ARCHIVE: Report spam issues here (older posts)
 

Haven't noticed it before. Guess the bots are getting smarter. I'm starting to see a lot of it, where a user will have a dozen plus posts, all in the same forum with typically the same crap.

Sure, you can whack a mole after the fact, but are you trying to prevent it in the first place?

Spammers and BB operators play a constant cat and mouse game. There are plenty of traps in place today but dialling them to high blocks posts of genuine newbies too @:-)

As my erstwhile colleague says, this is a continual war; spammers are always seeking to exploit breaches, etc. There is actually a significant spam protocol on FlyerTalk; much of the spam you actually never see because of it. I'm loath to discuss too much of it, because spammers do try to find shortcuts all the time.

1) Considerable spam gets intercepted and trapped by automated scripts and filters.

2) Quite a bit of spam that gets through is held in a moderation queue so moderators are notified and must approve (or otherwise handle) the post(s) in question before you get to see it.

3) The tip of the iceberg is what you see, and it's easily disposed of by using the http://www.flyertalk.com/forum/image...ons/report.gif "Alert a moderator to this post" function (or otherwise contacting Admin or moderators).

So, yes, IB is working (quite well) to control and prevent spam.

It seems much worse over the last week. I've given up even reporting them, as there are so many.

To some extent, how much you may see will depend on which forum you "inhabit". The top forum in our position will attract more spam, so the Information Desk is currently the target.

As I say, I am reluctant to discuss these publicly lest I point out the fuel supply to the arsonist, but IB is continually seeking improved ways of handling spam.

(As one of four Senior Moderators: it is our job to respond to every forum that does not have an appointed moderator; we are very much concerned with this issue and how effective IB is directly affects our time and efforts.)

I don't inhabit any forums in particular. I generally look for new posts, and check out the interesting ones.

It actually has been much worse over the past few weeks. As my colleagues have pointed out, we are working hard to address the recent attacks, but achieving a good balance between effective prevention and excessive blocking of legit posts is difficult, at best, and some attacks are more challenging to combat than others.

Although you may be seeing the increase, I assure you that what others have said is true: much of what we get hit with disappears from the site in an instant, long before you ever have a chance to lay eyes on it, thanks to the many alerts we receive from members, and the rapid responses of multiple mods operating across all time zones.

It's an exercise in frustration, but we are not just accepting it.

aBroadAbroad is aboard ;) with the issue. Information Desk, as it is the first open forum, gets hit hard.

Though once upon a time (it seems so log ago!) it was easy for spam suppression software to autoflag new posts with "vi@gr@" in the title or pornspam, it's gotten substantially trickier - and we are getting new varieties of spam as well, offering spells, fortune telling, mutu (well, OK, not the last, but nearly!)

Just got hit again-this time the Info Desk

And yes, I reported it

when forums dont have moderators, requires senior moderator / admin to remove

But any moderator can suspend/ban the user
The Indian spammer on the info forum usally posts about this time :td:
1 senior moderator often waits with the gloves on :)

Yes, but if a member uses the alert button in those forums, all of the senior mods will receive that notification. So, in forums without a resident mod, using the alert feature is even more important.

The three Info Desk mods are presently based in similar time zones. Thankfully, our fellow mods in offset time zones have been closely monitoring the forum while we are offline, so at the very least, attack-spammers are being banned within just a few posts. Fortunately, I'm relocating back to Asia in a few weeks, so regular moderation of the Info Desk should soon be significantly improved.

Meanwhile, admins and mods are working together to identify and implement more effective measure to prevent these large-scale attacks sitewide. It's complicated, and takes time, so please be patient with us!

Many spammers post a link to an image.

Anyone know the reason for this? Is it to track pageviews (not sure why this would be interesting), or are they trying to spread some sort of corrupted file with malware?

Could be many things, its primarily to drive link traffic to a server/domain, which gives that domain some SEO credit or established it as a legit server in the eyes of various anti-spam services.

This is still happening quite frequently, and has been for the past few months. I notice it quite easily as it comes up as a large broken image due to a restrictive proxy I have.

It is almost always a link to the same website (lifeh...) preceded by a section of text from a previous poster in the thread. The spammer always makes 6 posts.

