Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Spammers Are Getting Sneakier

S.B.G

S.B.G

Moderator emeritus
Original poster
Sep 8, 2010
26,921
11,010
Detroit
Over the last few days I've noticed a new trend in the way spammers make their threads and posts. They're making threads which seem relevant and appropriate to MacRumors and Apple in general, by asking questions about how to get help with something.

I've also noticed members (legit ones) responding to them as if to help out and offer advice. Sadly, when we discover the spammer we, obviously, ban them, but all the posts that the members made in the spammers thread get deleted too.

I wanted to create this thread as a public service announcement to help everyone be able to spot these spammers. I'll use an example from this morning already.

First, they seem to make a username that is an actual name, i.e. WendyAGoss

The thread title looks innocent enough:
How can I get the mac app store without paying for snow leopard?
Click to expand...

So does the body of the message:
I've tried looking at all the youtube videos and Ive come close but have ultimaltely been unsuccessful... Can anybody give me step by step instructions on how to download snow leopard for free... Its rediculous that you have to pay 30$ to get snow leopard so that you can use the mac app store.
Click to expand...

But, at the end of the message is what we typically call 'hidden image spam.' It can be identified, sometimes, by seeing what looks like a broken image tag.

Screen%20Shot%202014-06-08%20at%208.11.17%20AM.png

One way to tell, is to press the quote button and then you can see in the edit window what the URL is in the IMG tag. They've been using URL shorteners to hide their source. (I changed this one to protect you from the link, don't bother clicking on it)
h t t p://bit.ly/1454Misd
Click to expand...

I like to go to the website LongURL to find the real source of the shortened link. In this case the link went here. (I added asterisks to break the URL, but you can see that it's not a legit link, but one of spam.)
h t t p://daily****deals dot info/wp-content/uploads/2012/01/11/38/Smile.jpg
Click to expand...

I hope this is helpful to everyone in being able to spot this new way of spamming MacRumors. As usual, when you spot them, don't reply to it, but report (
report.gif
) it to us.
 
SandboxGeneral said:
Over the last few days I've noticed a new trend in the way spammers make their threads and posts. They're making threads which seem relevant and appropriate to MacRumors and Apple in general, by asking questions about how to get help with something.

I've also noticed members (legit ones) responding to them as if to help out and offer advice. Sadly, when we discover the spammer we, obviously, ban them, but all the posts that the members made in the spammers thread get deleted too.

I wanted to create this thread as a public service announcement to help everyone be able to spot these spammers. I'll use an example from this morning already.

First, they seem to make a username that is an actual name, i.e. WendyAGoss

The thread title looks innocent enough:


So does the body of the message:


But, at the end of the message is what we typically call 'hidden image spam.' It can be identified, sometimes, by seeing what looks like a broken image tag.


One way to tell, is to press the quote button and then you can see in the edit window what the URL is in the IMG tag. They've been using URL shorteners to hide their source. (I changed this one to protect you from the link, don't bother clicking on it)


I like to go to the website LongURL to find the real source of the shortened link. In this case the link went here. (I added asterisks to break the URL, but you can see that it's not a legit link, but one of spam.)


I hope this is helpful to everyone in being able to spot this new way of spamming MacRumors. As usual, when yo spot them, don't reply to it, but report (Image)it to us.
Click to expand...

Thanks for the information...it is very helpful in finding and reporting spammers.:)
 
There are different kinds of spam which should be taken in to account.

Commercial: The vast majority of forums I've visited over the last 20 years have been highly allergic to commercial spam. This seems to be something that is widely agreed upon throughout forum land.

Ego: On the other hand, most forums suffer from an abundance of what we could call "ego spam", that is, posts that serve little purpose other than to provide the poster with a cheap ego thrill.

Junk: Then there is "junk content spam", inarticulate poorly informed posts by posters who don't really have anything to say, and wouldn't know how to say it if they did, but they want to post anyway.

To it's credit, MacRumors does an above average job of managing all these spam streams. A thankless task, pretty well done.

Most forums however wail with hysterical sanctimonious moralizing about commercial spam, while allowing or even encouraging their members to fill the threads to overflowing with the other flavors of spam which degrade the reading experience just as much.

