Earlier this evening (actually morning -- stupid Daylight Savings Time!) I was encouraged to see no spam, but now they're back -- 8 12 more in General Discussion.
Something new has shown up in the last few days -- a few of their spams have no Korean characters, but instead have a few random Roman characters.
|
Man, there HAS to be something that can be done to block these vermin. It must look terrible to new customers (coming to the website to learn about the new edition etc.) and the first thing they see is tons of spam.
At least for the time being, isn’t it time to get a bit more drastic - ban Asian characters, moderator approval of new accounts .... something?
Given that it seems most important to the spammers to get the foreign characters into the thread titles, that would seem to be the place to ban such characters. People who need foreign characters in the body of a post for PBP purposes would then be unaffected.
| 1 person marked this as a favorite. |
I'm not entirely sure about this, but wouldn't they just use different symbols if those were banned?
^Indeed.
After a while of quiescence, I just had to flag another 8 of them that appeared in the last 1.25 hours.
I casually found this spam event distributing Spanish HD movie.
| 1 person marked this as a favorite. |
Thanks!
I discovered there are several similar links like that searching in Google: event HD site:paizo.com
It might give different results depending on your location. In my case there are 14000 results with mainly Spanish films event pages.
Nice one.
A substantial percentage (not yet a majority) of the spams have started using only random Roman characters instead of Korean characters in the message text, although the message titles are still almost all in Korean characters + a few Roman characters for URLs.
They seem to have switched to using the Cyrillic (Russian) alphabet.
They seem to have switched to using the Cyrillic (Russian) alphabet.
The content is entirely different. I'm not seeing the same headlines or body copy at all.
I don't think it's the same spammers (if that is even spam)
Forum rules require posting in English, so it’s at least inappropriate content, more likely spam.
Removed a couple of posts linking to or quoting spam.
I cleaned up a lot of the event spam; we have a tool in the works that will find and kill more.
Sorry. I forgot about not doing that. :/
The Russian post I saw actually said something about a new game coming. But nothing that actually made any sense to me.
| 4 people marked this as a favorite. |
Wikileaks clearly had the PF2 news before the rest of us. ;)
The war continues unabated...
Some of the spam posts seem to try to exploit some bug in the new web site -- in the Forums listing, they appear to have titles composed of a short string of random Roman characters, but when I actually look at one of these threads, the actual title is a moderately long string of Korean characters.
Don’t know if you can still see them, but the last batch included swastika symbols mixed in with the non-Latin alphabetic characters. I don’t think the rest of the material was any different (though I didn’t recognise the website address, the structure was as per usual).
For a while, something here seemed to keep them to a trickle and keep them from posting very much in the message bodies, but now the flood is back, with most of the message bodies being full sized, and one of the rare exceptions somehow doing something to alter the forum text column width.
We need a more permanent solution. I will again recommend for moderating the first 2 - 3 posts by any new user, just as long as the site admin tools also provide an easy option for the mods to bulk trash multiple messages that look like spam and bulk ban their accounts.
There's also a post in Licensed Products General Discussion that's offering fake ids.
Those kinds of solutions are pretty labor intensive (and easy enough to circumvent).
You can’t make it too hard to come here and ask for help, or to ask where to find things.
If it’s easy to jump through the hoops one might consider, it’s easy to fake. If you make the test stringent you’re bound to annoy some potential new players/customers.
I suspect the labor required is always going to be the principal constraint. Closing loopholes is inevitably a losing proposition - from a practical perspective, there's always a way around any countermeasure if you're determined enough.
I suppose the better Paizo get at fighting them off, the more likely it is that spammers will look elsewhere - it's just about making Paizo an unattractive target.
Things have definitely improved in recent months. Hopefully, the effort required to breach the countermeasures becomes so high the reward doesn't justify it. (I'm still unclear on how it helps them really - something to do with automated google searches or something). :/
"Licensed Product" is probably the current culprit.
Flag, flag, flag.
