Jump to content

Recommended Posts

deleted posts and have suspended.

 

unfortunately I think he got PM's out to the board again. Same link as before.

Do not click the link in the PM folks unless you want to visit an adult site.

Share this post


Link to post
Share on other sites

I have now gotten spam from both muzrinkl and mignulikz.

 

To the admins - my suggestion is to suspend new accounts for a few days until this passes and then added in human challenge for creating a new account. The simplest is to require that two number be added correctly.

Share this post


Link to post
Share on other sites
I have now gotten spam from both muzrinkl and mignulikz.

 

To the admins - my suggestion is to suspend new accounts for a few days until this passes and then added in human challenge for creating a new account. The simplest is to require that two number be added correctly.

 

 

Same for me today

Mark

Share this post


Link to post
Share on other sites

Hey guys. Just a quick note to let you know that this doesn't necessarily mean that the site has been compromised in any way. Any person can PM any person here, and it may just be a script that grabs all usernames from the membership list and then waits a certain amount of time (to avoid flood control) to send a new PM. It's easily scripted.

 

It should also be easily fixed by putting a CAPTCHA (or equivalent) on the PM page.

 

Matt, Cor and I will be back and able to take real action in a few days. Until then, we'll suspend this guy and keep our eyes out for more suspicious behavior.

 

Thanks for your patience!

Share this post


Link to post
Share on other sites

That was a the best viagra I've ordered this week and I've made so many nice Adult Friends! :) Seriously, anyone who had to click to discover that this was spam has been sucking way to much trimix.

 

For those who are new to the InterWebs, a quick primer on this type of spam:

Getting a PM from someone you don't recognize with a subject line that doesn't make sense or is generic should alert you that it's 99% likely spam. However, if you're *really* curious and want to confirm your hunch and you login to your PMs and see a wacky link it's obviously spam! If you're still *painfully, desperately* curious, then hover over the link and your browser will display the target url--this should confirm, through every last fiber of your being that it's spam! Then, if you still click the link, then you're either:

a. without a shred of common sense

b. an outright moron

c. George Bush (both a and b above)

d. Actually looking for an 'Adult Friend' and/or bogus Viagra but in all the wrong places.

 

Rant over. Travel safely my moderator friends!

Dave

Share this post


Link to post
Share on other sites

Following up on what Eric said, this seems to be a problem happening with a few other web forums this week. The software company has released a patch and we'll try to get it all sorted once the development team is back.

 

Cheers

James

Share this post


Link to post
Share on other sites

Hello, all. As James mentioned, IPB has issued a patch that does PM flood control and puts a CAPTCHA (the graphical word/number you have to type in when you register) on the PM screen. This will ensure that bots cannot PM spam anymore.

 

It may take a few days for us to get this done, since all of the moderators with technical know-how are currently traveling. Don't worry -- we're trying to get home and will do this update as soon as we possible can!

 

For now, the two spammers' accounts have been deleted, and anyone who wants to spam via PM again will have to go through the normal process of signing up for a new account and posting somewhere in order to become validated. The initial posts these spammers use are all pretty obvious -- report them early, and hopefully, we'll get to them before they manage to send anymore PMs.

 

Thanks for your patience, everyone. We'll try hard to make it as hard as possible for spammers to do anything here again, although it is always a game of catch-up as they find new ways to get in.

Share this post


Link to post
Share on other sites

I've just applied the patch. Here's the message I'm going to post on the front page:

 

The software we use to run the forum has recently been under attack by a new way of spamming that involves humans (to get by the validation process) and automated bots (to PM everyone, over time). Other forums that run the same software have reported similar issues.

 

We have applied a software patch that does PM flood control on the PM screen, which means that members will not be able to send more than 1 personal message every 6 minutes. This will ensure that bots cannot PM spam anymore. In addition, we have disabled BBCODE in the PM system, so it will be impossible to send formatted text (or active links) in personal messages.

