Home > Uncategorized > Spam on forum sites

Spam on forum sites

I recently had to change all the security on our forum page www.derailedpoker.com/simplemachinesforum due to spam. I also got a email back, it was a reply from the welcome message that gets sent out to new members saying something like I should delete all accounts associated with my e-mail address! (i do not have the e-mail anymore I deleted it) This guy goes by a couple different names and one of them is “Random Digilante” and I’m not sure what the other was but he does have a blog…..http://randomdigilante.blogspot.com/. If anyone knows more about this will you please let me know if I should have ANYTHING to be worried about.

Thanks Nick

  1. May 2, 2010 at 11:30 AM

    No reason to “worry.” The Random Digilante guy is playing games with the spammer that registered a bogus account on your forum.

    His point is that if you have complex password requirements, the most common automated forum spamming software chokes because it can’t follow the instructions. It has to play nice with forums that only allow 8 digits and don’t allow special characters, so it won’t create longer or more complex passwords.

  2. August 26, 2010 at 4:08 AM

    I just had one of these. I was a little confused as manually confirm all registrations on my little club site, and a check showed that although there was the usual couple of hundred blatant spammer registration, there were no spam posts or anything.

    I think Alpha Centauri is right though, but as he had a .ru email address I didn’t want to risk going to his blog to find out more. (Could be an enticement to a malicious script.)

    I think he got my email address either from a domain whois lookup or by requesting a password reminder for a test spammer account.

    I’m not going to worry at the moment though – bigger fish to fry but if I get loads more I will have to make the registration harder, which will save me having to purge the spam accounts periodically. I’m not going to increase password length though as most users have trouble remembering them as it is, there are better ways. He is right though that ALL spammer passwords on my site are 8 character random letter/number combinations which stand out like a sore thumb.

    • AlphaCentauri
      October 11, 2010 at 10:35 PM

      The Random Digilante’s email isn’t .ru and he didn’t get your email address. The spammer created a free email account to use for registering on forums. Your forum sent a confirmation email after he registered, but the Random Digilante had already logged into that account and created a vacation message that would go out every time the account received any email. (Since the registration confirmation links are predictable with many forums, the spammer doesn’t even have to check his mail to “confirm” his registration, so he continues to use the address to register on forums even after the password has been changed.) The Random Digilante blog is on Blogspot, a Google brand: http://randomdigilante.blogspot.com/ so there is no danger to going there to ask him your questons. (No point emailing to that .ru address; you’ll just get another identical vacation message.)

      I think you’ll find it isn’t really harder to remember longer passwords. Actually, it’s often easier to remember when you have the option of using a whole phrase, then put in capital letters or add special characters between words.

      You mention the spammers’ password format. Are you storing your users’ passwords in plain text, rather than encrypted hashes? Should you get hacked (happens to the best of us), all your users passwords will be exposed. Many people use the same username/password on multiple sites, so hackers might be able to get into their email accounts, then figure out where they bank, then clean out their accounts, all before you realize your site has been compromised. (There can still be an issue if their passwords are too easy, of course, as the hashes themselves will already be available in tables that hackers use to identify the encrypted forms of common passwords. But if you require more complex passwords, that is less of an issue — complex passwords are less likely to be in such tables.)

  3. AliBay
    October 31, 2010 at 7:17 AM

    He simply thinks he is saving the world, wales, kangooroos, ozone layer, and climate change with those stupid e-mails about an assumed security hole in your system, basically if you are using a common PhpBB or so.

    I guess he is very unhappy in real live.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: