Announcement

Collapse
No announcement yet.

Help! Spam bots in spite of visual confirmation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by Steve Machol View Post
    I have never seen any proof that the captcha doesn't work. These are instances of someone manually registering then turning over the posting to a bot.
    Hi Steve,

    This is not a case of spam being posted on my forum, these bots are trying to register and because I have moderation for new registers they never get in, I just delete the account.

    The bots get past the captcha but get messed up on the optional profile fields. One of my fields is 'Name' and they always answer http://something where something is always some unique url address.

    Comment


    • #17
      That does not means these are bots. To date no one has shown that any bot is able to get past the vB captcha. I'm not saying this is impossible, I'm just saying people shouldn't automatically jump to conclusions.

      And even if they are doing this, then there's not much that can be done about it I'm afraid.

      P.S. The captcha in 3.6 is greatly improved. You should upgrade.
      Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
      Change CKEditor Colors to Match Style (for 4.1.4 and above)

      Steve Machol Photography


      Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


      Comment


      • #18
        Russian Spam

        Originally posted by rsgreenhorn View Post
        Is there a way to ban all users that use a particular e-mail domain such as mail.ru? I keep getting these spam bots inspite the image verification and its difficult to always humanly ban them and they all have the same e-mail domain.
        Is there a list of spam addresses, so everyone can block them with one cut and paste? I recently had a big attack from @GAWAB.COM. I encourage others to post their major spam addresses here and start a list, if one does not already exist. Thanks a bunch.

        Comment


        • #19
          Originally posted by Steve Machol View Post

          And even if they are doing this, then there's not much that can be done about it I'm afraid.

          P.S. The captcha in 3.6 is greatly improved. You should upgrade.
          Ive upgraded in sole anticipation that the captcha would curb this problem, however it hasnt, seems worse.
          I wanna believe the image verification hasnt been compromised but I find it hard to believe that its not.
          Many corporate sites are now using colored & complicated patterns, that leads me to believe its possible for a bot to read a basic image, like an OCR engine.

          I hate manually moderating each post before its published, but we (my mods) might be forced to do it until a better solution is available.

          Comment


          • #20
            I removed the captcha and put in a simple question instead, if the question is answered incorrectly the registration process is terminated. No more bots have registered since I did this and I was getting as many as 12 a day.

            It appears the captcha was the problem and the solution is rather simple. I suggest vBulletin implement this question/answer technique.

            Comment


            • #21
              Originally posted by Andy View Post
              I was getting as many as 12 a day.
              Mines more like 12 an hour, we setup an insta-ban infraction card & been nuking them all day long in an attempt to prevent them from making a post.

              I've been good not to use any mods, but would be very interested looking at your code implementation.

              The custom profile fields i understand, but would like to see how you do the error checking against the question/s.

              ~sigh~ spammers, gotta love em.

              Comment


              • #22
                Yepz...I would love to see the code for the question, I'm a newbie board owner, and I have absolutely no idea other than email banning on how to stop these guys.

                I'm getting my spammers from gawab.com and mail.ru as well.

                Seems as if this is a problem on alotta VB sites in the past few weeks. I have friends that are having the same problem. A fix would be worth it.

                Comment


                • #23
                  Originally posted by redg8r View Post
                  The custom profile fields i understand, but would like to see how you do the error checking against the question/s.
                  The custom profile field must be the last one and it should be a required field, then create a plugin like this.

                  Click image for larger version

Name:	Untitled-1.jpg
Views:	1
Size:	82.3 KB
ID:	3668928

                  The correct answer to my question is '2' so the plugin looks for this number at the end of the variable, if it is not a '2' then the registration process is aborted.

                  Comment


                  • #24
                    My answer

                    Originally posted by Andy View Post
                    The custom profile field must be the last one and it should be a required field, then create a plugin like this.

                    [ATTACH]20104[/ATTACH]

                    The correct answer to my question is '2' so the plugin looks for this number at the end of the variable, if it is not a '2' then the registration process is aborted.
                    Hi Andy

                    In your image it shows '2' in 2 places. No matter what my answer is, does it have to be amended in both those two places ? So if my answer is *Jolly Good*, I then amend *Jolly Good* in both places ?

