Home

Your premium source for custom modification services for phpBB 		  logo

HomeForumsBlogMOD ManagerFAQSearchRegisterLogin

Comments August 7, 2010

Delayed Spamming

Filed under: Anti-spam, phpBB — Dave Rathbun @ 1:58 pm CommentsComments (4) 

I’m sure I’m not alone in seeing this new spammer tactic… I called it delayed spam. How does it work?

A spammer registers on a board. They might not do anything for a while. Then they try to post something that looks legitimate, using generic language that could be appropriate anywhere. Stuff like:

You make some good points, please keep posting

I find your arguments compelling, can you link your sources?

Thanks, it helped me

None of those add anything to the discussion, but they’re not really spam. What happens next? The spammer goes quiet for a few weeks, hoping that the topics they have posted in will fade from the front page. Then they carefully go back in and edit their post. They might change the text of the post itself, or they might add a signature that wasn’t there before. They are relying on the fact that phpBB (and other boards as well) do not bump a post back to the front page if something is edited, only if new content is added.

Very frustrating.

So far I have not come up with a programmatic solution to the problem. I am working on code that will capture the edit history of a post and allow board moderators to revert to an original version, so that at least would let me prove how the spammer added their content after the fact. That doesn’t solve the problem, it just provides an audit trail should I decide to try to take action against the spammer.

A frequent suggestion at this point might be something along the lines of preventing someone from posting URLs or links until they reach a certain level of post. That doesn’t help either, as the spammers often have five or ten posts under their belt before they come back and edit. Plus it impacts the legitimate new users that come on board with questions that require links. It’s not my favorite concept.

So today what my moderator team does is a manual process. When we get a suspected spammer, they will do a web search for either their username, their email address, or both. If they find the same username on hundreds of different boards that’s a good indication they’re a spammer, especially if the user is recently registered on all of them. They can also pull up posts from the user on these other boards. If they look similar to what they’re posting on our board, that’s another indication. All of these steps are used to decide whether to preemptively ban the spammer before they spam, or decide to wait.

It’s all a manual process for now. So while I’ve been away from phpBB2 for a while because of other demands on my time, this has never really been far from my mind. I just haven’t come up with an idea that can be implemented in code versus a manual process.

Guess I should check in with the BB Protection folks, and see what they’re up to at this point.

Powered by WordPress