BreakPoint

Four and a bit pages of mostly spam today. The tags are a dead giveaway and should be checked before allowing a post. I think the risk of false fails on the Indian city in question being in genuine tags is slim to none.

The spam makes me feel less motivated to visit NI Forums.

I'm waiting the day that the users can do something, or the day that NI/Lithium prevent spam.

I know that I'm not a regular here, or even important to the community, but the time that I spent here is dropping every single day.

Regards,

---

@thoult wrote:

This morning's repeated post has an attempt at the word 'Solution' in the header. The day it includes 'LabVIEW' ('L4BVI3W'?) can't be far off, surely?

---

Today it is BOILED EGG 

I tried to create a new generic account on the NI forums. Takes less than a minute.

• No CAPTCHA as part of registration
• No email verification step
• Log in
• Post away

Until Lithium/NI provides some sort of multi-step registration process, this garbage will not stop.

Good idea Phillip!

(Personally I hate those, but they do serve a purpose)

In addition to using CAPTCHA for registering a new account, maybe also use it for the first 5 or 10 posts for a new user?

-AK2DM

---

@PhillipBrooks wrote:

I tried to create a new generic account on the NI forums. Takes less than a minute.

 

• No CAPTCHA as part of registration
• No email verification step
• Log in
• Post away

---

 

Until Lithium/NI provides some sort of multi-step registration process, this garbage will not stop.

 

---

This is ridiculous! When I created my profile back in the old days, things were different, but I would have really thought that there is some e-mail verification step (of course there are plenty of disposable e-mail address providers, but these could be excluded from verification).

I thought op-in is now the norm. If NI basically runs a ffa site here, it easily explains the recent spam attacks. Captchas are good for keeping bots away, but do not deter armies of minions form ultra-low-wage countries.

As said many times, new users need more restrictions until they have a few yellow bars, for example:

1. not allowed to make the personal website public on their profile (there are plenty of new users that never post, but plant their scam address on their profile (example)). While this still boosts the NI forum bragging rights for number of new users, these are fake users and distort the statistics. We really don't need those! Artificially inflating the forum statistics is just bad.
2. Not allowed to start more that X new threads in Y minutes.
3. Not allowed to include external links in posts.
4. ...

I understand that NI needs to make the registration process as simple as possible in order not to alienate prospective customers, but this is a technical support forum and a typical NI users needs a NI profile anyway. Anyone can read any public posts without logging in, but the right to post a question should require some form of verification.

Internet communities have struggled with this problem for decades and plenty of good countermeasures have been developed. Lithium should be able to provide tools to harden the target and NI needs to enable them. Opt-in should definitely be mandatory.

---

LabVIEW Champion.

I'm surprised to that there is not e-mail verification step for creating a profile.  Not that it will stop all spammers.

Your example of a user who has never posted and has just a weblink in their profile.  How did you ever find them?  I wonder what is the point of creating that profile if it was just to spam their link out there?  A new user who never posts has zero visibility on the forums.  Even a user who posts regularly has very little visibility for a weblink in their profile.  Unless you go digging in the back of your cupboard looking for that can of spam by clicking into someone's profile, you'll never see it.

Limits on posting rate of new threads by low-ranking users would help a lot, but I wonder if Lithium has this capability within their webhosting capabilities?

For the most part, there is very little work being put in by these spammers.  It is probably only one.  It seems their MO is to create a new profile once or twice a day.  That would be a manual process to create the user, but only takes a few minutes.  Even captcha or e-mail verification won't slow that down much or prevent it.  Then they launch theirprogram to automatically post the spam at that low rate of once per minute.

I don't get the point of this spam.  They are advertising services, but they usually aren't providing any links for someone to partake of those services even for the small percentage of users on this forum who are geographically close enough if they were so inclined.

---

@RavensFan wrote:

I I wonder what is the point of creating that profile if it was just to spam their link out there?

---

Many of these advertised outfits are acually victims themselves of so-called SEO companies that, for a fee, promise to increase search engine rankings. They might hold online courses or local "seminars", blabbering for a while with general tips, then pushing their services. For example if you are in india and are looking for an e-scort service via a web search, the slick sales argument of the crook would be that he can guarantee that the first match might be our forum friend, while another, similar e-scort service only shows up on page two. The buisiness ramifications of search rankings can be potentially huge (on paper). These SEO companies hire students for minimum wage to plaster the links wherever they can (similar to graffity taggers, nothing is offlimits).  They might also employ bots to target vulnerable websites via compromised machines, etc.

The (never mentioned) fact is that these methods don't actually work. For example the google crawlers have discounted web links found in discussion forums to basically zero, or even negative weight.

Of course it will not work, so the next month the argument is that it needs a little more time to spread, maybe upgrade to a more powerful plan, and so on. The world is full of suckers so there is basically an unlimited supply of potential clients. We''ll see how many more months the current spam type will continue until the company wises up. However I guarantee that there will be others to take their place. 😞

---

LabVIEW Champion.

---

@altenbach wrote:

... Internet communities have struggled with this problem for decades and plenty of good countermeasures have been developed. Lithium should be able to provide tools to harden the target and NI needs to enable them. Opt-in should definitely be mandatory.

---

I've never experienced a forum that was so easily spammed. And I've been on hundreds of blogs and forums since Al Gore invented the Internet.