Taking the Fight to Internet Spammers
The Internet is great for many things, but among its many downsides are spammers. Those are the people who get onto sites or send us email about fake designer handbags, fake prescription drugs, fake girlfriends and fake $100-an-hour jobs. I guess just enough people fall for these that spammers continue to send them to us, day after day, week after week, month after month, year after … well, you get the idea.
Anyone who has a website will tell you that keeping spammers out of your site is a never-ending problem. As the antispam controls get better, the spammers find new ways to get through the door.
If spammers put as much thought into something useful in life, we’d have a better society. But they don’t.
Spammers, phishers, “dark web” hackers = criminals.
A few months ago, I launched a photography discussion forum. It took just a few days until the first spammer arrived. I used some anti-spammer controls, and they worked. Or so I thought.
By the third month, I was seeing two spammers a day come in. They all are from the same place in China. But because they used different IP addresses, it was impossible to ban by IP address.
They were easy to spot. Random user names using all consonants and now vowels and email addresses that clearly were randomized by a bot – not a human being. That’s a spambot – a computer robot control that registers onto a site and then craps on your site.
This clearly required a better tool for the job.
After a week of reading up on the issue, I learned something.
The Captcha image that we all hate doesn’t work. Catcha was the primary way that a number of sites used to blocked spambots. It required people registering for a site to read a number that was superimposed on a background, almost making it unreadable. But the criminals got busy and figured out how to separate the numbers and letters from the background – something that most humans couldn’t do. Like I said, if criminals spent as much time putting their efforts toward good, the world would be a much better place. But again – they don’t.
What I learned is that you need to use as many tools as you can, so that if they get past one electrified fence, the second gets them and if that one doesn’t, then they get zapped by the third.
Here’s the rub. There are some controls that do such a good job that they keep out everyone, including your audience. You need to keep things easy for your users while making life as difficult as possible for spammers.
I’m not going to offer too many details, because like a magician, you don’t reveal the secrets of the trade.
Suffice to say that I’ve put a few new controls into place that seem to have done the trick.
If you visit my forum at http://photographytoday.net/forums/ and register, you’ll see my first line of defense.
For my first control, I am using a Q&A challenge. Some people ask a question, but what sites have learned is that a spambot will take that question and execute a Google search, get the answer and slip past your electronic sentry.
None of these will block a human spammers, because they aren’t intended to block humans. Luckily, human spammers are far outnumbered by spambots. And when the human spammer does make his criminal move, you simply squash him like a cockroach under your boot.
What I also know is that some day, this won’t be enough, and I’ll need to find another way to block the spambots. You have to stay on top of your game to keep one step ahead of the spammers. That’s just the reality of the Internet.
By the way, if you do visit my forum, feel free to browse and join a conversation. You are most welcome to do so. But only if you are not a spammer.