Recognizing forum spammers

I have noticed a spamming activity (even if it’s at its first step) on the forum and I wanted to write a few things about it.

There are several ways to spam in a forum and some of them may not be easy to recognize. Since this phenomenon is happening right now in another thread , I wanted to tell you how this spamming tactic works and how you can detect it.

Basically, some people are paid to promote stuff on forums and they use applications that automatize their activities, to maximize their profit.

One of these tactics consists into creating more than one profile in a forum, trying to behave as a normal user and, a few days or weeks later, using one profile to simulate a request for help about something and using a second profile to answer to that request, providing a link to the product/service that this person is paid to promote.

How to easily recognize these attempts:

1. If the number of posts read by a new user is zero or extremely low or if the time spent by this “person” to read posts amounts to just a few seconds/minutes, there is a good chance that the account was created by some application that doesn’t simulate the activity of a real person. You can see how many posts have been read by a user or how much time they have spent reading the forum visiting their profile page.

2. If the text of their first post is extremely generic and it has nothing to do with the main topics of the forum, I suggest to search for an entire sentence of it on Google, using quotes (") characters like this: “I am newbie here. I would like to say hello to all of you guys.”. If the search engine shows you a lot of forums containing the same text, it’s safe to assume that it was written by some kind of automatic spamming software.

3. Some forums, like this one, ask users for their favorite X when they create an account. Check the favorite X of the suspicious user (you can read it in their profile page) and see if it makes sense or if it has nothing/little to do with the main forum topics.

4. Behind these applications there are real people and that they can sometimes reply manually to threads, to show that they are not robots. For example, if you welcome them to the forum, they will probably thank you… however, they don’t spend much time writing texts that don’t produce profit and as a consequence their posts are always extremely short and rarely focused on the topic of the thread or forum.

I hope that this helps!

What´s with people who write in comment sections of websites that contain nothing but videos stuff like:“I found your blog, it has insightful writing” or something like that. What´s the use of that? How do they make money that way?

In most cases, it’s an attempt to create a link to another website, mainly because search engines use the quantity and quality of links to estimate the popularity and authoritativeness of websites.

Sometimes these links appear inside the comment, other times they are on the name of the commenter, other times they don’t appear anywhere because the software that manages the comment section didn’t accept the link or because the software used by the spammer to create the comment is awful and it didn’t manage to create the link.

The sad part of this phenomenon is that most search engines automatically ignore these spammy links in comments, but for the spammer that’s OK because he/she is paid to create any kind of link by uneducated customers who believe that any link will produce a benefit for their website.

The online marketing industry is unfortunately full of crap and ignorance.

So it´s a failed attempt, I´ve actually seen that a bunch of times.

They just throw a bunch of stuff at the wall and hope that enough sticks.

Like with those phishing mails that reference very specific banks or even names, but they sent so many that they suppose that enough people will feel concerned, it´s a probabilty thing, really.

Exactly.

Creating comments without links is also done for another reason: watermarking/fingerprinting. The spammers try to exploit a possible flaw of the website software to create comments that contain unique strings of text.

Later, they use a generic search engine to search for sites containing that unique string, which means that the exploit worked and they can invest more time on just those sites to take advantage of the flaw and do even more damage (e.g. publishing promotional pages).

This technique is quite rare, though, and the comments that you saw are probably just failed attempts.

Going back to the example you cited about two accounts communiating with each other. Have you noticed that particular sort of behaviour here already?

No, this is the first time that I see it in this forum.

There have been other spamming attempts using simpler techniques, but they were simply reported to the moderators and the posts have been promptly deleted.

@eviltrout

Does @discourse have the means to create sticky posts? I think this thread and a few others deserve not to be lost on new members.

A CAPTCHA may be helpful for this.

Unfortunately, no, because:

1. Behind the software there is always a human, who can just type/solve the captcha.

2. Spamming applications can indirectly solve any kind of captcha, using captcha-solving services

If there are not human, mostly yes. But as @LowLevel pointed out many of them actually are human.

So Captcha is nothing but a nuisance for honest people?

Not entirely, because captcha solving services are not infallible yet and because several low-cost or less sophisticated spamming applications don’t support these services. But we are going in that direction, yes.

…unless someone will invent some kind of captcha not solvable by captcha-solving services (which is really a tough goal).

Internet security is really like those Elder Scrolls games where your enemies level up with you.

There’s always this fundamental problem that if something is accessible, it means there is an access.

The only secure place is one where NOBODY can enter, not even people who have the right to enter. Otherwise, there will always be a way in for an intruder

Same goes with measures like captcha, no matter how sofisticated it is.

So basically like the atomic bomb?

I always wondered why spambots sometimes dig up very old threads for no apparent reason to post in. Seems very suspicious to me. I’ve seen that on other forums several times.

Sure does! Click the Admin wrench to the right of the topic and select ‘Pin
topic’. There are several pinning options.

7BE459D4-D70E-4C8B-BAC5-123E124980A9.png732×820 31.6 KB

In that case I´d like to suggest to @RonGilbert to pin this topic.

It depends.

If the old thread is about a very specific topic and the spammers have to promote a website about that same topic (or a similar one) then it’s better to create a link in that already existing content-rich old thread instead of creating a new (empty) thread, because a link surrounded by text coherent with the topics of the linked website is understood better (and sometimes rewarded) by search engines.

If an old thread already contains links to a website that the spammer wants to promote, replying to the thread makes it more prominent in the website hierarchy (threads with new posts are usually linked from the forum home page or from the index of a category page) and some search engines can attribute more importance to those links.