Well, considering that those people may be earning an abysmal sum of money for their hard work according to our measurements, but still consider it good money wherever they live, I think they don't care all that much.
I doubt whoever is paying cares - I think they'd be much more concerned about spending money for posts which last two minutes rather than better targeted posts which last two days.
Not if those two-minute posts manage to generate a 15% increase in net sales. The question is not method, but effectiveness.
There was a four hour period earlier where three (I think) people were making two posts each, then creating new accounts as those were deleted. The cycle was around two or three minutes - I guess that's six extra posts for Google to count - but it could have been hundreds if they were on less heavily policed sites.
But those hundreds of posts might have generated much less overall effect depending upon the sites they were on. Low-ranked sites generate low-ranked links; Paizo.com is a relatively highly ranked site itself, since it sees a fair amount of traffic and is frequenly updated. A site like http://kinglamtaichi-karate.com/ that hasn't updated since 2006 will automatically get downgraded in Google's engines.
What surprises me most is that there seems to be no way to go after these people legally. I'm sure the fact that they are (apparently) in a different country doesn't help, but still ...
Well, who do you go after?
The machines that are doing the posting are a botnet; machines compromised by a computer virus or something similar. One of them could even be the machine on your desk right now. No one to go after.... but remember to update your damn anti-virus software, m'kay?
The casino being advertised has no connection to the advertisements; it may not even exist. If it's a legitimate casino, you can bet that it will simply lawyer up and say "prove we posted those," and you won't be able to do that. If it's something like a floating malware site, then there's no one to go after.
The people making the posts -- who are they? Where are they? At the very least, you'll need a name and address to serve papers, and you have neither.
It's like trying to catch a hit-and-run driver. If you park your car in the street, and tomorrow morning the wing mirror has been smashed, you have effectively no legal recourse.
Well, considering that those people may be earning an abysmal sum of money for their hard work according to our measurements, but still consider it good money wherever they live, I think they don't care all that much.
That was an odd thought of mine. If these folks are being paid, say, 7 cents a post, maybe (if we could locate them) we could pay them 10 cents a post to not post.
I can not make a lot of posts at 10 cents for every post I don't make. :)Well, considering that those people may be earning an abysmal sum of money for their hard work according to our measurements, but still consider it good money wherever they live, I think they don't care all that much.That was an odd thought of mine. If these folks are being paid, say, 7 cents a post, maybe (if we could locate them) we could pay them 10 cents a post to not post.
Yea, that came out wrong...basically, pay them slightly more to not post, but as I'm not clear on how to work it, I realize it's a crazy idea.
Also, now there's an actual 'spam' flag!
| 1 person marked this as a favorite. |
Gasp! A Spam option! Not super accessible, though—it'd be nice if it could be placed at the top.
| 1 person marked this as a favorite. |
Well, considering that those people may be earning an abysmal sum of money for their hard work according to our measurements, but still consider it good money wherever they live, I think they don't care all that much.That was an odd thought of mine. If these folks are being paid, say, 7 cents a post, maybe (if we could locate them) we could pay them 10 cents a post to not post.
WHAT?! Are you telling me they can outsource my job overseas?!
With respect to the idea of paying the spammers to not post, you basically set them up in a protection racket over yourself -- plus, they will probably change their disguise and make spam anyway.
I am not an expert on going after them legally, but my best guess about how to do it would be to find some of the botnet machines by IP, offer the users a deal on cleaning their machines if they let you analyze the bots to figure out where they are being controlled from, and then move on to the machines controlling them. Rinse and repeat (in multiple paths in parallel since some people won't agree for perfectly legitimate reasons) until you work your way back to the origin, or at least to their ISP, and then serve them with legal notice.
| 2 people marked this as a favorite. |
Wow!!! A Spam option!!!!!!!!!!!!!!!!!!!!
That just deserved so many exclamation points!!!!!!!!
As did that.
|
With respect to the idea of paying the spammers to not post, you basically set them up in a protection racket over yourself -- plus, they will probably change their disguise and make spam anyway.
I am not an expert on going after them legally, but my best guess about how to do it would be to find some of the botnet machines by IP, offer the users a deal on cleaning their machines if they let you analyze the bots to figure out where they are being controlled from, and then move on to the machines controlling them. Rinse and repeat (in multiple paths in parallel since some people won't agree for perfectly legitimate reasons) until you work your way back to the origin, or at least to their ISP, and then serve them with legal notice.
Botnets are not something you necessarily want to mess around with. IIRC, there was a group of infosec researchers a few years ago, identified and mapped a good-sized one, and had figured out some of the control elements in it when they were politely but firmly asked to stop by the Russian mobsters who owned it.
I am not an expert on going after them legally, but my best guess about how to do it would be to find some of the botnet machines by IP, offer the users a deal on cleaning their machines if they let you analyze the bots to figure out where they are being controlled from, and then move on to the machines controlling them. Rinse and repeat (in multiple paths in parallel since some people won't agree for perfectly legitimate reasons) until you work your way back to the origin, or at least to their ISP, and then serve them with legal notice.
