Spam attacks on this forum

Currently we are starting to get a new kind of attack from spambots (or spam posting humans).

The spammer creates a new account, then copy-pastes a programming question from Reddit r/Processing.

They then return many hours or days later and edit ad links or malware links into their original posts.

Our spam filters aren’t catching this – and of course we aren’t either, responding to these (legitimate) reddit questions with full answers. I’m opening this community thread to let people know, and also take suggestions.

4 Likes

I’m now also moving some comments and discussions from spam examples into this thread. They link back to spambot examples (until they are removed).

spambot post (this spambot already flagged by another post), looks like from reddit

https://www.google.com/search?q=reddit+"i+write+a+lot+of+letters+and+e-mails"

Another reddit copying spambot

Another spambot copying from Reddit:

Well, it looks like @anon43149899 is another spambot, like @LennoxConner – mirroring legitimate reddit questions for us to answer:

…and then injecting random malware spam later:

Understanding these concepts is key - they translate eas
https: //getappvalley.com/ [https: //vlc.onl](https: //vlc.onl/) ily to any other programming language you may use later.

I’m temporarily leaving these up so we can look at them / talk about it. If I delete the user it will also delete all their posts, removing all the answers.

1 Like

Well, this is a real bummer. Looks like the @LennoxConner account copies reddit posts from the Processing reddit channel,

…then waits a while before injecting them with random spam.

It did it twice, and since they were (copies of) legitimate user questions, we answered them.

Then it vandalized them with spam later.

@GoToLoop – are you still an active r/processing reddit user, and have you seen things like this before?

I am trying to think about a quick way to screen for these things. @Kevin sometimes signals when a person has cross-posted from StackOverflow without cross-linking – I’m assuming that is periodic manual checking – but this is automated and involves malware, not bad manners.

1 Like

Yup, I check on Reddit.com/r/processing daily, but seldom reply to anything there.

When I spot an obvious cross-post, I usually post a link to each other.

1 Like

Would it be possible to prevent external links in posts until you get a certain badge? Then it might require too much effort for spammers to persist.

4 Likes

Yeah, this is just me manually noticing the same post in multiple places.

I know admins can ban a user’s IP address, would that help at all here?

1 Like

I’ve gone ahead and marked all posts as spam to help train, then banned and banned the IPs on the accounts – but we just got some more new accounts with reddit-copy first posts. Right now the ability of new users to first-post without moderation (usually) and to post a link (to a p5 sketch, or github, or an arduino peripheral etc.) really helps people. I really hope we don’t have to shut that down. We’ll keep an eye on it.

Many of the spam links were odd – like .onl or .ooo, not .com – so they should be easy to train on.

a crawler could collect all links in the forum (in a hashMap).

  • all links up to today are marked as okay
  • a new link is checked against the old links
  • if it’s new, it shows them in an extra list

Does the spam appear in all categories or just in Processing?

Multiple categories so far – processing code, project guidance, libraries. although some might be being moved into those categories by mods.