That's not good... the site is vulnerable to spammers. Is the registration process too easy to automate?

I have just noticed there is a whole load of spam coming in. Is it all from the same place?

Nigel

yup.

This is insane! I've never seen such a large amount of spam in one day in all my time on LQ :/.

The're all in 163DATA.COM.CN and CNDATA.COM, basically 222.186.24.0/24, 60.169.73.0/24, 117.41.185.0/24 and 122.226.223.0/24 and all account names are easily recognizable as they all have a seemingly-R/L-like {firstname}{surname} handle.

I was actually thinking of starting a thread on this in LQ S&F, as I had noticed a bunch of profiles "crawling" LQ /General which all had zero posts and the same birth date (Nov 30). I decided against it because I figured that maybe my sample size wasn't big enough and it could have just been a coincidence. :-\

So much spam that we've probably spammed the mods with spam roports. Sorry mods/amins.

BTW, why is it I never seen 'egg sausage and bacon' spam, its always damned handbags/shoes/clothing?

"This too shall pass".

The surprising part for me was, that this
spammer didn't include any "hyperlinks"!
He expected us to STFW or he was dumb?

Apologies to the mods from me also.I have reported a number of 'spam-like' posts myself before discovering this thread.

...at least Jeremy's on the case now. Should see some progress RSN.

We have quite a few ant-spam measures in place and effectively block thousands of spam messages a day. This recent attack has been cleaned up and is something completely new from what I can tell. We're looking into how to prevent it moving forward now.

--jeremy

Really? The spammer (and I'm sure it's one person) didn't bother to have each bot register from a different proxy? I'm shocked.

Also, since most of the spam posts had the same post bodies, programming the forum software to reject those specific strings would have worked temporarily.

Just a quick note that we've cleaned things up. This was a new type of attack that our current spam filters (which catch an absolutely huge amount of spam) missed. I'd like to thank the mod team for their diligence and the members for their patience during this attack. Moving forward I think we have this one sorted out, but if you notice anything else odd, please let me know. Also, I do have one request. While we *really* appreciate the reported posts, if members could refrain from actually posting in the threads themselves (be it about the spam or responding to the spammer), we'd really appreciate it. While we have automated ways to remove the posts from the spammers, there's no way for us to automatically remove posts from legitimate members about the spam. Thanks again.

--jeremy

Glad that it's sorted out now. One question: is it better to just report a single post from a spammer, rather than every one? I started doing the former when I realised there was a large scale attack, so as not to fill up people's inboxes.