are spammers vindictive?

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Scam Warning
User avatar
millipede
Registered User
Posts: 208
Joined: Mon Feb 25, 2008 5:13 am
Contact:

are spammers vindictive?

Post by millipede »

So, I ignored something for several days. On the "who is online" page there were three IPs from the Ukraine. Two were a 48. something and the other was 178. something I believe. These were showing "replying to topic in _____" which they of course can't do as non-registered users. So I was confused why they'd be wasting their time and figured they had to be bots.... had to be. They were there for at least 3 days which is extreme considering they weren't getting anything.
Now I don't like blocking IP addresses often and... even though I doubt someone from the Ukraine will ever be interested in my site... I don't like blocking whole IP chains from specific countries Just in case someone legit is there and has an actual interest...
I waited a few days just to see if they'd quit but I finally just went in and put a temporary ban on those three IPs. Almost immediately I was getting emails from the contact page... some coming through, some showing as bounced... but, dozens of them. I typically get less than one a day and here were dozens within an hour or two.
I was outside birding in the yard a bit so I wasn't checking in but when I came back in, there were three new IP addresses from the Ukraine. Interesting. Set it for a week long ban for the moment.

My real question would be if this was an actual person(s) and they decided to try and flood my email out of spite? To get that many emails RIGHT after blocking those addresses doesn't seem a coincidence. I don't know if the spammers actually see the messages but I like to leave one when I ban... "reason to show" I'll put something in. Today it was something like "spam is bad for you"(which I always write) with something like "try back another day if you have any real interest in the site.

I really wish spammers, scammers, and malicious code writers would do something more productive with their time, energy, and skill.
User avatar
KevC
Support Team Member
Support Team Member
Posts: 72339
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: are spammers vindictive?

Post by KevC »

I suspect it was just coincidence. The bots had been blocked from one part of the site so they tried another.
-:|:- Support Request Template -:|:-
Image
"Step up to red alert. Sir, are you absolutely sure? It does mean changing the bulb"
User avatar
JimA
Former Team Member
Posts: 7833
Joined: Thu Jul 31, 2008 5:54 am
Location: The Netherlands
Name: Jim Mossing Holsteyn
Contact:

Re: are spammers vindictive?

Post by JimA »

millipede wrote: Thu May 16, 2019 3:30 pmI really wish spammers, scammers, and malicious code writers would do something more productive with their time, energy, and skill.
You and me both on that one. :)

But yes, like Kev said, I’m 99.9% sure these are just bots trying every part on the site they can get access to. Nothing to do with a vendetta of any sort. IP Banning is also unlikely to work, I’d just recommend proper anti-spam measures, such as extensions to protect the contact form functionality from being used like that.
Jim Mossing Holsteyn - Former Community Team Leader
Knowledge Base | Documentation | Board rules

If you're having any questions about the rules/customs of this website, feel free to drop me a PM.
User avatar
millipede
Registered User
Posts: 208
Joined: Mon Feb 25, 2008 5:13 am
Contact:

Re: are spammers vindictive?

Post by millipede »

IP Banning is also unlikely to work, I’d just recommend proper anti-spam measures, such as extensions to protect the contact form functionality from being used like that.
They're still going at it quite consistently. Been just putting temporary bans(7 days at the moment) but they keep switching to new ones. Same email addresses, same subjects... essay writing? And they now know they can keep hitting that contact page.
So, there's an extension for that? I'll have to go search for that. This could get old otherwise. ha
User avatar
2600
I've Been Banned!
Posts: 2567
Joined: Fri Nov 14, 2014 5:14 pm
Location: Area-51

Re: are spammers vindictive?

Post by 2600 »

I use a combination of CIDRAM and the Sortables captcha. Both in my signature below. I also hold all first time posts in moderation queue.
Morpheus: Unfortunately, no one can be told what The Matrix is. You'll have to see it for yourself.
Hack me.
Consider a canary token.
The nature of my chosen username
:ugeek:
User avatar
AmigoJack
Registered User
Posts: 6108
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: are spammers vindictive?

Post by AmigoJack »

millipede wrote: Thu May 16, 2019 3:30 pmI really wish spammers, scammers, and malicious code writers would do something more productive with their time, energy, and skill.
My usual assumption of "9/10 people are idiots" would also fit here, as the bots act quite blatant. And while I also assume that nobody would do this if there's no award/gain to all this, I also learnt people will still do things like this because they're convinced of their success. I don't think people are "wasted" here - they're bound to that, hence kept away from more crucial things. I rather want to have the idiots code bots than holding being a medical doctor making diagnoses the same sloppy way.

For all new sessions created I log time, IP address and user agent. From time to time I'll order that by IP addresses to then see the same ones with multiple user agents: obviously bots/crawlers that don't want to be recognized as such. I also automatically ban IP addresses for suspicious activity (i.e. accessing files that can't exist) temporarily for 15 minutes:
  • If it was a member then he usually contacts me, and mostly we find out he runs a software he was not even aware of.
  • If the already temporarily banned IP address does the next fishy thing, the ban duration is increased by twice the previous duration (i.e. plus 30 minutes, then plus 60 minutes). Almost no bot honors the 403 response but instead continues to make the same requests; most end up having a temporary ban until 2106.


Summary: don't expect intelligence; and it's always a bot, never a human. You just encountered a situation which coincidentally looks vindictional.
  • "The problem is probably not my English but you do not want to understand correctly. ... We will not come anybody anyway, nevertheless, it's best to shit this." Affin, 2018-11-20
  • "But this shit is not here for you. You can follow with your. Maybe the question, instead, was for you, who know, so you shoved us how you are." axe70, 2020-10-10
  • "My reaction is not to everyone, especially to you." Raptiye, 2021-02-28
User avatar
2600
I've Been Banned!
Posts: 2567
Joined: Fri Nov 14, 2014 5:14 pm
Location: Area-51

Re: are spammers vindictive?

