Forum spam

From Wikipedia, the free encyclopedia

Image:Merge-arrow.svg

It has been suggested that this article or section be merged into Internet spam. (Discuss)

Image:Question book-3.svg

This article does not cite any references or sources. (April 2007) Please help improve this article by adding citations to reliable sources. Unverifiable material may be challenged and removed.

Image:Broom icon.svg

This article may require cleanup to meet Wikipedia's quality standards. Please improve this article if you can. (November 2007)

Image:Wikitext.svg

This article or section needs to be wikified to meet Wikipedia's quality standards. Please help improve this article with relevant internal links. (November 2007)

Spam is the posting of advertisements, abusive, or unneeded messages on Internet forums. It is generally posted by automated spambots.

Contents 1 Spambots 2 Types of spam 3 Effects of spam 4 Spam prevention 5 References 6 See also 7 External links

[edit] Spambots

Spambots are automated programs designed to register on forums, disseminate spam, and leave. They usually supply a fake name, freebase email address, and sometimes mask their true IP address. Spammers can set the message that the spambot will post. Most spambots target one specific forum software or hosting company. Spambots are easy to identify by the nature of the message they leave, or the links in the signature. A typical post contains no topical content, but is accompanied by either spam links in the post itself, or in the user's signature. Some spambots will never post, and rely on the links in their signature to increase their search engine visibility. Looking up the spambot's user name with a search engine will often reveal thousands of registrations in unrelated forums.

An example of a spambot which has gained some notoriety since November of 2006 is XRumer. XRumer attempts to bypass anti-spamming mechanisms put in place by forum administrators, with some success. It uses a database of known HTTP proxies to mask the IP address of the poster, making it difficult for administrators to use a naive IP-banning mechanism.

[edit] Types of spam

Most spambot forum spam consists of links, with the dual goals of increasing search engine visibility in highly competitive areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating more traffic for these commercial websites. Some of these links contain code to track the spambot's identity if a sale goes through, when the spammer behind the spambot works on commission.

Spam posts may contain anything from a single link, to dozens of links. Text content is minimal, usually innocuous and unrelated to the forum's topic. Full banner advertisements have also been reported.

Alternately, the spam links are posted in the user's signature, in which case the spambot will never post. The link sits quietly in the signature field, where it is most likely to be harvested by search engine spiders than discovered by forum administrators and moderators.

Recently, a very destructive and malicious forum spam attacks are propagated by inserting into comments redirect domains with an automated posting script like Xrumer, these domains redirect a user to pornographic Websites, which display adult images. If a user click on the image or attempts to close the Website an ActiveX codec will be downloaded as a Zlob Trojan^[1].

Spam can also be described as posts that have no relevance to the threads topic, or have no purpose in general (e.i, a user typing "CABBAGES!" or other such useless posts in an important news thread).

[edit] Effects of spam

Spam prevention and deletions measurably increase the workload of forum administrators and moderators. The amount of time and resources spent keeping a forum spam free contributes significantly to labour cost, and the skill required in the running of a public forum. Marginally profitable or smaller forums may be permanently closed by administrators. Forums that do not require registration are becoming rare.

[edit] Spam prevention

• Flood control: This forces users to wait for a short interval between making posts to the forum, thus preventing spambots from flooding the forum with repeated spam messages.
• Registration control:
  • Some forums employ CAPTCHA (visual confirmation) routines on their registration pages to prevent spambots carrying out automated registrations. Simple CAPTCHA systems which display alphanumeric characters have proven vulnerable to optical character recognition software but those that scramble the characters appear to be far more effective.
  • Alternative is Textual Confirmation, promoted by bbAntiSpam: user should answer a random question to prove he/she isn't a spambot. Many people consider this method controversial, but it's one of the best spam protection methods for phpBB2.
• Authorative voice: Using an external filtering service, such as Akismet, to get a verdict if the data is spam or not.
• Posting limits: Limit posting to registered users and/or require that the user pass a CAPTCHA test before posting.
• Registration restrictions: Applying careful restrictions can seriously impact bogus and spambot registrations. One approach consists in the denial of registration from certain domain extensions that are a major source of spambots such .ru, .br, .biz, or freebase addresses such as "gawab.com". Another, more labor-intensive, consists in manual examination of new registrants. This examination looks at several indicators. First, spambots often delay email confirmation by several hours, while humans will confirm promptly. Second, spambots will tend to create user names that are unique, and unlikely to already be used in the forum, preferring "John84731" or "JohnbassKeepsie" to the much more common "John." Third, using a search engine to investigate, one finds hundreds, if not thousands of profiles using the spambot login name, sometimes with the diagnostic spam post, or "banned" label.
• Changing technical details of the forum software to confuse bots - for example, changing "agreed=true" to "mode=agreed" in the registration page of phpBB.
• Block posts or registrations that contain certain blacklisted words.
• Be wary of IPs used by untrusted posters (anonymous posts or newly registered users). A useful technique for proactive detection of well-known spammer proxies is to query a search engine for this IP. It will show up on pages that specialize in the listing of proxies.
• Some forums also have their own "spam subforums" to direct spam off their main site.

[edit] References

1. ^ PHSDL - Project Honeypot Spam Domains List Zlob Trojan Forum Spam Documentation

[edit] See also

• Signal-to-noise ratio

[edit] External links

• How to Block phpbb Spam. Plus email/IP address Blacklists (The phpbb spambot honeypot project)
• A list of open proxy and bot IPs. Ban IPs on this list to prevent comment spam.
• An on-line widget you can use to count Google hits on an IP. This allows you to automate your banning responses to a certain extent.
• On-line database of known forum spammers. It can be used to update ban lists.
• Spam Bots and CAPTCHAs. Stories from the web spam fighters.

v • d • e Spamming
General	History of spamming · Network Abuse Clearinghouse
E-mail spam	Address munging · Bulk email software · Dictionary spamming · Directory Harvest Attack · DNSBL · Spambot · Pink contract
Spam over other protocols	Autodialer · Flyposting · Messaging spam · Mobile phone spam · Newsgroup spam · Telemarketing · VoIP spam
Anti-spam techniques	Disposable e-mail address · E-mail authentication · SORBS · SpamCop · Spamhaus · List poisoning · Bayesian spam filtering
Spamdexing	Keyword stuffing · Google bomb · Scraper site · Link farm · Webring · Cloaking · Doorway page · URL redirection · Spam blogs · Sping · Forum spam · Blog spam · Referer spam
Internet fraud	Advance fee fraud · Lottery scam · Make Money Fast · Microcap stock fraud · Phishing · Vishing

cs:Komentářový spam

de:Spam