Should be simple to flag/block links to that website?

No idea what the purpose of the spam is though..

Riiiiight, I've noticed this exact same spammer who never gives up and keeps coming back. This spammer/mob doesn't always make it to the 6th post though. When I spot it, I'll always RBP it so MODs can get to it before the post count reaches more than 5.

If so, we wouldn't be seeing the same spammer over and over again, would we? :(

I thought it would have been quite easy for the tech department to just flag any post with this particular jpg link and stop this spammer from the get-go. Apparently not.

I don't know all of the ins and outs, but I know that there could be MANY different copies of the same image, each with a different name or URL. So blocking one particular jpg doesn't solve the problem, unfortunately.

As I said, the domain name hasn't change and seems unique enough to block outright.

Yes, spammers come in different forms, shapes and languages, but...
 

This particular spammer nux and I were referring to always uses the same hyperlink at the end of every post to the same jpg with no exception.

That's why I wondered how difficult it is for the IT folks to flag a specific hyperlink spam so the system can automatically squash the posts and that specific poster.

Would this lead to whack-a-mole cycles with the spammer switching to a new jpg for the same image every time FT detects the spam?

Tech would like to see an example of that JPG invocation or something else to see a pattern. PM me or re-post here if you see it, thank you.

Tech has the jpg now (thanks to nux) and is going to try to blacklist it.

That's a valid concern and it just happened today with this non-stop spammer who used a makeup link, tw.gs/X6xbfy. However, he would always redirect those fake links back to its very source, aka the same (un)health site/jpg. Unless he also keeps renaming his site, the site would always carry the same name.

I guess the question is how equipped is IB to unroot those spam posts with fake links. Is it an impossible mission? I sincerely hope not.

IP address banned. Not sure there is a good keyword that's bannable at this point.

Maybe banning one IP address is not enough.

MOD had kindly shared with me that this annoying spammer "uses an anonymous proxy, posting from multiple IPs across user names AND within each user name." So apparently this spammer is quite "skillful." I am not a tech person but I hope IB Tech Dept can come up with a good solution.

The best method is to keep track of these spammers, and report them so that they can be immediately banned. Because of their use of an anonymous proxy, it is not a simple task to track down the multiple IP addresses.

Just spotted and reported another one with a different jpg link today.

The cat and mouse game continues: http://www.flyertalk.com/forum/members/yjkfakbarin.html

Seems to be the same jpg link as on Oct 11.

Thank you for taking care of it! ^

I think this spammer must be an Arnold Schwarzenegger fan, "I'll be back", and just returned once again.

I guess spammers are all "Die Hard" fans as well. :p

ps. yes, I reported it.

Thanks!

Keep 'em coming, we'll keep swatting. :D

He's back, simply can't resist FT for more than a day. How charming FT is! :D

You are welcome!

Back again: http://www.flyertalk.com/forum/membe...xsupnetcr.html

Still the same domain name and JPG link as the past few times - surely it would be easier to block the domain name?

I assume it is 'spamdexing' and so unless they change domain names blocking it would stop them posting.

Please report such tracking image posts as you see them to the respective mod, that way they get deleted/blocked quicker. @:-)

Back again, still the same domain name and JPG image.
http://www.flyertalk.com/forum/membe...kxsaultss.html

I would have thought it would be simple to block links to a specified domain name from being posted.

I did, as well as posting here.

Spammers have so many lives and faces. :p

I thought so too since they were able to do this to the other "unhealthy-jpg" spammer about 3 weeks ago:

and that's one of the reasons why I update this thread when I spot a new one. Why not do the same to this $$guy?

Back again, exactly the same URL. Surely blocking the url from being posted would be easier than continuing to delete posts and ban users?

http://www.flyertalk.com/forum/members/vkxpmoroeyg.html

This army of jpg spammers has a tendency to get busy between 3-5 pm Asian time.

And I still don't get why the admin hadn't put a blanket block to this particular jpg link (..........com/10b.jpg).

I can try to block that jpg tag... what is the URL that's being posted?

I'd posted above yours but will now quote it again in bold (I deliberately omitted the http part for the obvious reason):