Simple Machines Community Forum

General Community => Site Comments, Issues and Concerns => Topic started by: arod on January 24, 2006, 09:36:32 PM

Title: i was spammed by PM on this board!
Post by: arod on January 24, 2006, 09:36:32 PM
with the standard "nigerian" spam.
the spammer is the user "davson", which registered today.
as i assume this kind of spam is scripted, i suggest the admins of this site should look into it, and see if it represents a security issue. they should also probably look into how many pms this user (registered today) sent.
admins are encouraged to read my personal messages (those sent to me), and look into the matter.
thx.
Title: Re: i was spammed by PM on this board!
Post by: dtm.exe on January 24, 2006, 09:48:21 PM
I highly doubt that he used a script to spam users via PM.  It's very simple, actually.  One can simply copy and paste the "Who's Online" list to the "To:" field of a PM.

Thanks for reporting this :).
Title: Re: i was spammed by PM on this board!
Post by: JayBachatero on January 24, 2006, 10:00:02 PM
This was taken care of and that member is banned :).

-JayBachatero
Title: Re: i was spammed by PM on this board!
Post by: Strolen on January 24, 2006, 10:00:45 PM
Me too, although "$10.5m" is too tempting to pass up. What if it *is* real. I went ahead and sent him my social, bank account number, home address, alarm key code, and the hours that the house is empty. I hope he responds, not sure if  he got everything he needed though, often times they need your mother's maiden name but not sure if I am comfortable giving that out.
Title: Re: i was spammed by PM on this board!
Post by: dtm.exe on January 24, 2006, 10:04:26 PM
Quote from: Strolen on January 24, 2006, 10:00:45 PM
Me too, although "$10.5m" is too tempting to pass up. What if it *is* real. I went ahead and sent him my social, bank account number, home address, alarm key code, and the hours that the house is empty. I hope he responds, not sure if  he got everything he needed though, often times they need your mother's maiden name but not sure if I am comfortable giving that out.

I hope you're kidding...
Title: Re: i was spammed by PM on this board!
Post by: Strolen on January 24, 2006, 10:07:08 PM
So, you would give your mother's maiden name?

:P
Title: Re: i was spammed by PM on this board!
Post by: dtm.exe on January 24, 2006, 10:10:12 PM
Quote from: Strolen on January 24, 2006, 10:07:08 PM
So, you would give your mother's maiden name?

:P

OK...you seriously scared me for a second :P.
Title: Re: i was spammed by PM on this board!
Post by: Acf on January 25, 2006, 06:03:30 AM
Quote from: Strolen on January 24, 2006, 10:07:08 PM
So, you would give your mother's maiden name?

:P

wilhelminajantina ;)
Title: Re: i was spammed by PM on this board!
Post by: arod on January 25, 2006, 12:42:30 PM
Quote from: dtm.exe on January 24, 2006, 09:48:21 PM
I highly doubt that he used a script to spam users via PM.  It's very simple, actually.  One can simply copy and paste the "Who's Online" list to the "To:" field of a PM.

Thanks for reporting this :).
well, there are probably several tens of users in the "who's online".
i suspect that the spammer sent this to several thousand people, likely even to everyone.
of course, banning the spammer is as good as locking the barn doors once the horse is out, since he can just as easilly register with another name/email and do it again.
if it is, as you think, manual operation, then it is not very interesting.
otoh, if, as i suspect, this is a mass spam, then it is worth looking into, see how many people were spammed, was there a script used, and if so, what can be done to block such abuse.
note that if it works here, it would work on ANY smf forum, and we wouldnt want that now, would we?
Title: Re: i was spammed by PM on this board!
Post by: JayBachatero on January 25, 2006, 12:53:16 PM
That is the ineffective way to ban someone.  That's why you IP ban them.
Title: Re: i was spammed by PM on this board!
Post by: arod on January 25, 2006, 04:51:49 PM
Quote from: JayBachatero on January 25, 2006, 12:53:16 PM
That is the ineffective way to ban someone.  That's why you IP ban them.
????
what is an ineffective way to ban someone?
Title: Re: i was spammed by PM on this board!
Post by: JayBachatero on January 25, 2006, 05:16:41 PM
By member name or email.
Title: Re: i was spammed by PM on this board!
Post by: arod on January 26, 2006, 09:39:13 AM
i fail to see how your post relate to the subject.
who said anything about banning anyone, either by name, email or ip?
i was suggesting that someone probably employed a script to pm large quantities of users.
i also said that ban, of any kind, is a poor response to this kind of problem, because it is closing the barn door after the horse is out.
look what (i think) happened here: someone registered, never even bother to post a single post, and within several minutes of registration, used a script (my guess) to send only-the-admins-know-how-many pms.
they dont intend to go on your board again. they are probably on the prowl to find another smf board and hit it with the same script/spam.
you can ban either the user or the ip to your heart's content, it is completely irrelevant.
otoh, if there is such a script out there, in a day, week or month, some other user, with a different ip, will hit yet again with a spam pm.