 

Anyone who still wants send many PMs will have to go through the normal process of signing up for a new account and posting a message in order to become validated, which is how we have prevented most spammers from having access to our forums. The initial post these spammers use to become full members are all pretty obvious and are normally off topic -- report them early, and hopefully, we'll get to them before they manage to send anymore PMs.

 

We're told that the upcoming version of our forum software includes a centralized SPAM reporting and banning service, which means that as soon as one of these guys hits one forum, they will be banned on all of them. This is the same method that most blogs use for anti-comment spam, and has been shown to be extremely effective.

 

Thanks for your patience, everyone. We'll try hard to make it as hard as possible for spammers to do anything here again, although it is always a game of catch-up as they find new ways to get in.

 

If you have other issues, please contact us at http://wetpixel.com/contact

 

Best,

Eric Cheng

Publisher/Editor, Wetpixel.com

Share this post


Link to post
Share on other sites
I've just applied the patch. Here's the message I'm going to post on the front page:

 

The software we use to run the forum has recently been under attack by a new way of spamming that involves humans (to get by the validation process) and automated bots (to PM everyone, over time). Other forums that run the same software have reported similar issues.

 

We have applied a software patch that does PM flood control on the PM screen, which means that members will not be able to send more than 1 personal message every 6 minutes. This will ensure that bots cannot PM spam anymore. In addition, we have disabled BBCODE in the PM system, so it will be impossible to send formatted text (or active links) in personal messages.

 

Anyone who still wants send many PMs will have to go through the normal process of signing up for a new account and posting a message in order to become validated, which is how we have prevented most spammers from having access to our forums. The initial post these spammers use to become full members are all pretty obvious and are normally off topic -- report them early, and hopefully, we'll get to them before they manage to send anymore PMs.

 

We're told that the upcoming version of our forum software includes a centralized SPAM reporting and banning service, which means that as soon as one of these guys hits one forum, they will be banned on all of them. This is the same method that most blogs use for anti-comment spam, and has been shown to be extremely effective.

 

Thanks for your patience, everyone. We'll try hard to make it as hard as possible for spammers to do anything here again, although it is always a game of catch-up as they find new ways to get in.

 

If you have other issues, please contact us at http://wetpixel.com/contact

 

Best,

Eric Cheng

Publisher/Editor, Wetpixel.com

Good job Eric! I knew you guys would take care of this idiot. Keep up the good work.

 

Bob

Share this post


Link to post
Share on other sites

Guess I was too late, got a couple of pm's to the porn site. Guess its been taken care of.

 

Tony

Share this post


Link to post
Share on other sites

Ola got a spam too... from... muzrinkl I don't know if he's the same character as was reported but it's also a link to a porno site. FYI

Share this post


Link to post
Share on other sites

Guys -- be sure to check the date of the PM before you write a message here telling us that you received one.

 

Also, I just added this to the front page post:

 

This spam situation was not much different than a normal user logging in, listing all members, and sending personal messages to everyone, one by one. The only differences was the content and the script that (presumably) automated the process. No spammers were able to get your email address. By default, Wetpixel hides your email address, but if it makes you feel better, you can go into your Email Settings and make sure that "Hide my email address from other members" is checked.

 

The reason some of you received the PM as an email is that your Email Settings are set to do so. To turn this off, go to Email Settings and uncheck "Send a notification email when I receive a new private message".

 

If you'd like to turn off personal messaging, go to Board Settings and set "Disable your personal messenger?" to "Yes".

 

We received some support emails from people who were "outraged" by this incident, and we feel for you. I suggest you turn off your email notification settings so that Wetpixel cannot intrude into your private lives again, even if something like this happens again. We are trying our best here.

Share this post


Link to post
Share on other sites

By the way, another user just created an account and posted 15 bogus messages with message content "aaaaaaaaaaa" or something like that. I deleted the user, but if you see any other posts like that, please report them so we can deal with them before they start trying to PM spam. The good thing is that they can no longer send more than 1 PM every few minutes, so even if they get on the board they won't be able to do too much damage.

Share this post


Link to post
Share on other sites

Sponsors

Advertisements



×
×
  • Create New...