More Suspect Members

[Jaeh]

Deleted about 200 spam accounts.

The carnage. 

[Fyrchick]

Deleted about 200 spam accounts.

Just curious... if you delete them then they shouldn't show up in the members list, right? (It seems obvious, but we all know where assuming gets us.) I would hate to be sending duplicate links.

AND, although a new book is due any minute, the number of new registrations is CRAZY. Especially the ones with names like ugoasi&6AQ and Guriw&&6%$#78 and ones in Russian and Garbage. I know you don't have the time to sit and sift through them, but there were 236 new accounts yesterday alone. I'm not sure what changed, and I'm not sure if it really affects anything, but I thought you might like to know!

[El Diablo]

What's happening is that there's a script out there that can tag SMF forums and add accounts without human intervention. I ran into a similar problem a few years back with my Snitz forum - but easily defeated the scripts with simply adding a textbox to the member add page that expected a value of 123 - On the page before it (the I agree page) I added a label saying "REMEMBER THE SECRET CODE IS 123 , YOU HAVE TO ADD THAT TO GET AN ACCOUNT!).

I went from hundreds of spam accounts to none.

[Jaeh]

personally I'm fascinated by the verification boxes where you need to add numbers.

but I dunno if they're effective.

[El Diablo]

They are, the script just gets the error page instead of a successful add. Since you are stopping the post with a simple if/then, you kill off all the scripts and just have to worry about actual humans doing it.

It can also be done on sites that don't require a membership to post, just include the check on the post page.

[Jaeh]

and another q - do captcha stuff really work?

[El Diablo]

Yes and no.
Captcha has been compromised , so some sites that include it as a forum feature to enable have had issues with it. If it's an automatic installation bit, chances are you'll have more issues than someone who does their own implementation of it. The reason behind that is the automatic or plug in ones have the source code sitting out there free to use and view - so you code around it. Whereas if you implement your unique way of doing it, the source code is unavailable for exploit - meaning that there needs to be a human involved - and spammers generally prefer to infect many sites, rather than stumble across one unique set up and make an effort (course that also depends on the site and traffic - big busy sites are worth the effort, small sites like my own aren't).

[Wizard H]

This one is particularly blunt:
http://www.jimbutcheronline.com/bb/index.php?action=profile;u=36153

[Dina]

The first names appearing when you click on "members" have to disappear too.

[Fyrchick]

I have found that pretty much any new member with an ICQ icon is a bot account. 3500 new members this month so far... it amazes me.

[Chiroptera]

http://www.jimbutcheronline.com/bb/index.php?action=profile;u=36270

[Sydna]

We seem to be getting more and more spam.

That one is all over the board.

[Dina]

There is no chance of having something like the "report moderator" button, specific for suspect members. It would be much easier if we could tagged them instead of needing to go the profile and insert the URL here.
Another option is, for example, that all accounts that had not activity in the first 2 months would be deleted. We could make an specific thread for legitimate lurkers to post just a "I am legitimate" text.
Remember anyway than probably many real people has decided to join us to comment the book.

[Chiroptera]

Yeah, I wasn't thinking.  I could have just reported to moderator on that one since they already posted - numerous time.

[Priscellie]

Just curious... if you delete them then they shouldn't show up in the members list, right? (It seems obvious, but we all know where assuming gets us.) I would hate to be sending duplicate links.

AND, although a new book is due any minute, the number of new registrations is CRAZY. Especially the ones with names like ugoasi&6AQ and Guriw&&6%$#78 and ones in Russian and Garbage. I know you don't have the time to sit and sift through them, but there were 236 new accounts yesterday alone. I'm not sure what changed, and I'm not sure if it really affects anything, but I thought you might like to know!

Correctamundo--they don't show up as members when I delete them.

And I make a habit of purging new registrations that have not been activated after 45 days.  Most of the spam registrations are stopped by the CAPTCHA and just take up electrons.