                    Sorry to sound a bit **** but I am no programmer.

                    Comment


                    • #25
                      Originally posted by Steve Machol View Post
                      That does not means these are bots. To date no one has shown that any bot is able to get past the vB captcha. I'm not saying this is impossible, I'm just saying people shouldn't automatically jump to conclusions.

                      And even if they are doing this, then there's not much that can be done about it I'm afraid.

                      P.S. The captcha in 3.6 is greatly improved. You should upgrade.
                      I plan to upgrade this weekend.

                      Spammers have been around on the internet since the since the late 70s (actually they existed since the 19th century when Western Union's telegraphs were abused by sending investment offers to multiple destinations ) and will be around for the foreseeable future, but I think what the people here trying to say is that something has changed, and that there has been major shift in the spam war and the effects of the most recent shift have been very pronounced.

                      Computer character recognition

                      Although CAPTCHAs were originally designed to defeat standard OCR software designed for document scanning, a number of research projects have proven that it is possible to defeat many CAPTCHAs with programs that are specifically tuned for a particular type of CAPTCHA. For CAPTCHAs with distorted letters, the approach typically consists of the following steps:
                      1. Removal of background clutter, for example with color filters and detection of thin lines.
                      2. Segmentation, i.e. splitting the image into segments containing a single letter.
                      3. Identifying the letter for each segment.
                      Step 1 is typically very easy to do automatically. In 2005, it was shown that neural network algorithms have a lower error rate than humans in step 3.[4] The only part where humans still outperform computers is step 2. If the background clutter consists of shapes similar to letter shapes, and the letters are connected by this clutter, the segmentation becomes nearly impossible with current software. Hence, an effective CAPTCHA should focus on step 2, the segmentation.
                      Neural networks have been used with great success to defeat CAPTCHAs as they generally are indifferent to both affine and non-linear transformations. As they learn by example rather than through explicit coding, with appropriate tools very limited technical knowledge is required to defeat more complex CAPTCHAs.

                      Some CAPTCHA-defeating projects:
                      • Mori et al. published a paper in IEEE CVPR'03 detailing a method for defeating one of the most popular CAPTCHAs, EZ-Gimpy, which was tested as being 92% accurate in defeating it. The same method was also shown to defeat the more complex and less-widely deployed Gimpy program 33% of the time. However, the existence of implementations of their algorithm in actual use is indeterminate at this time.
                      • PWNtcha has made significant progress in defeating commonly used CAPTCHAs, which has contributed to a general migration towards more sophisticated CAPTCHAs.
                      http://en.wikipedia.org/wiki/Captcha
                      Obviously, there is no "magic bullet" but I do like some of the ideas I have read in this thread. I'm looking forward to upgrading to 3.6 and deploying some of the suggestions posted here.
                      Last edited by The Finman; Thu 17th Aug '06, 1:15pm.

                      Comment


                      • #26
                        Yeah I'm getting a shed load of these registrations now too - and they're mostly coming from the following domains:

                        gawab.com
                        formails.com
                        mail.ru
                        f**kshemale.net
                        pisem.net
                        ukr.net

                        I've added these domains to the banned list but they just come up with other ones. All the birthdays are set to 28 March 1983. Can we prevent users with this birthday from registering?

                        Just for the record I also have image and email verification enabled - looks like I'm going to manually moderate new members now, joy of joys.

                        Comment


                        • #27
                          So what is the best solution?

                          I am not accepting registrations at this time. I would like for people to call and get a password. They want to come into my home. Perhaps they should introduce themselves!

                          How do I change the message that is given when no more registrations are accepted in the register.php file?

                          How can I apply a password to the hmmm dang ! A lot of people are international. ANd they cant just call me.

                          They can get the password by submitting a request for it and it can automatically deliver it. Hmmm I dont know. What is the smartest way?

                          The question and asnwer things sounds awesome! How do I do that?

