Problems with spammers!

The 2.0.x discussion forum has been locked; this will remain read-only. The 3.0.x discussion forum has been renamed phpBB Discussion.
Real Green Team
Registered User
Posts: 107
Joined: Fri Nov 07, 2003 1:14 pm
Location: N 42°34.383' W 083°27.166'
Contact:

Problems with spammers!

Post by Real Green Team »

I was just going through my memberlist and noticed I have several new members that only appear to be referring to different drug companies.

Their user names are all different drug companies, one of them is Propecia. They all take you to websites with the same extensions

ex- http://www.alprazolam.boom.ru/

Are these some sort of data or email miner? Is there a way I can block these people?

I know there is the ban control in the admin panel, but how effective is that? Also how do I find the users IP address if they are not online? I want to block offending IPs, but I'm not sure where to find that info.
User avatar
tanfwc
Registered User
Posts: 2691
Joined: Sat Oct 11, 2003 7:10 am
Location: Singapore
Contact:

Re: Problems with spammers!

Post by tanfwc »

Real Green Team wrote: I was just going through my memberlist and noticed I have several new members that only appear to be referring to different drug companies.

Their user names are all different drug companies, one of them is Propecia. They all take you to websites with the same extensions

ex- http://www.alprazolam.boom.ru/

Are these some sort of data or email miner? Is there a way I can block these people?

I know there is the ban control in the admin panel, but how effective is that? Also how do I find the users IP address if they are not online? I want to block offending IPs, but I'm not sure where to find that info.


maybe you just want to delete their account.
User avatar
Nephrus
Former Team Member
Posts: 1178
Joined: Sat Oct 19, 2002 4:05 am
Location: Vancouver, Canada
Contact:

Post by Nephrus »

in the /contrib folder of your phpBB download, is the Visual Confirmation MOD. This will stop those registrations, and it comes with pre-modded files for your convenience. :)
[ Zelda Planet - nephrus.net - phpBB Userguide - phpBB Knowledge Base - phpBB.com Forum Rules ]
ABSOLUTELY NO support via PM/IM/email or I'll get a cow to sit on you
Real Green Team
Registered User
Posts: 107
Joined: Fri Nov 07, 2003 1:14 pm
Location: N 42°34.383' W 083°27.166'
Contact:

Post by Real Green Team »

So do I just need to upload these files?
BullmarketFrogs
Registered User
Posts: 2
Joined: Wed Sep 08, 2004 5:14 pm

Post by BullmarketFrogs »

Nephrus wrote: in the /contrib folder of your phpBB download, is the Visual Confirmation MOD.


Hmmm... I was under the impression that we had to delete this folder once we were done installing our forum. Can I go back and re-upload it, or...?

Thanks,

Carol
Real Green Team
Registered User
Posts: 107
Joined: Fri Nov 07, 2003 1:14 pm
Location: N 42°34.383' W 083°27.166'
Contact:

Post by Real Green Team »

I just downloaded it.

Just re-download the original PHPBB files.

The only problem is I have installed so many mods that would be rendered useless if I replaced these files and I dont know PHP well enough to do it myself.
Caltsar
Registered User
Posts: 2
Joined: Sun May 02, 2004 3:39 am
Location: Minnesota
Contact:

Post by Caltsar »

I get the same thing.
They're Russain spammers posting the url for a site on the boards by only filling out that information. When a search engine crawls through your page it takes the link and says to itself: "Hey this site is linking to this one! +1 karma point for the linked site!" When they do this they get a better rank in search engines. Pretty ingenious considering most people don't delete users. But for me it was kind of given away whe one person signed up for enough accounts to double my users (which isn't very many). All these accounts had the same address and email.

Anyway That's what's happening from what I can gather.
romans1423
Registered User
Posts: 1552
Joined: Sat Nov 02, 2002 4:44 pm
Location: Connersville, IN
Name: Rick Beckman
Contact:

Post by romans1423 »

BullmarketFrogs wrote:
Nephrus wrote:in the /contrib folder of your phpBB download, is the Visual Confirmation MOD.


Hmmm... I was under the impression that we had to delete this folder once we were done installing our forum. Can I go back and re-upload it, or...?

