They append it to the end of their posts.

Their modus operandi is to reply to 2 threads in the Information Desk, 2 in TravelBuzz, 2 in Mileage Run. They copy about 10 words from a previous post in the thread and adding the URL in IMG tags.

So it appears as if it is a legitimate post as the 1x1 pixel image does not show up and the text is relevant to the thread (albeit copied from a few posts above).

The first post is edited I presume to add their URL, perhaps as FT blocks a user from posting a URL in their first post?

See my bolding
 

It's always attached to the very end of each one-liner post this spammer produced, such as "....I like the deal.http://............" (without space between the period and "http.....")

I can always see it when performing search by "Find all/more posts by <user>" and the jpg line is captured in the overview. It's very easy to spot since this line of spammers doesn't do long posts and the search results do have enough space to reveal spammers' intent/content.

He just got back. Again. I don't think jpg spammers ever had the links in profile. This is what he did in this thread:

He steals one line from a previous post, then inserting the same low-tech jpg link at the end of post. (I'll edit the hyperlink quote once admin takes care of it)

If the site is blacklisted, how come he's able to do it on a daily basis for about 15 days so far? It didn't take as long to successfully blacklist the spammer for life health us. com back in September.

The site is not blacklisted. We can't do that. We can pick a keyword, in this case f i n a n c e d e (without the spaces), and blacklist that. But if he's editing his post to insert it, it might not block it.

A while back the mods were compiling a *list* of spammer usernames. If you can start doing that again -- right here in this thread -- I can try to find patterns to block them with, such as IP ranges.

Also if he changes URLs now, let me know what the new one is.

Problem is, this is not a spambot. This is an actual human wasting our time. Very, very difficult to deal with.

That's what I've been doing for weeks in this very thread, hoping our able IT team to spot a pattern or two and come up with a more effective way to nip this line of jpg spammers from the bud since we know what specific site/s they are promoting. I can only report whenever I see one. I am sure the collaboration between admin and mod team does have more data points to deliver efficacy and efficiency.

What I was questioning was that $ site has been up for weeks and surprised why it took this long to block it since I've been seeing this human spammer use the same link over and over for more than 2 weeks. Nevertheless, thanks to finally take down this $ jpg link.

Quieter today?

I'll take that as a hell yes, lol.

One of the best things you can do to help is send me (via PM or email) the full text of the link(s) the spammer is placing in his edited posts. Then I can add the unique terms from them to the censored words list and they cannot be posted to FT any longer.

There's another spam attack happening now in Info Desk: "love problems" with phne numbers.

Is there an easy way to see whether there are any senior mods on FT, given that the forum mods aren't around now?

Alternatively, does FT have the technology--not commenting on whether this policy would be desirable--to block a new member from making more than a few posts in a short period of time? Or would it be possible--again, I'm not commenting on the desirability of such a policy--to allow a new member perhaps three posts during the first day and then send all additional posts by that person to a moderation queue even if they don't have links, etc.?

The mod team and FT admins have been collaborating closely on the recent spam increases over the past few months, and speaking as a moderator of one of the most heavily targeted forums, I think those efforts have been hugely successful. In fact, we've achieved such a dramatic reduction in the number and frequency of the attacks, I personally don't think FT even has a significant spam problem any longer. At least not for the timebeing ;)

There are a lot of needs and impacts that have to be considered in managing the problem, many of which can have negative consequences for legitimate users and moderators. I won't elaborate on those issues, but suffice it to say, it's more complex than it might appear, and preventing all spam is probably not a realistic goal.

So, while the spam posts that do get through are incredibly annoying, they generally present no immediate threat to FTers as far as I know. The best course of action is to report the posts and then be patient. We usually become aware of them relatively quickly… the info desk mods, for example, typically receive at least two or three alerts for any one spam post, and the large-scale attacks can generate as many as 10-15 reports. Rest assured, there may be a delay due to time zone and travel issues, but those posts WILL get cleaned up!

...plus, all moderators have the ability to permanently suspend the posting privileges of “spammers” who attack any forum on FlyerTalk.

I was the one who spotted that attack this morning and quashed it as soon as possible; but only Senior Moderators, the Community Director, and certain administrative staff of Internet Brands can delete content in forums which are assigned to specific moderators — as it should be.

Although there were at least a dozen threads launched by that “spammer”, I am confident that FlyerTalk members would not patronize what was being advertised. As aBroadAbroad correctly posted — the content posted generally presented no immediate threat to FlyerTalk members; and she cleaned up the mess dumped in that forum within a couple of hours at most.

Lastly, the best way to see who is on FlyerTalk — as well as options on how to contact them — is to access View Forum Leaders. To access this, hover your cursor over the FORUM menu option at the top of virtually every “page” on FlyerTalk; then click on the first option called Forum Home. Then, scroll down to near the bottom to find View Forum Leaders as one of the two options in the dark blue bar.

I hope that all of this helps...

You can always post or PM to me the handles *and any links* that a spammer is posting and I will do my best to block IP addresses and add unique keywords to a block list.

Paul

Die Harder than Bruce Willis...
 

After a week, he's back today, unfortunately.

The $ spammer's new tactic is a mockup link, http://.....com/......, this time.

I now don't understand the point of this spam. It's not spamdexing (unless they now want to spamdex the URL shortening site).

Perhaps the plan is to change the image file from a 1x1 pixel image to an advert or other image, but the previous iteration with a health__.com image is still a 1x1 pixel file..

In this case, it didn't seem to be a link.

However, I've noticed a bunch of other suspicious posts by some brand new members that seem to quote without attribution a line or so from another post above them in the thread and then show evidence that the post was edited by its author. I wonder whether the original post contained a link or picture which they then removed themselves. Maybe I'm naive here, but it's hard to see any motivation for doing this unless it's some bot trying to build a post count.