It helps
If the first 3 posts of each new user were moderated, that would not be so easy to get through. That would mean that the spammers would have to come up with 3 legitimate posts before posting their spam. They can probably do this a couple of times each, but then they're going to run out of creative gas (if not, they probably wouldn't be depending on spamming for their livelihood). Meanwhile, a relatively small trickle of new incoming people gets a few hours' delay(*) in the appearance of their 1st 3 posts.
(*)Or a couple of days if they post late on a Friday.
Hi! Love the game, but I’m struggling to get your site to work. Where can I get help?
Can someone explain unarmed combat to me?
Just bought pathfinder. Where can I find a group?
Remember that a lot of these spammers are actual, real people not bots and they think it’s worth it to post things that usually last less than an hour or two. Coming up with three, generic posts isn’t that hard. Meanwhile - a human at Paizo has to wade through hundreds of posts a day (a week? Not sure the rate of new accounts, obviously but a lot - as I understand it, one of the things that makes Paizo.com a target is that it’s relatively high volume).
The amount of spam wouldn’t drop - it’d just be delayed a few days. New posters would be inconvenienced as they were vetted. There’d be a small contingent of new customers/players whose first interaction with Paizo would be creating an account only to get banned as a suspected spammer (consider the various posts we see from quite young people or from overseas. It may not be easy to tell them apart from a spammer playing a role). There’d probably also be a spike in vague, bland questions nobody really wanted the answer to.
A human intensive solution is unlikely to be good value for money. I suspect the war will go on in spurts of silence punctuated by loud periods when they discover new strategies, followed by silence again once those strategies are identified and dealt with.
Things are much, much better than they used to be. There’s just been a bout of evolution in the last couple of weeks, but I’m sure things will die off again when the banhammer is upgraded.
Kind of ironically,I flagged my own post (just in case it was too explicit...) :o
Hi! Love the game, but I’m struggling to get your site to work. Where can I get help?
Can someone explain unarmed combat to me?
Just bought pathfinder. Where can I find a group?
{. . .}
If they keep posting the same questions with new accounts, you can start to get suspicious.
A legitimate new user might share one of the above questions with the spammers, but is unlikely to repeat all of them, and is also unlikely to share the same IP address or contact e-mail (that you have to provide when creating a new Paizo account, or at least did when I got mine).
| 1 person marked this as a favorite. |
I’m sure a human moderator would have a pretty good success rate (though I doubt they would pose identical questions from all their accounts) My point was that these spammers would still give it a go and some would get through - so we still have to deal with the problem. May as well implement one solution than two. We were fine for several months - now they’ve discovered a workaround and Paizo tech team need to close the gap. Then we’ll be fine again.
It’s a huge amount of pretty tedious work for a human to scan all the new posts from new users - especially heading into the playtest, when there’s bound to be a spike (I’d expect thousands of new accounts coming here to download the playtest come August. Probably many of them will then try and post comments/queries/cries for help). Human gatekeeping is going to be costly and ultimately won’t reduce the work the tech team have to put in as well still see the occasional bout of ugliness that needs to be dealt with.
Meanwhile, new customers/players face delays plus there’ll be the inevitable lost sale from the customer who looked like a spammer.
Whatever the solution is, I think it needs to be technical, not labor intensive. The spammers have more hours to throw at it since playing this game is what they do for a living.
| 1 person marked this as a favorite. |
^Show me an artificial intelligence that can actually beat natural stupidity, and I might be inclined to agree with you.
| 1 person marked this as a favorite. |
I find it a sad side of online life. Inconvenience to completely innocent, unrelated people (ie us) is seen as unimportant in the quest for a higher listing on search engines. Who cares if our forums are ruined? As long as their revenue increases...
They probably market it as “innovative” or “cutting edge” advertising. :(
Now that you mention it, several years ago a substantial fraction of the spam that I got in my e-mail was advertising for innovative marketing and the like . . . .
So much for the idea of us being fine for now -- the spams are flooding in, with 11 having popped up in the last 50 minutes.