Eric Posted July 4, 2023 Report Share Posted July 4, 2023 Happy Independence Day, everyone! The forum was inundated with bots this morning and they were able to many accounts and many, MANY pages of spam topics in about 2 hours. I've deleted 110 accounts and 2,568 topics from the site, so it should be all cleaned up now. If you see anything that I've missed, please use the Report feature on the post. I've made some minor changes that will hopefully keep this from occurring again, but I'm not completely confident that more significant changes aren't necessary so I'm keeping a close eye on the forum. It should become apparent very quickly whether the bots are still able to get in once the forum is open again. Thank you all for your patience! 1 7 Quote Link to comment Share on other sites More sharing options...
jklcpa Posted July 4, 2023 Report Share Posted July 4, 2023 Eric, thank you for your quick response and on a holiday too! You are awesome! 2 2 Quote Link to comment Share on other sites More sharing options...
Eric Posted July 4, 2023 Author Report Share Posted July 4, 2023 You bet! I may end up taking the forum down again soon, it looks like they're still making it through although more slowly than before. I need some time to look at where these accounts are coming from--the registrations seem like they're being created manually, not by bots, and then once registered the posting is automated. I may end up blocking all traffic from Russia and China, but need to investigate the traffic more closely to see how effective that would be. I could also add a manual verification step to registration, but I need to look more closely at what that process would look like on our (your) end as well. 6 Quote Link to comment Share on other sites More sharing options...
Lee B Posted July 4, 2023 Report Share Posted July 4, 2023 Our email addresses are readily accessible. We will need to watch and see if our individual email addresses start getting spammed. Perhaps our email addresses should be treated like passwords? 2 1 Quote Link to comment Share on other sites More sharing options...
Eric Posted July 4, 2023 Author Report Share Posted July 4, 2023 Your email addresses are not readily accessible on this website. Only Judy and I can see email addresses for individual users. 6 Quote Link to comment Share on other sites More sharing options...
Lion EA Posted July 4, 2023 Report Share Posted July 4, 2023 Thank you for taking good care of us, Eric! I was up late last night and saw the posts coming in. It was not all at once, automatically. There were a couple of screen names posting with about the speed of someone cut/pasting manually. It was kinda odd. I'd leave after a bunch/page-full and then return to another few, or I'd report some to see more came in while I was reporting, rinse & repeat. That kind of speed. I apologize for inundating you with so many reports. In my sleep-deprived state it seemed like a good idea to report a bunch so you'd see the extent of the problem before you had to enter the message board or without looking farther. 3 Quote Link to comment Share on other sites More sharing options...
Lee B Posted July 4, 2023 Report Share Posted July 4, 2023 1 hour ago, Eric said: Your email addresses are not readily accessible on this website. Only Judy and I can see email addresses for individual users. Thanks Eric, that is good news. In today's world I find it to be safer to be somewhat paranoid, so I changed my password. 3 Quote Link to comment Share on other sites More sharing options...
Eric Posted July 4, 2023 Author Report Share Posted July 4, 2023 45 minutes ago, Lion EA said: Thank you for taking good care of us, Eric! I was up late last night and saw the posts coming in. It was not all at once, automatically. There were a couple of screen names posting with about the speed of someone cut/pasting manually. It was kinda odd. I'd leave after a bunch/page-full and then return to another few, or I'd report some to see more came in while I was reporting, rinse & repeat. That kind of speed. I apologize for inundating you with so many reports. In my sleep-deprived state it seemed like a good idea to report a bunch so you'd see the extent of the problem before you had to enter the message board or without looking farther. I did see those reports along with Judy's email this morning. The registrations are happening manually. They're answering the questions correctly and not trigging Google's ReCaptcha service. They're also using unique email addresses for every registration. Once they made it past the registration process, they have a script that will automatically post content, but the forum doesn't allow people to post more than once very quickly, so that throttles how fast the spam can be added. With 110 accounts, though, it can pile up quickly. 4 Quote Link to comment Share on other sites More sharing options...
Lion EA Posted July 4, 2023 Report Share Posted July 4, 2023 110 accounts with email addresses! I was watching the posting in real time, certainly not from tax preparers, so it was surreal watching posts show up with lots of detail supposedly about customer service numbers for various well-known companies that might fool people on a more general site. Luckily, not things tax preparers would click on, on a tax site. But certainly clogging up our site overnight. Thank you for cleaning all that up, Eric. 3 Quote Link to comment Share on other sites More sharing options...
Catherine Posted July 4, 2023 Report Share Posted July 4, 2023 Many thanks to both Eric and Judy. 3 Quote Link to comment Share on other sites More sharing options...
Lion EA Posted July 5, 2023 Report Share Posted July 5, 2023 And, Judy, who deleted pages of new "members." Thanks to both Judy & Eric. 4 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.