sock-puppets R us
Nov. 11th, 2012 05:13 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
cellioI've been seeing more spam on my LJ entries than usual in recent weeks, but most of it is posted anonymously and gets auto-screened, so nobody else sees it. Two days ago I started getting the following message from LJ accounts that were presumably created just to post these comments (on, I assume, as many journals as possible as quickly as possible):
"Hey This is hard for me because I have never done anything like this.. but I have a huge crush on you. I have never been able to tell you for reasons which you would quickly identify as obvious if you knew who this was. I'm really attracted to you and I think you would be wanting to get with *Read FULL Card Here* [URL removed]"
These ones, coming from logged-in accounts, do show up (about 15 so far). I really don't want to have to start screening comments from people not on my subscription list; I prefer to be more open. (I didn't like having to screen the anonymous ones, but the spammers left me no choice.) I've been marking these as spam when I delete them, which blocks that particular LJ account from commenting on my journal again, but it would appear that creating bogus accounts is easy enough that the spammers don't care. This probably means that more-challenging captchas are in our future. (I struggle with them already.)
The pattern of attack is different, by the way. The anonymous spammers tend to latch onto the same three or four old posts to hit; this current wave is hitting random posts with, so far, no duplicates.
In semi-related news, I've seen no update on the journal-import problem over at Dreamwidth (entries come across fine, but comments don't). I've started to read regularly there in addition to here, so if you're there too and I haven't found you yet, please get in touch.
Update: I discovered that I can do something less severe than screening comments from non-friends: I can make them answer a captcha. Sorry, legitimate non-friends, but I'm going to see if this deters the bots.
Update #2: The captcha doesn't seem to be slowing them down, so either the spammers are humans, the spam-bots are good at captchas, or... the setting isn't working. Could somebody do me a favor? I'd like somebody who is not on my friends list to post a comment (while signed in, not anonymous) here and tell me if you got a captcha. Thanks!
"Hey This is hard for me because I have never done anything like this.. but I have a huge crush on you. I have never been able to tell you for reasons which you would quickly identify as obvious if you knew who this was. I'm really attracted to you and I think you would be wanting to get with *Read FULL Card Here* [URL removed]"
These ones, coming from logged-in accounts, do show up (about 15 so far). I really don't want to have to start screening comments from people not on my subscription list; I prefer to be more open. (I didn't like having to screen the anonymous ones, but the spammers left me no choice.) I've been marking these as spam when I delete them, which blocks that particular LJ account from commenting on my journal again, but it would appear that creating bogus accounts is easy enough that the spammers don't care. This probably means that more-challenging captchas are in our future. (I struggle with them already.)
The pattern of attack is different, by the way. The anonymous spammers tend to latch onto the same three or four old posts to hit; this current wave is hitting random posts with, so far, no duplicates.
In semi-related news, I've seen no update on the journal-import problem over at Dreamwidth (entries come across fine, but comments don't). I've started to read regularly there in addition to here, so if you're there too and I haven't found you yet, please get in touch.
Update: I discovered that I can do something less severe than screening comments from non-friends: I can make them answer a captcha. Sorry, legitimate non-friends, but I'm going to see if this deters the bots.
Update #2: The captcha doesn't seem to be slowing them down, so either the spammers are humans, the spam-bots are good at captchas, or... the setting isn't working. Could somebody do me a favor? I'd like somebody who is not on my friends list to post a comment (while signed in, not anonymous) here and tell me if you got a captcha. Thanks!
(no subject)
Date: 2012-11-12 12:37 pm (UTC)I first got that "massive crush" comment this morning, on a public post from several months ago. I didn't check whether it was actually visible before deleting it. If I get it again, I'll check.
(no subject)
Date: 2012-11-12 01:24 pm (UTC)I got one of these last night and the post had a userpic, which is unusual for a spam account. I looked at the profile page and the account was created several months ago (one post, no friends other than self). I wonder if somebody's been stockpiling accounts, or if some legitimately-created accounts got hijacked. (One post and no friends doesn't mean anything; a hijacker could easily do that. Not being friended by anybody else is less likely for a "real" account.)
(no subject)
Date: 2012-11-12 03:16 pm (UTC)So far, all the accounts I've seen in this recent spam wave have been created on the same day or two, and most of them have a userpic that's 64x64 pixels. This indicates stockpiled bot accounts to me.
(no subject)
Date: 2012-11-12 11:28 pm (UTC)