The recent Temu stranglehold

[Cheese]

I'm not interested in creating drama but I am very interested in why the recent Temu spam has been so significant for the last 5+ days? Is this new platform easier to break through? With the old software this wasn't really an issue except for the occasional "Miners" spam which consisted of maybe 3-5 messages and then they were done for several weeks/months.

This Temu stuff is on a completely different level. It's a constant 10+ message barrage and it may happen several times every day for several days in a row.

Just curious why this is so prevalent? I'd imagine that if you upgrade to a newer software platform there would also be better spam protection.

On another note, is there something the admin would advise the members of when reporting spam?

 

[luvmytoolz]

I tried reporting some last night but I hit the minimum wait between reporting. Most of the spammers averaged between 5-18 messages I noted, a few simple settings could stop this.

1 - Allow members in good standing (for example 2-3 years at least) to report multiple accounts with no minimum wait time
2 - Limit the amount of posts in a 24 hour period a new account can make
3 - Geoblock temporarily when multiple new account activations from a source IP are done in a given short period, this last one can be trickier to implement, but I'm assuming the DDOS/firewall on the perimeter could do this.

 

[smorgasbord]

As I posted in the other thread, I think that we should limit new accounts to posting only one new thread every 24 hours. That let's a newbie post one new question a day, but he/she can respond to posts in that (or any other thread) multiple times.

 

[Cheese]

Ya, I was also time limited which I thought was weird because the spammers were able to post faster than I was able to report.

In my mind there needs to be a serious firewall (?) installed such that any spam is taken down immediately. If the spam gets through and stays up for even 5 minutes...the spammers consider that a win because of the potential audience they've addressed..

LMT...I'd take your suggestion one step further, "allow members in good standing (for example 2-3 years at least) to TAKE DOWN the spammers posts. What's the downside? There would be a lot to gain and little to lose. These discussions were not broached with the previous platform because these issues didn't appear to exist with the previous platform.

 

[Cheese]

As I posted in the other thread, I think that we should limit new accounts to posting only one new thread every 24 hours. That let's a newbie post one new question a day, but he/she can respond to posts in that (or any other thread) multiple times.

That's a great, easy to implement and simple solution to the problem...it's known as common sense.

 

[luvmytoolz]

LMT...I'd take your suggestion one step further, "allow members in good standing (for example 2-3 years at least) to TAKE DOWN the spammers posts. What's the downside? There would be a lot to gain and little to lose. These discussions were not broached with the previous platform because these issues didn't appear to exist with the previous platform.

I did initially think about adding that, but thought that even though the members on this board exhibit a lot more decorum than I've seen on many others, it might still be considered a little too "political" for a member to have that power.

 

[onocoffee]

I've only noticed the spam since yesterday - and since the new version of the board started, I've mainly been using the New Posts feature, so they're just stacked on top of each other.

 

[luvmytoolz]

I've only noticed the spam since yesterday - and since the new version of the board started, I've mainly been using the New Posts feature, so they're just stacked on top of each other.

Yesterday was the worst by far, 5 pages of spam.

 

[Crispy]

I think i hit page 3 before i found a normal thread post last night, but the last couple of days have been like what the.....
I wasnt sure about posting a 'what is with the temu threads' assuming everyone else would have noticed them also.

 

[MikeGE]

Based on my experience with XenForo, no matter how smart I think I am, the spam developers are much smarter. It is a continuous game of Whack-A-Mole and the spam countermeasures are usually one or two steps behind the new attack methods. XenForo has a great filter for catching robot spam accounts, but some still make it through.

On one of my former sites, the integrated spam filter rejected about 250 robot spam registration attempts each day.

For those interested in reporting spam accounts, don't waste your time reporting each post, as this is not necessary. Instead, report the spammer's account using the process below.

1. Click on the member name. A new window will pop up showing more information.




2. Click on the member name in this window. The member's profile will appear.





3. Click on the "Report" button to open the dialog window.




4. Type an appropriate alert message that the Staff will see and click the "Report" button. This will generate a new thread for the staff.

 

[Vondawg]

Thanks as always @MikeGE

 

[Cheese]

Ya thanks Mike that's the kind of info I was looking for. Not knowing any better, I just kept reporting every post and that was an endless process.