That's something that you might try if you were the FBI. I'm not sure it's something you really want to waste time and effort on if you're a small game company based just outside of Seattle.
Here's another link to another spammer in an established thread.
Dear god thats a lot of post nuke it, nuke it now.
Just another link to the thread spammers like to hide in, just in case they come back.
Botnets are not something you necessarily want to mess around with. IIRC, there was a group of infosec researchers a few years ago, identified and mapped a good-sized one, and had figured out some of the control elements in it when they were politely but firmly asked to stop by the Russian mobsters who owned it.
Since when did the Russian mob get the right to dictate information security procedures in the United States?
That's something that you might try if you were the FBI. I'm not sure it's something you really want to waste time and effort on if you're a small game company based just outside of Seattle.
Indeed you wouldn't, but if the FBI isn't doing the job and your web site is being crippled by the attacks (when up to 7 of 10 titles in the Messageboards Recent Posts are spam, that's serious impairment), they you either have to do it yourself or hire a specialist to do it.
| 3 people marked this as a favorite. |
Botnets are not something you necessarily want to mess around with. IIRC, there was a group of infosec researchers a few years ago, identified and mapped a good-sized one, and had figured out some of the control elements in it when they were politely but firmly asked to stop by the Russian mobsters who owned it.Since when did the Russian mob get the right to dictate information security procedures in the United States?
That's something that you might try if you were the FBI. I'm not sure it's something you really want to waste time and effort on if you're a small game company based just outside of Seattle.Indeed you wouldn't, but if the FBI isn't doing the job and your web site is being crippled by the attacks (when up to 7 of 10 titles in the Messageboards Recent Posts are spam, that's serious impairment), they you either have to do it yourself or hire a specialist to do it.
I'm not sure that a bunch of violent criminals are concerned about the "right" of it. I'm also not sure that any of the PDT value the integrity of the message board more highly than their lives. In fact, I rather hope they don't.
I'm not sure that a bunch of violent criminals are concerned about the "right" of it. I'm also not sure that any of the PDT value the integrity of the message board more highly than their lives. In fact, I rather hope they don't.Botnets are not something you necessarily want to mess around with. IIRC, there was a group of infosec researchers a few years ago, identified and mapped a good-sized one, and had figured out some of the control elements in it when they were politely but firmly asked to stop by the Russian mobsters who owned it.Since when did the Russian mob get the right to dictate information security procedures in the United States?
That's something that you might try if you were the FBI. I'm not sure it's something you really want to waste time and effort on if you're a small game company based just outside of Seattle.Indeed you wouldn't, but if the FBI isn't doing the job and your web site is being crippled by the attacks (when up to 7 of 10 titles in the Messageboards Recent Posts are spam, that's serious impairment), they you either have to do it yourself or hire a specialist to do it.
If this ountry has fallen so far that it can't provide basic law enforcement safety for its citizens against a terrorist criminal gang, even while spying on everyone it can and frequently killing people who have not committed so great a crime as to deserve death, then what's left to defend?
It appears all the spammers are starting to lurk in the Ultimate Intrigue Playtest General Discussion subforum. Seriously, they haven't stopped spamming the threads there.
I'm FAIRLY sure this user is a spammer.
I'm FAIRLY sure this user is a spammer.
It certainly contains enough random words to be gibberish. I bet you're right. It was sketchy enough that I didn't trust the website he had on that post, and just left it untouched.
Early morning shift on the Wall... Spammers sighted... flag guns firing.
My shift's done. Must confirm Dragoncat's report of massive spam incursion in the Ultimate Intrigue subforum. All observed spam flagged. Over and out.
They're getting at it again in general discussion.
But we shall remain vigilant.
A concerted attack on Paizo General Discussion. Flag, my pretties, FLAG!
They've adapted somehow....or maybe the staff is updating our system......I really hope its the second one.
I just clicked on a 14-second old post that was already FLAGGED. Can we now see if someone else has flagged a post? Or has it always worked like that?
Edit: Never mind, I think I went after an already painted target from an older window.
::reloads his barrett 50 cal. of spammer bane:: Say hello to my not so little friend.
::hugs Lissa, rubs IcyHot onto her banning arm::
Edit: sigh...persistent little piles of excrement, aren't they.
Real slow learners, as well.
They are indeed little brown logs of annoyance, but I have them in my cross hairs ::nice smooth trigger pull:: and that is now we snipe spammers here in 'merica!
GenDiscussion is getting overrun... SEND BACKUP!!!
So how about filtering out korean signs?
I know that for chinese signs there are several codes used, korean is probably the same. Should be easy to analyze too.
Apply some script that then filters out those posts containing such script.
As i was informed, posting in languages other than english is not allowed anyway and for rpg purposes enough other languages are there.
I actually ran one of the spam posts through a translater. Either the translater was not up to the task, or the spam posting was complete gibberish.
I actually ran one of the spam posts through a translater. Either the translater was not up to the task, or the spam posting was complete gibberish.
Content is irrelevant, they just want links there for search engine spiders to find. Don't bother translating it, it's probably gibberish even if you were a native speaker.
I asked someone korean and that person said it´s kind of a weird ad.
So yes, partly gibberish probably.