Why Do Spammers Like This Forum So Much?

[Vicegrip]

@Drewdane 166529 wrote:

I don’t think I’ve ever been on a forum that gets quite so much spam, especially for phones. Why are the WABA forums so attractive to to smart phone salesbots? :confused:

Might be ease of access. I buddy manages a local car forum. I asked him about spam and bots and the like. He said they are probing the board all the time and he has to stay on top of them. Seems that it used to be bots posting random word groups and a link. Now there is some almost coherent post and then the link. I say lock the ability to include hot links to more than 50 posts. If someone with less needs to post a link they can send the post to a mod and have it approved. This won’t stop the type like today as it does not have a hot link. Give some forum members the ability to temp block posts and posters to increase the speed that the posts are pulled down. When the spammers see they they only get one or 3 views before the spam is pulled they will go elsewhere.

[ursus]

@Vicegrip 166530 wrote:

Might be ease of access. I buddy manages a local car forum. I asked him about spam and bots and the like. He said they are probing the board all the time and he has to stay on top of them. Seems that it used to be bots posting random word groups and a link. Now there is some almost coherent post and then the link. I say lock the ability to include hot links to more than 50 posts. If someone with less needs to post a link they can send the post to a mod and have it approved. This won’t stop the type like today as it does not have a hot link. Give some forum members the ability to temp block posts and posters to increase the speed that the posts are pulled down. When the spammers see they they only get one or 3 views before the spam is pulled they will go elsewhere.

Maybe it is time to repaint the white bicycle.

[RideTheWomble]

A couple of things. First vBulletin is beloved by spammers. https://www.cvedetails.com/vulnerability-list/vendor_id-8142/Vbulletin.html Second, the forum has to strike a balance between being welcoming to new members and locking the forum down. It’s tilted toward being new-user-friendly, and all the admins are volunteers. They’re pretty good at cleaning up spam once it shows up, but they can’t monitor the forums 24/7, like pros might.

[RideTheWomble]

A couple of things. First, vBulletin is beloved by spammers – https://www.cvedetails.com/vulnerability-list/vendor_id-8142/Vbulletin.html . Second, the forum has chosen to be easier for new members to join on the “easy to join” <--> “totally locked down” spectrum. The admins are all volunteers. They’re good at cleaning spam up once it’s found, but they can’t monitor the forums 24/7 like full-timers might.

[skins_brew]

The pool of security questions needed to post is very small, and probably does not change enough. In reality, they need to can the static questions and move to a recaptcha type system, or get more moderators

[anomad]

My job revolves around making a bunch of security patches. Discovering all the things that we broke with the security patches. Fixing the broken stuff and… you can probably see where this is going.

[Harry Meatmotor]

ahhh, modern IT. Fix something; break something. Fix the thing we broke. Break the thing we fixed.

Imagine if your plumber pulled the same sh*t:

Fix leaky faucet in kitchen.

basement floods 8 inches.

drain basement.

(6 weeks later) everyone in neighborhood has low water pressure.

fix pressure.

faucet in bathroom starts dripping. response from plumber, “well, my faucet isn’t leaking!”

(4 weeks later) open up sock drawer in bedroom; socks are soaking wet.

[peterw_diy]

@Harry Meatmotor 166545 wrote:

ahhh, modern IT. Fix something; break something. Fix the thing we broke. Break the thing we fixed.

Imagine if your plumber pulled the same sh*t:

Fix leaky faucet in kitchen.

Imagine if every teenager in Eastern Europe could reach and hundreds of them were trying to mess up your kitchen plumbing…

[Drewdane]

Okay, this is getting out of hand. 21 out of 45 threads in “New Posts” are spam. This forum has always been a spam magnet for whatever reason, but…

[jabberwocky]

It’s because it isn’t getting removed. Most of that spam is link farming for search engine purposes, so the point is to have it stay up, and whoever moderates this place isn’t around to remove it. Makes this forum an attractive target.

[cvcalhoun]

It’s not just that it’s not getting removed–it’s that there is so much to begin with. My own site has a bunch of traps for spammers, including a honeypot, fields that have to be filled in with specific things or the form won’t submit, and Google reCAPTCHA. It stops the spambots cold. But this forum does not appear to have as strong a system.

[n18]

Search engine optimization (SEO) is a big business, unfortunately, some pay others regardless of whether they use ethical or non-ethical methods as long as their website shows up in the top 10 for certain keywords:

https://en.wikipedia.org/wiki/Search_engine_optimization#White_hat_versus_black_hat_techniques

This forum is using rotating static questions, but the spammers maybe using just one answer, such as “bike”, and resubmit the same answer several times which gets through after few times.

[cvcalhoun]

@n18 167489 wrote:

Search engine optimization (SEO) is a big business, unfortunately, some pay others regardless of whether they use ethical or non-ethical methods as long as their website shows up in the top 10 for certain keywords:

https://en.wikipedia.org/wiki/Search_engine_optimization#White_hat_versus_black_hat_techniques

This forum is using rotating static questions, but the spammers maybe using just one answer, such as “bike”, and resubmit the same answer several times which gets through after few times.

There are much more effective methods, though:

* Google reCAPTCHA (that “Are you a bot?” thing) is a very sophisticated one that checks for patterns (e.g., are you filling in the form faster than a normal human), and presents you with a challenge if you look like a bot.
* A honeypot is a question which is made invisible to normal users, but remains visible to spambots. If anything is filled in, the form won’t submit.
* Akismet is a system that checks the name and e-mail address used to register against known spammers.

Each of these will drastically reduce the amount of spam you get. Using several of them together can get the number down to pretty close to zero.

[anomad]

I would have yes or no questions like “Are eBikes cool?”

That would keep out a ton of spam.

[jrenaut]

We’re also two versions behind on version 4, and version 5 came out in 2013. So likely current spam fighting techniques haven’t been getting added to our forum in at least 3-4 years. A lot has changed in that time. Losing Tim Kelley, one of the most active admins (as far as I could tell) also likely hurt. Don’t think this is very high priority that the people writing checks care a lot about.

i keep waiting for someone to come out with forum software that’s actually a reimagination of this rather than incremental upgrades on what we’ve been using since pretty much the dawn of the internet.

[Author]

Posts