Spam attack

[JohnD]

Anyone who has visited the TRR message board will find it has been and still is under what could be said to be a 'denial of service attack', the number of spam messages drowning out all other posts.   The titles all start with the word "CONTACT".

  I expect and hope that Craig is, rightly, fast asleep right now, but I'll use this post to notify the Mod system.

John

[Nick Jones]

Thanks John.

[JohnD]

Nick or Craig have not reported if they have had to wrestle with the snakes of spam, but the TRR board was free of them by yesterday, no doubt after a mighty tussle.

Did we dodge a bullet?

John

[Nick Jones]

Not aware of any problems so far. Think Craig did an update earlier this morning.

[JohnD]

As a residue of this attack, TRR members have been asked NOT to use the usual Report button for spam, as this " results in a report for every item the spammer has posted, so the same miscreant can result in 20/30 - 40 posts" .  When many board members report, that would flood the inbox for the Mods!  Instead they are asked to PM a Mod, with the forum where the spam has appeared.

  I think that TRR and Sideways use the same board software, so if this happens here, would that be the best way forward?

John

[zetecspit]

49 minutes ago, JohnD said:

As a residue of this attack, TRR members have been asked NOT to use the usual Report button for spam, as this " results in a report for every item the spammer has posted, so the same miscreant can result in 20/30 - 40 posts" .  When many board members report, that would flood the inbox for the Mods!  Instead they are asked to PM a Mod, with the forum where the spam has appeared.

  I think that TRR and Sideways use the same board software, so if this happens here, would that be the best way forward?

John

John, the CT board had a series of spammers a while ago, I had the joy of sorting them, but at one point it was a full time job. Then we altered a setting temporarily so just 1 report of spam would freeze the miscreants account. 

For the moment I am manually approving new members to the website, although CT members get pre-approved. Still have teh odd russian trying it on, the asian suncontinent has gone quiet. And the odd one from Florida. Generally if the username smells bad, they don't get approved. 

The clever scam was one that appeared early this year. People (probably just one) sign up, never post on the forum, but were contacting members by personal messages in response to wanted ads. We got reports, sorted that and now impliment a system where noobies cannot initiate private messaging (but can respond). This disappears after a certain post count.

It is all fun and games.

[JohnD]

It's like the Arms Race of Evolution!   

They try something new, and you adapt to deal with it.

JOhn

[Escadrille Ecosse]

4 hours ago, JohnD said:

It's like the Arms Race of Evolution!   

They try something new, and you adapt to deal with it.

JOhn

Relentless evolution

 

[Nick Jones]

Evolution is relentless…… except in humans where it appears to be in accelerated reverse….

[JohnD]

Could it be that the Neanderthal genes are coming through?     Last Year's Nobel went to Svante Pääbo, who found 1-4% in modern human  genomes.

John

[GT6MK3]

We have a couple of relatively simple custom settings that let me see most spammers before they get to post.  I won’t reveal them here but they’ve worked well so far.

Our software is pretty good in hunting them down, and if they get banned from another forum, their email address gets flagged here for us.

Its all thanks to the members who put their hands into their pockets and contribute their hard earned in the form of subs, so thanks again to those that do!

[JohnD]

I received this email last night:

Clicking on "Read Voice" takes me to a page that shows  a BTinternet logo, and then a page asking me to log in with my password.    No intervention form my usually vigilant firewall, but I then  chickened out - or else sense prevailed, and I deleted these pages.   As the  email sender was not on BT, I think I should have deleted the message in the first place

Anyone met a "Voicenote" before?   Are they pukka, or bad news?

John

[DeTRacted]

Not exactly the same but probably related

https://www.pcrisk.com/removal-guides/25844-voice-note-email-scam

[JohnD]

Thank you DTR.   Not exactly, but very nearly the same, and as they say, it "requests the user to sign in using their email account (i.e., email address and corresponding password)."    Which is exactly what happened when I followed the link.  Then, as they go onto say, "It is a phishing attachment that records entered information and sends it to the scammers."

My scamdar is working!

John

[thebrookster]

If I may impart a wee "rule" that I use: Never follow a link from an email, with the sole exception of a password reset that YOU have triggered.

Doesn't matter how safe I consider it, I always go to the relevant page in a browser, and login that way. Then I don't have to worried about small spelling errors etc, that spammers may use for spoofing.

Phil

[JohnD]

Good rule, Phil!