No announcement yet.

user complaints about increased spam

  • Filter
  • Time
  • Show
Clear All
new posts

  • user complaints about increased spam

    i've had a number of user complaints about increased junk mail. for the most part, i chalked them up to confusion and/or coincidence, but decided to do a little experimentation with a newly acquired hotmail account just in case. the results of that exercise, although not definitive, are enough of an indication that someone could be scraping email addresses off the site.

    i'm not quite sure where to start investigating this, so any suggestions would be most helpful. i assume member searches are the primary harvesting tool, and since only members can search, i'm working with small group of 1100 or so.

    is there any way to monitor user/search activity? any thoughts on other possible methods that could be used to collect data?

    appreciate the help.

    - kestrel
    (upgrading from 2.0.2 to 2.2.1 this evening)
    In theory, there is no difference between
    theory and practice, but in practice there is.

  • #2
    Just shows you the amt of misinformed people on the net, that's all.

    1. email addresses that are targeted through dictionary attacks cannot be "hidden" from spam. So if they have [email protected] its bound to be hit by a dictionary attack. But, say an email addy of like [email protected] its pretty unlikely to get spam. (I currently have an email like this and it hasn't received spam...yet.. Well its been 2 years).

    2. The amt of spam has increased over the last 5 years. To get an idea:
    Has some specifics about how much "spam" is being reported. The top is the amt of "people" have complained to that particular provider. That's a "small" fraction, and if everyone reported the spam they get (instead of deleting it) the number would increase by 10 times.

    3. Most spam come during the weekends and MAJOR holidays. These next three months are heavy with weekends and holidays. Expect the chickenboners to spam you heavily.

    Now, if they USE their email address on other than YOUR website, then they can't single your site out for the increase of spam.

    To test use a "mungled" up email (like the one I use) and register on your own board. Forget about it, and see if you get spam. If not, then you know it isn't from you. IF YOU do, then you know someone is leeching email addies from your forum. YOU can turn off the viewing of email addies to your forum and see if the problem is solved (but you can allow them to use your forum to send emails to each other.)
    Last edited by WizyWyg; Tue 20 Nov '01, 3:55pm.
    There are only 10 types of people in the world: Those who understand binary, and those who don't


    • #3
      Using hotmail is half the problem - I created several accounts with them a couple of years ago for various purposes, one of them I wasn't yet using but logged into with the rest to keep it active. Within around 2-3 months I was receiving sh#tloads of SPAM on that account - an account that I had never used nor disclosed the address of to anyone...


      • #4
        You can chalk that up to the Hotmail Member Directory!


        • #5
          Joshua, you are right about the Member Directory. I used to get tons of trash at one Hotmail address and none at another. The only difference was one was listed, the other wasn't. Once I delisted the spammed account from the Hotmail Member Directory and from the Internet White Pages directory, within 2 months all trash slowed down to a trickle. I now may get the odd one every other week.


          • #6
            thanks for responding. there's no question that hotmail is the spammer's best friend. it, and every service like it, should be banned as far as i'm concerned, but in this case, only two of the dozen or so users that complained have hotmail accounts. the rest have email through their local ISP.

            i realize trying to pinpoint this from a user standpoint is nothing more than a waste of time, but i'd to be able to rule out the possibility that our site is being scraped for info. given the right tools, it just might be possible to do this by identifying patterns in function access, user activity, etc.

            - kestrel
            not giving up just yet...
            In theory, there is no difference between
            theory and practice, but in practice there is.


            • #7
              it doesn't have to be one of your members either.

              There are bots on the net that trawl though 1000's of sites to pick up email address.
              Email: [email protected]
              Site: Under Construction


              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.