I just posted something and had to go through the "Click the photos with street signs" test before my post was accepted. I was logged in. I don't remember ever doing this before here. Is this new? Is DW getting attacked with bots all of a sudden?

Recommended Answers

All 11 Replies

Interestingly enough, THIS thread posted without a Captcha test. The previous reply had the test.

The answer is yes, DaniWeb has been under a spam attack (800 support scammers) for many weeks now. All the time I spend on DW has been devoted to banning these accounts (being set up at a rate of many dozens every hour) and deleting posts that get through. The same thing applies to all mods here.

I'm glad you hadn't noticed though, that means we are least keeping this shite away from the membership for the most part.

Dani has been trying various methods to thwart the scammers, but this is a rather devious and determined group it seems.

Oh I definitely noticed a recent uptick of drive-by spammers. What I didn't know was whether it was a bot attack or actual people replying. I'm guessing mostly the latter since they very often seem to be a couple minutes between spam posts rather than seconds or even less apart. The result is a full two pages of spam postings on the front page before getting to the real stuff.

A little feedback for you, hopefully easy to implement, and it appears to be at least partially implemented already. Once you ban them, there are still traces of them and their handiwork, or at least there was yesterday. Their threads may have disappeared but their names (often the name is spam) and their 1-800-BUYSPAM messages were still visible on the front page post-ban. It might be helpful to have a ban button that with one click, all traces of the spammer ever existing disappears: the posts, the community joining announcement, the post announcements, and the member's actual member page gone, including the Dazah page. Poof! Right now they're still getting their message out even after they're caught and polluting the front page.

I'd even go further and enlist the help of veteran posters to flag spammers as such and if so flagged, the mere flagging would make the post disappear till an actual mod could take a look at it, basically a guilty-till-proven-innocent special "Flag for moderation" available only to long time solid posters and only to be used for extremely obvious pure spammers. I doubt it would be abused. Also, immediate flagging for a username like this guy...

https://www.daniweb.com/members/1143204/ghjhkj

Test for a lack of vowels and all the letters next to each other on the keyboard. Right off the bat I knew this guy wasn't real and I imagine everyone else did too. Test for 1-800 phone numbers too. How often does a legitimate post have an 800 number?

Good luck!

Their threads may have disappeared but their names (often the name is spam) and their 1-800-BUYSPAM messages were still visible on the front page post-ban.

This bug was corrected. Banned members no longer show up as "... Joined the Community" in the activity stream.

Test for 1-800 phone numbers too. How often does a legitimate post have an 800 number?

We are already doing this.

The result is a full two pages of spam postings on the front page before getting to the real stuff.

A lot more than the first 2 pages!! It's been thousands of posts over the past 48 hours. We're being full blown attacked. I'm still convinced the process is largely manual though. I'm seeing no signs of it being a completely automated process. They're activating their email addresses. Using legitimate useragents (which, of course can be spoofed). Getting past all of our CAPTCHAs and Javascript checks, etc.

commented: Once they find a spammable site, they invite friends. Thanks for working this issue. +0
commented: Yeah, thanks. I was about to bail out on the site. +0

Once they find a spammable site, they invite friends. Thanks for working this issue.

We have been targeted for attacks many, many times over the years. Because we are on a custom platform, any automated bots they come up with have to be specially written for us. It's typically a cat and mouse game of them spamming, us making changes to our platform to mitigate the attack, them modifying their bot to circumvent our changes, etc. However, it's rare that the cat and mouse game goes on for this long before they give up.

Mostly for the benefit of others, there is so much money in 800 and 8xx support that they wage campaigns to get their numbers up on google searches. Not much to automate when labor is cheap. I've been to Asia and other places, my partner in many projects has been to many other parts of the world and I hope I can find a picture of the conditions they work in to share soon.

It is indeed manual work over there so the only way this was cut to a trickle was a spambot.

Is yours online and called DaniBot?

Is yours online and called DaniBot?

DaniBot is the name of my telepresence robot at the DaniPad shared workspace in Queens, NY.

https://suitabletech.com/

commented: Thanks again. A friend worked a Double Robotics. Went back to teaching. +0

i just noticed this a few days ago when all those spam posts where on the main page advertising thier phone numbers, look like you guys are doing a great job at keeping these low lifes at bay first ive noticed and its been going on for years... goof job.

commented: +1 for goof job. +0

I concur with the accolades being sent your way on combatting this Dani. Well done. How many man hours do you suppose this has cost you (the royal you, meaning including the mods and anyone else helping you)?

This bug was corrected. Banned members no longer show up as "... Joined the Community" in the activity stream.

As of five minutes ago, I'm still seeing it on the main screen. Take this guy... please.

https://www.daniweb.com/members/1143238/fgfhfghjghj-hgh-hf

The only reason I can link him is because of that "Joined the community" link on the first page.

Interestingly enough, Dazah says he has 63.2% Recommendation Strength. And we have 1 mutual connection. Huh? In contrast, Reverend Jim has 61.5% Recommendation Strength. HappyGeek 54.7%.

Am I reading this right? Dazah thinks I have more in common with a low-down no-good spammer than a couple of highly competent programmers? Either I'm reading this wrong or it says something about Dazah, or perhaps more likely, something about me. ;)

commented: It's all about you. I too saw that % and worry same. +0

Now he's at 68%. ersfdsg4 sfdw45 is at 63.2%, which is surprising. I expected it to be higher since I know his brother Bob quite well.

At the worst I was repeatedly cycling through the four top-level forums, mass deleting 50-100 spams in each. By the time I was done the last forum it was time to start again with the first one.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.