[TriLUG] phpBB and spam FW: Activate user account

Brian Phelps brphelps at ieee.org
Wed Apr 29 23:50:03 EDT 2009


Just shooting from the hip here but:
Are these spam bots specifically written for your site?  What do you
know about the way the spam bots operate?

If they are generic bots, change the layout around a bit to "break"
the bot.  Make the submit button the cancel button and vice versa, but
make the fake text invisible, but the real text visible by embedding
it in pics for the buttons.

You might even be able to trick the bot into submitting fake posts and
thinking it was successful.

Or maybe trick the bot into thinking the site is not a phpbb forum at
all, if you know enough about your attackers software.

On Wed, Apr 29, 2009 at 12:45 PM, Jim Ray <jim at neuse.net> wrote:
> As some of you may know, I had a calling, became ordained and started a congregation on the internet:
>
> http://www.internetcongregation.org
>
> Unfortunately, I receive fake user account activation with links to pr0n sites and had rather folks use their own web sites for that type of activity. Mine is for discussing God and love.
>
> Even with the CAPTCHA thingie, I can not figure out a way to prevent these bots from trying to become a member of the forum.
>
> Does anybody have a secret sauce they use to handle the situation, or is it just the nature of the beast?
>
> Regards,
>
> Rev. Jim
>
> -----Original Message-----
> From: jim at neuse.net [mailto:jim at neuse.net]
> Sent: Wednesday, April 29, 2009 11:50 AM
> To: Jim Ray
> Subject: Activate user account
>
> Hello,
>
> The account owned by "iodisalmMyday" has been deactivated or newly created,
> you should check the details of this user (if required) and handle it
> appropriately.
>
> Use this link to view the user's profile:
> http://www.internetcongregation.org/memberlist.php?mode=viewprofile&u=123
>
> Use this link to activate the account:
>
> http://www.internetcongregation.org/ucp.php?mode=activate&u=123&k=3C4RIG8NB1
>
>
> --
> Thanks, The Management
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>



More information about the TriLUG mailing list