• Welcome to Computer Association of SIUE - Forums.
 

Spam

Started by William Grim, 2008-06-03T19:23:09-05:00 (Tuesday)

Previous topic - Next topic

William Grim

What's the deal with all the spam the CAOS site has been getting recently?  I saw some sort of ad for porn this morning.  Perhaps the CAPTCHA system is broken for us or they've found a backdoor into the system.  There aren't any newer security modules for SMF?
William Grim
IT Associate, Morgan Stanley

Gregory Bartholomew

Check out the below article that made it to the top of digg a little while back:

http://arstechnica.com/news.ars/post/20080415-gone-in-60-seconds-spambot-cracks-livehotmail-captcha.html

I guess that I'll have to look into finding a stronger CAPTCHA system for CAOS.  In the mean while, I need the moderators to delete these things as soon as they see them so that as few people as possible will be exposed to the content.

Note to moderators: The best way to delete the SPAM messages is to delete them along with the account(s) that they have created so that they cannot re-use the account they have generated (to do so, check the box AND select the "delete all posts and topics" option in the drop-down menu).  An easy way to do this is to click on the "Members" tab and then sort the list by the date of the creation of the accounts (you will have to click the column heading twice to get it sorted with the newest ones first).   Click on the top-most (newest) account and look at the email address.  Anything that is not an siue.edu or gmail.com address is suspect.  Those that are in the "ru" (russia) domain are most certainly spam accounts.  You should also click on the "recent posts by this user" link to see if their posts look legitimate.  Also, it is not uncommon for spam bots to create several accounts at once as they are running against the website.  If you see a whole series of accounts with nonsensical names all created at the same time, inspect them all, not just the one(s) that happen to have actually made a post (the spam bot may have the other accounts reserved in its database for latter use).  In a few cases, it may come down to a judgement call on your part as to whether or not an account is a spam account.  Those who are moderators are so because we trust your judgement.  If you accidently delete a legitimate account, we can only hope that the user will recreate their account without any hurt feelings.  I may promote several of the frequent users to moderator so that you can assist with keeping these spam messages deleted in a timely manner.

gb
......