[support] Many false applications for accounts

Jamie Holly hovercrafter at earthlink.net
Sat Apr 5 14:23:01 UTC 2014 

That's a huge problem that started a couple of years ago. There are some 
companies out there actually paying people X dollars for registering Y 
accounts on different sites. One of my clients was getting up to 1,000 
registrations a day last year from these people. We finally let some 
through for a couple of days to post their spam, then checked what all 
the links were going to. They were different sites, but owned by one 
company in the UK. The lawyers sent this company a letter and it stopped.

The really sad part about this new tactic is that your options are 
greatly limited to the point of non-existent on stopping them. Since 
they are humans doing actual registrations, any attempts to thwart them 
will also get the regular users trying to sign up. You're left with 
actual human moderation to combat them.

Globally 2013 saw huge spikes in spamming activity. These people are 
getting more bold, and that does lead to us having to rethink a strategy 
to combat them. Here's some possibilities:

- Limit the number of registrations by IP in a given time frame. Either 
block or require admin authorization on future attempts. This works to 
an extent, but if people use something like Tor to register, then it 
doesn't.
- Create moderation displays, showing the first 5 posts and comments 
from new registrations.
- If you allow new users to post content, force the new post to a draft 
and email site administration/moderators to approve it. Once they get X 
approved posts, then they can publish.
- Depending on your site and users, require admin authorization on 
certain IP's based upon their geographical location (requires GeoIP 
library or 3rd party API).

No solution is perfect, but I have used a combination of these in the 
past for clients and they have been very happy with the results. Most 
options are only doable via custom coding though.

Jamie Holly
http://hollyit.net

On 4/5/2014 8:51 AM, Walt Daniels wrote:
> I get them to, but it is not mollom's fault. They are actually 
> registering and typing the captcha just like a legitimate user. In our 
> case they even have to use a legitimate email as they cannot do 
> anything more than an anonymous user until the verify their email. I 
> don't see any pattern I could apply to the user names that would 
> distinguish them from our valid users who have some pretty weird 
> usernames. You could find or right a module that enforced using "real 
> names", i.e. John Doe. But I even got some like that that turn out to 
> be spammers.
>
>
> On Sat, Apr 5, 2014 at 8:13 AM, Linda Romey <lromey at gmail.com 
> <mailto:lromey at gmail.com>> wrote:
>
>     I am having the same issue. Have you contacted Mollom? That's on
>     my to-do list. I'm not sure of the value of the monthly fee if I
>     still have to continually monitor my site and delete spam accounts
>     manually.
>
>
>     On Sat, Apr 5, 2014 at 8:09 AM, James Rome <jamesrome at gmail.com
>     <mailto:jamesrome at gmail.com>> wrote:
>
>         I have Mollom installed, but yet a handful of account applications
>         escape their captcha/analysis each day. The problem is that
>         the only
>         obviously wrong field is the username, which is not listed as
>         a field in
>         the Mollom configuration. I get names such as: qropspension_5362
>
>         Is there any other way to get rid of these would-be spammers?
>
>         --
>         James A. Rome
>
>         http://jamesrome.net
>
>         --
>         [ Drupal support list | http://lists.drupal.org/ ]
>
>
>
>     --
>     [ Drupal support list | http://lists.drupal.org/ ]
>
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20140405/7f24122e/attachment.html

More information about the support mailing list