Post by 2600 »

I think there might be big money in spam. Just like there may be big money in phony reviews at websites like Amazon. That's why I use fakespot to give me a grade on the review quality.
Morpheus: Unfortunately, no one can be told what The Matrix is. You'll have to see it for yourself.
Hack me.
Consider a canary token.
The nature of my chosen username
:ugeek:
User avatar
KevC
Support Team Member
Support Team Member
Posts: 72339
Joined: Fri Jun 04, 2004 10:44 am
Location: Oxford, UK
Contact:

Re: are spammers vindictive?

Post by KevC »

Of course there is. But it costs them nothing to hit 100,000 sites at once with bots. If they only make it on to 0.1% of those then that's more than enough. Same with spam/scam emails. It's just a numbers game. Eventually you'll hit enough targets that do what you need so when people google for viagra or louis vuitton bags they're more likely to hit the scam sites as they have the most backlinks and people who don't stop and think for a minute that the price is too good to be true and hand their money over instead of sticking to the more well known sites means they're got what they want.
-:|:- Support Request Template -:|:-
Image
"Step up to red alert. Sir, are you absolutely sure? It does mean changing the bulb"
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6671
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: are spammers vindictive?

Post by HiFiKabin »

Also remember that the scummers (sorry, I mean SPAMmers) are not looking to target intelligent people, which is why their text is full of misspelling. Yes, sometimes its just poor English but more and more often its deliberate.

If you know the spelling is bad, you are not likely to fall for the con so dump the email/whatever

If you don't know, the chances are you are more likely to fall for the con.

The result being that scammers more and more often target lower income people than higher income ones. The less you have to loose, the more likely they are to try and grab it.

Sad but true.
User avatar
AmigoJack
Registered User
Posts: 6108
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: are spammers vindictive?

Post by AmigoJack »

HiFiKabin wrote: Fri May 17, 2019 9:59 amsometimes its just poor English
Oh, the irony! :lol:
  • "The problem is probably not my English but you do not want to understand correctly. ... We will not come anybody anyway, nevertheless, it's best to shit this." Affin, 2018-11-20
  • "But this shit is not here for you. You can follow with your. Maybe the question, instead, was for you, who know, so you shoved us how you are." axe70, 2020-10-10
  • "My reaction is not to everyone, especially to you." Raptiye, 2021-02-28
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6671
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: are spammers vindictive?

Post by HiFiKabin »

Eye right English good me :P
User avatar
2600
I've Been Banned!
Posts: 2567
Joined: Fri Nov 14, 2014 5:14 pm
Location: Area-51

Re: are spammers vindictive?

Post by 2600 »

All your base belong to us. :D
Morpheus: Unfortunately, no one can be told what The Matrix is. You'll have to see it for yourself.
Hack me.
Consider a canary token.
The nature of my chosen username
:ugeek:
User avatar
potku
Registered User
Posts: 980
Joined: Wed Dec 22, 2004 10:26 pm
Location: Tampere, Finland
Contact:

Re: are spammers vindictive?

Post by potku »

All your base are belong to us. A modification of that is actually my signature on WhatsApp. :D

AmigoJack, you said it is always a bot, never a human. Did you mean in the context of what OP has described?

Human spammers are pretty much impossible to avoid. Luckily, us being a Finnish site, this is not a daily, weekly or even monthly occurence, but their latest tactic seems to be quoting a post and then changing something in that quote to insert their link or links. I find that outrageous. It is one thing to post a spam message, but modifying someone's message while quoting them is a whole new level of scum.

Surely, those could still be bots. But in one instance, I wrote something positive about a certain spammer and his post, and he then replied by liking my post. That has to be human. Are they paid by traffic of just the number of links or something else? That cannot be a very lucrative job.
Potku.net

"Before I speak, I have something important to say."

- Groucho Marx
User avatar
2600
I've Been Banned!
Posts: 2567
Joined: Fri Nov 14, 2014 5:14 pm
Location: Area-51

Re: are spammers vindictive?

Post by 2600 »

Yes, there are in fact human spammers out there, not just bots. I know that to be fact because they bypassed the captcha. And there's no way in hell there's a bot sophisticated enough now that can bypass that. This is why I hold all first time posts in moderation queue so that stuff if it even gets past my fence will NEVER see the light of day. When and if I do get a rare post that gets past my fence I report it to Stop Forum Spam. Since I have had my board up a little over 4 years now, I may have only reported 4 spammers. This chiefly due to the captcha I use and CIDRAM which will query the Stop Forum Spam database on registration and login crosschecking the IP. If it's been reported as spam they get a 403. Three times a charm and a permaban for one month and a 503 with a nice white blank page.

I can also tell you I've seen humans or bots try and fail at the captcha in my access logs. It's really quite funny. But a good majority of them are bots.

On the subject of WhatsApp. I'd look into the App and desktop program Wire. You may be better off, but I would NEVER trust someone else's platform. If you want the utmost of privacy and security you roll your own. That's why in part I have a local Team Speak server I host with encryption turned on and I only forward the ports when I use it. Plus I have Peerblock installed that blocks over 600 million IPs from many cloud providers and countries. There is Teamspeak for the phone and computer so it's quite versatile like WhatsApp,Telegram, Signal or Wire.

https://www.theguardian.com/technology/ ... hould-i-do
Morpheus: Unfortunately, no one can be told what The Matrix is. You'll have to see it for yourself.
Hack me.
Consider a canary token.
The nature of my chosen username
:ugeek:
Post Reply

Return to “phpBB Discussion”