Thanks,

Carol


Yes, the /contrib directory must be deleted, but you can still open it on your computer and use the tools within it... Nothing needs to be uploaded to a remote /contrib file, so you don't have to worry about having to delete it again off of the server.
Real Green Team
Registered User
Posts: 107
Joined: Fri Nov 07, 2003 1:14 pm
Location: N 42°34.383' W 083°27.166'
Contact:

Thanks Caltsar!

Post by Real Green Team »

Those clever bastards. :evil:

That does make sense as far as page rank goes. Recipricol outside links does increase your page rank. I was trying to get my head around why they would do that.

So these are some guys from Russia huh?

Does anybody know about IP Blocking? I notice you can do it from the admin panel, but I am not sure how to get someone's IP address if they are not online? Is there a mod for this?
Shof515
Registered User
Posts: 1169
Joined: Wed Mar 19, 2003 4:36 am

Post by Shof515 »

Whos missing up my sig?
Real Green Team
Registered User
Posts: 107
Joined: Fri Nov 07, 2003 1:14 pm
Location: N 42°34.383' W 083°27.166'
Contact:

Post by Real Green Team »

Right on. I will look into this one. I don't want this to become an issue. I've already had to remove 15 accounts that all linked to the same site.

I already installed all the mods I could find for spammers and email grabbers.
colinb
Registered User
Posts: 101
Joined: Sat Jun 29, 2002 10:50 am
Location: UK
Contact:

Post by colinb »

I had this problem on my board (v2.0.6). I noticed that a lot of usernames had a certain consistency to them - all beginning with "a" and 5 seemingly-random letters afterwards. When one of my mods tipped me off, I checked the registrations and noticed that the registered email address was one of two - both relating to a ".ru" (Russia) domain. I used the email ban utility (in Admin) to put a wildcard ban on any registrations with that domain - eg: *.url.ru. I've had to do this with two such cases (each with about 20 registrations) and I'm confident that the culprit was the same person/s. Nothing since - and that was about two months ago.

Like previous posters have said, your best policy is simply to be vigilant - and a combination of banning (mail and IP where possible) plus plain old deletion of account will cope with most problems.

CB
Caltsar
Registered User
Posts: 2
Joined: Sun May 02, 2004 3:39 am
Location: Minnesota
Contact:

Post by Caltsar »

Just an update.

I've been continuing to look into this a little, and they all seem to come from the same site but redirecting to other sites. Most of these are within the US. Boom.ru seems to be the only or biggest one to do this. I have also recieved over 30 of these within the last post.

I am currently letting them in and working on pursuing this. Does anybody know about russain spam laws or are they non-existant? If worse comes to worse I'll just ban all .ru email addresses. I will also try and see if I can do something through the American companies that are employing the people to do this. If anyone wants an example of what to look for here it is: http://rollinit.com/bb/memberlist.php

I've been deleting them up to the 11th, but I have a feeling more will come.
AfghanScorpion
Registered User
Posts: 5
Joined: Sun Sep 12, 2004 3:31 am
Contact:

Post by AfghanScorpion »

I'm having the same problem on my board. I just modded my board to discard any Web site address entered during registration. A Web site can be entered after an account is activated.

I just noticed that when I registered here, my registration did not appear in the member list until after I activated it. This an even better solution!
colinb
Registered User
Posts: 101
Joined: Sat Jun 29, 2002 10:50 am
Location: UK
Contact:

Post by colinb »

Caltsar wrote: I am currently letting them in and working on pursuing this. Does anybody know about russain spam laws or are they non-existant? If worse comes to worse I'll just ban all .ru email addresses.


I would guess that the majority of the sites are run by Russian drug / porn barons or general con merchants, and with the situation being what it is in the former Soviet Union I can't see any laws having any bite whatsover with the gangsters.

I have several very good members of my board who are based in Russia, so I can't consider putting a blanket ban on all .ru domains. The wildcard email server ban is the best tool I can think of at the moment. I don't want to make registration hard for the majority of members, that's the problem - and one I'm sure we all share.

CB
Locked

Return to “2.0.x Discussion”