it is possible that this type of thing will make bbs pm completely unuseable, somewhat like a mail client without spam filter is.

what can be done? i can think of several measures:

it is entirely possible that i am a paranoid and no real problem exists.
but look what happened to email. if something even remotely similar will happen to bbs pm, the feature will become unuseable.
Title: Re: i was spammed by PM on this board!
Post by: TheMaTrIx on January 26, 2006, 09:45:40 AM
Quote from: Strolen on January 24, 2006, 10:00:45 PM
Me too, although "$10.5m" is too tempting to pass up. What if it *is* real. I went ahead and sent him my social, bank account number, home address, alarm key code, and the hours that the house is empty. I hope he responds, not sure if  he got everything he needed though, often times they need your mother's maiden name but not sure if I am comfortable giving that out.

Last time I got one of these it was 8.5 Billion US$ in gold XD
Title: Re: i was spammed by PM on this board!
Post by: Thantos on January 26, 2006, 09:46:21 AM
arod,
On this board there is a limit in the number of emails you can send out at a time and its actually pretty low.
Quotedont allow links/email within an unsolicited pm (ie, unless the sender already received a pm from the receiver)
Yeah that isn't going to work.  I really can't count the number of times I've asked someone in a post to PM me with a link and some details.  Using your idea I'd have to send them a PM first which just makes more work for me.  Also what happens if they delete all their previous PMs?

I know Grudge made mention of looking into some spam filtering for PMs on the next major version after 1.1.
Title: Re: i was spammed by PM on this board!
Post by: Kindred on January 26, 2006, 10:11:35 AM
jeez, arod... alot of hoopla over one message...   I get similar messages at least 300 times a day to the contact email for my domains, and that has nothing to do with SMF.   Having it happen ONCE on ONE SMF board does not make it a crisis.

No, there is no security hole in SMF that allowed someone to use a script to PM people...
This happens occasionally, when the spammer actually takes the time to register and send them PMs "manually"

How can YOU deal with it?   Well, you can require an activation or admin approval on new users...
The more work you make it to register, the less likely you are to have such spammers. Honestly though, I think you have blown this WAY out of proportion.
Title: Re: i was spammed by PM on this board!
Post by: arod on January 26, 2006, 11:23:38 AM
Quote from: Thantos on January 26, 2006, 09:46:21 AM
.....
I know Grudge made mention of looking into some spam filtering for PMs on the next major version after 1.1.
that's all i asked.
thanks for the "heads up".
Title: Re: i was spammed by PM on this board!
Post by: arod on January 26, 2006, 11:32:00 AM
Quote from: Kindred on January 26, 2006, 10:11:35 AM
No, there is no security hole in SMF that allowed someone to use a script to PM people...
This happens occasionally, when the spammer actually takes the time to register and send them PMs "manually"
you don't know that for a fact.
i hope you are right, and if you are, then, i guess no action should be taken.
that is why i said i think the admins should look into it and see how many pms this user have sent.
if i am "just one of several dozens", then, bad luck, i guess, and no action need to be taken.
but what if i am one of several thousands? in this case, it is a reasonable guess that this is a precursor to a more serious problem, and it is best to take preventive measures.
as i was informed, grudge said he will look into building some spam prevention measures into one of the next versions, and i really couldnt ask for anything more.
just dont underestimate this type of problems, or you may find your own users on your own forum complaining...
have a good one.
Title: Re: i was spammed by PM on this board!
Post by: Kindred on January 26, 2006, 11:40:13 AM
well, I will say...  I was not included on that spam...   so, I would bet it was just the online users at the time...
Title: Re: i was spammed by PM on this board!
Post by: charlottezweb on February 01, 2006, 09:00:25 PM
Quote from: Kindred on January 26, 2006, 11:40:13 AM
well, I will say...  I was not included on that spam...   so, I would bet it was just the online users at the time...

ditto

-Jason
Title: Re: i was spammed by PM on this board!
Post by: RomanyX on February 01, 2006, 10:00:16 PM
Quote from: arod on January 25, 2006, 12:42:30 PMi suspect that the spammer sent this to several thousand people, likely even to everyone.
:'( Nope. Not even the spammers like me. *sniffle*
Title: Re: i was spammed by PM on this board!
Post by: Pedja on February 22, 2006, 03:21:30 PM
I had similar problem on my forum, so I did pointed it out. Solution may be quite simple, if SMF allows to disable private messaging for users if they do not belong to specific user group, have specific number of forum posts or registered recently
Title: Re: i was spammed by PM on this board!
Post by: Thantos on February 22, 2006, 03:49:22 PM
You can use permissions to keep the newbie membergroup from using the PM feature.  However on this forum we feel it is important to allow people to contact us without having to post first.
Title: Re: i was spammed by PM on this board!
Post by: redone on February 22, 2006, 04:42:21 PM
I didn't receive any either. Isn't like I don't get enough spam as it is though!