Mike, curious if smorgasbord's suggestion above would help alleviate the problem?

 

[ChuckM]

Curious question:

Did the spammers do it manually (registering and creating a new account, making the posts) or was a program used to generate the spam posts automatically?

 

[semenza]

If you do want to just use the "report a post" button for convenience, then just report one post from the spamming member. No need to report them all since we will can them anyway.

Seth

 

[MikeGE]

Mike, curious if smorgasbord's suggestion above would help alleviate the problem?

Controlling spam accounts is a balance between punishing the spammers, the legitimate members, and the volunteer Staff. There is a way to create a buffer for newly registered members, but it requires more work from the Staff, especially the Administrators who must create the buffer and manually moderate the new posts in the queue. Any other options, such as manual moderation of new members definitely puts more burden on the Staff.

One method that used to be effective was the flood check. This is a minimum delay time between successive posts, and I think the default time is 30 seconds. This stopped the machine gun robots, but now this is widely known and the robots increase the pause time between posts. Since the flood delay is a global setting, it affects all member groups (except for those specifically excluded in the AdminCP).

Curious question:

Did the spammers do it manually (registering and creating a new account, making the posts) or was a program used to generate the spam posts automatically?

Other that manual moderation for new members, not much will prevent the lone wolf spammer from getting through. The recent Temu accounts are robots and are successful through brute force methods, such as attempting hundreds (or thousands) of registrations a day. The FOG is not alone in the recent spamming attacks.

 

[woodferret]

Can you just mod sink a Post based on content? I've pretty much bucketed the keyword temu on the FB groups I manage.

 

[MikeGE]

Can you just mod sink a Post based on content? I've pretty much bucketed the keyword temu on the FB groups I manage.

There are certainly ways to prevent posts that contain banned words or phrases, but the process is global. If "temu" is added to the banned word list and you start a thread that has a title similar to "Has anyone purchased from Temu?", your thread will be flagged and the action taken (rejected or added to the Moderator Queue for manual approval) will depend on the setting in the AdminCP.

As I wrote earlier, the spam developers are smart and know about the censor features of the various discussion board software. During the most recent surge in spam posts, I've seen variation in the spelling of "temu", such as "t e m u", Tëmu, T€MU, TΣMU, and so on. Trying to target every variation that makes it through the spam filters is not practical.

 

[smorgasbord]

XenForo features: Spam management

Ugh. Yeah, we understand.

xenforo.com

How high could the second item be set to? Thousands of seconds? Maybe the first item should be a few minutes, too.

Plus the page says:
"Potential spammers must defeat our numerous CAPTCHA integrations and pass checks against external registers of known spammers before they can plaster their mess over XenForo forums."

Is that enabled, or perhaps not all enabled?

 

[Vtshopdog]

I’ve always wondered what the actual end game benefit is for spammers posting on a forum like this.

Anybody care to offer opinions?

 

[MikeGE]

How high could the second item be set to? Thousands of seconds? Maybe the first item should be a few minutes, too.

For clarification, "discussion" is the XenForo name for threads, and "message" is the name for posts. The values in the example you posted are the default settings and can be changed as required. However, they are global and will affect all members. I don't know what the maximum limit is, but I set it to 3,000,000,000 seconds on my site as a test and the software did not complain about the value. This is about 95 years, so it is a bit extreme to wait to start the next Discussion (thread).

Plus the page says:
"Potential spammers must defeat our numerous CAPTCHA integrations and pass checks against external registers of known spammers before they can plaster their mess over XenForo forums."

Is that enabled, or perhaps not all enabled?

Based on a quick test, this site uses Cloudflare Turnstile, which is very good. This is one of the embedded choices within XenForo.

To try to bring this recent barrage of spam attacks into context, think of it as indiscriminate carpet bombing. This site's defense umbrella has to be effective all of the time, within reason, but the spammers only have to be lucky sometimes. It is not realistic to think the current software version will be completely effective against the continuously evolving spammers. This is why the defensive umbrella also includes Moderators and Administrators, as well as the membership to sound the alarm when a spammer starts posting.