I would define spam in the forum context as being any post which is primarily about the needs of the writer instead of the needs of the reader. Seen that way, there's really not that big of a difference between commercial spam and the other flavors.
 
snberk103 said:
Thanks for the info... and happy to help. Since the broken image tag only appears 'sometimes' what else should we be looking for?

TiA
Click to expand...

If you don't see the broken image tag, look to see if it's a new member, that day with one or two posts, click on the quote button and look for a hidden URL in the message.

Otherwise, most spam around here is rather obvious, with lot's of links to watch movies [illegally] and such.
 
SandboxGeneral said:
First, they seem to make a username that is an actual name, i.e. WendyAGoss

The thread title looks innocent enough:

How can I get the mac app store without paying for snow leopard?
Click to expand...

So does the body of the message:

I've tried looking at all the youtube videos and Ive come close but have ultimaltely been unsuccessful... Can anybody give me step by step instructions on how to download snow leopard for free... Its rediculous that you have to pay 30$ to get snow leopard so that you can use the mac app store.
Click to expand...
Click to expand...

The "rediculous" question and the reply appear to have been copied verbatim from here. Quoting and searching on a dubious query is a quick way to flag if it is fraudulent. Noting that in the spam report would also be a good thing.

It would be good if google provided some automated means of seeing if content is a literal copy from elsewhere. OTOH, I suppose the spammers could start adapt to that, too. Cylons.
 
Wowzers, I hadn't noticed that before! Thanks for the heads-up. I'll make sure and report suspicious posts if I find any :)
 
It occurred to me as I clicked into this thread that the subject line would be a great line for spammers themselves to use to draw people in. Almost disappointed that's not the case. :)
 
whooleytoo said:
It occurred to me as I clicked into this thread that the subject line would be a great line for spammers themselves to use to draw people in. Almost disappointed that's not the case. :)
Click to expand...

*uses quote feature to check whooleytoo's post for hidden spam links* :p
 
Been a LOT of sneaky posts lately. Especially innocent looking "hello I'm a mom with kids and I like to get deals" kind of posts. Seen the same thing on other forums I visit too. Some of them are from regular people - but the vast majority are a spammer trying to gain credibility for later posts.

On some of the first page articles I've seen 3-4 posts like that in a row. Feel kind of bad for the mods.

Apparently the bad guys are on the attack. As an example: my main server (used for personal/business emails) has been filtering about 1 spam every 15 seconds the past few days.

On some of my sites I've had to completely disable comments due to this rapid increase. They are even bypassing systems like Disqus pretty regularly.

Spammers are going crazy! :eek:
 
Your site is pretty popular, so the spammers come.

The registration process is very easy to script. I'm not sure why people rely on captcha or questions, as your site does. It is easier for me to get the value of the captcha programmatically Vs trying to read the dang thing. I guess there's a statistic somewhere that states captcha will reduce your spam by X% and that makes it worth something.

The moderators do a fantastic job and it pretty much takes a community to keep out the spam. Thank your for the Report button so that we don't feel so helpless.

@jeremysteele: same thing, I disabled comments, which is sad, because the replies usually show me faster/better ways of doing things.
 
960design said:
Your site is pretty popular, so the spammers come.

The registration process is very easy to script. I'm not sure why people rely on captcha or questions, as your site does. It is easier for me to get the value of the captcha programmatically Vs trying to read the dang thing. I guess there's a statistic somewhere that states captcha will reduce your spam by X% and that makes it worth something.

The moderators do a fantastic job and it pretty much takes a community to keep out the spam. Thank your for the Report button so that we don't feel so helpless.

@jeremysteele: same thing, I disabled comments, which is sad, because the replies usually show me faster/better ways of doing things.
Click to expand...

Traditional captcha's are worthless since OCR is pretty good these days - and if you make them too hard even people can't do them.

I've seen newer ones that use object recognition... say... an upside down car (which direction will make it right) or you have to identify a picture of a lollypop. Believe it or not I've heard those are incredibly effective, since there's no cheap object recognition libraries out there yet (in a few years, sure).

I've heard the math tests are pretty good too (those silly what is 3+4 tests)
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back