                          Comment


                          • #28
                            Originally posted by webamature View Post
                            The question and asnwer things sounds awesome! How do I do that?
                            I got the script posted to work (although I am still waiting for someone to explain the arguments in this script, as the only answer to the script as written is 2). And 2 is logical since that is the answer that Andy set up for it, my problem is that I can follow the arguments as to why 2 is the answer, and all my attempts to rewrite it with my own predetermined answer have ended in complete failure. I'll admit that I am not the brightest bulb when it comes to PHP programming, but I can't follow what that script is doing. Maybe my ability to reason has gone flying out the window as I can't follow how that script works at all.

                            I will post exactly how I made it work, but if someone will walk me through it and explain to me the arguments that are being made and why they work as I can't seem to be able to rationalize it.

                            First log into your AdminCP and go to Plugins & Products and choose Plugin Manager.

                            At the very bottom, click on [Add New Plugin]

                            Follow Andy's uploaded image to set the fields.

                            http://www.vbulletin.com/forum/attac...chmentid=20104

                            Since transfering code off an image is a little bit tedious, you can copy and paste from...

                            Code:
                             
                            $length = strlen($customfields);
                            $length = $length - 2;
                            $robot_test = substr($customfields, $length, 1);
                            if ($robot_test != 2){
                            echo "Registration Failed. Missing or incorrect answer supplied.";
                            exit;
                            }
                            I still think it shouldn't work even when the answer is two.

                            Anyway make your new plugin "active" and save it.

                            Next, open your User Profile Fields menu and choose Add New User Profile Field.

                            Choose the first option of Single-Line Text Option

                            Choose your title (I chose to called the New User Profile Field the same as the plugin I created which for me was Spam Prevention Field).

                            I entered my own description. You can choose your own, but for convenience purposes.


                            <p>Please enter the number you see below</p>
                            <p><b><font size="5" color="#FF0000">2</font></b></p>
                            Attached is an image of the settings I used to get it too work, which is the part that baffles me as because it doesn't make sense to me, but as I said...hopefully someone can straighten me out on the who, what, why, how & where on it.
                            Attached Files
                            Last edited by The Finman; Sat 19th Aug '06, 6:58pm.

                            Comment


                            • #29
                              Banned email addresses

                              Originally posted by ceedee View Post
                              Yeah I'm getting a shed load of these registrations now too - and they're mostly coming from the following domains:

                              gawab.com
                              formails.com
                              mail.ru
                              f**kshemale.net
                              pisem.net
                              ukr.net

                              I've added these domains to the banned list but they just come up with other ones. All the birthdays are set to 28 March 1983. Can we prevent users with this birthday from registering?

                              Just for the record I also have image and email verification enabled - looks like I'm going to manually moderate new members now, joy of joys.
                              Here's my selection of email addresses banned over the past few days:

                              @cashette.com
                              @yandex.ru
                              @mail.ru
                              @ukr.net
                              @gawab.com
                              @sriaus.com
                              @email.ua
                              @portsaid.cc
                              @pisem.net
                              @f**kshemale.net

                              And all using the same birthday of 28 March 1983 (for the time being!)

                              Here are the IP addresses I've also banned:

                              12.215.212.252
                              85.139.73.84
                              87.119.168.66

                              To any new users who don't know how to ban users, here's the path:

                              From vBulletin Admin Control Panel > vBulletin Options > User Banning Options


                              You can copy and paste these email address straight into the Banned Email Addresses as below:

                              @cashette.com @yandex.ru @mail.ru @ukr.net @gawab.com @sriaus.com @email.ua @portsaid.cc @pisem.net @f**kshemale.net

                              NOTE: remember to replace the ** with the remaining letters!!!
                              Last edited by richpal; Sat 19th Aug '06, 11:06pm. Reason: Added footnote at bottom ref **

                              Comment


                              • #30
                                After installing 3.6.0 and enabling the captcha for registration I have yet to get single bot to register. Previously with 3.5.3 I was getting about 10 bots a day registering.

                                Has anyone had a bot registering using version 3.6.0 with the captcha enabled?

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X