteforce attack that's hitting a percentage. I base this on the fact that I am not always captcha'ed. Run the number of attempts up and you increase the amount of successful posts.

Are you saying that all a spammer has to do is have the "right" platform and submit as much spam as possible in a short amount of time?

That seems like a formula for a Denial-Of-Service attack.

Now, who do we know from South Asia that would have such a grudge against WP that they would commit these attacks on a daily basis?

Ah, it was cleaned up, and behold, they have descended upon us like a drove of locusts, looking to devour the forum.

Ok, a tad dramatic, but 'they're back' just seemed so boring.

No. I am only stating what I have observed personally and by reading comments on other threads about this and the captcha thing. That people have difficulties using different platforms. Observation only on that part.

I am just extrapolating the brute force part based on how many times I do or do not have to actually captcha. If I remember correctly, there have been times I did not have to do a captcha to start a thread either.

Add to that, I am one of those people who knows just enough to be really, really stupid about such things. Sometimes what looks logical from the outside is entirely illogical once you understand the true mechanisms at work.

I seldom get 'captcha'd' on my computer. I haven't in quite a while, in fact.

From what I've read, it seems to be mobile devices are the biggest hit areas. I never use my tablet or phone to make any postings.

I get captcha'ed at about the same rate no matter which device I use.

Multiple quotes and multiple links in the same post seem to be the greater risks.

When I first came here there were a bunch of spammers.

The spammers are registered as WP members.

Someone starts an account, and then they let their bot make multiple original posts.

Then those posts get deleted, and presumably the accounts used to make the posts get banned, or deleted as well.

I suppose that they then start a new membership account, and repeat the cycle again.