Page 1 of 1

Spam via Private Messaging

Posted: Sat Mar 06, 2010 7:31 am
by MikeC
It's come to light over the past 24 hrs that a forum user registered as "MichealUllman" has been sending private messages that contain a Trojan virus to other SPCR board members. This account has now been killed, but at the moment, there's nothing to stop others from doing the same. The PM system may be deactivated temporarily while we deal with this issue.

If anyone should receive any PM or email similar to the sample shown below, do not click on any links, and please post the relevant info in the Official Anti-Spam thread: viewtopic.php?t=54326 Forum mods/admin subscribe to this thread.

Sample of Spam Msg:
-------------------------------
Dear, [forum member]!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately: http: / / securitytool-2010.net/online-scanner/trxman
If you do not pass this test we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).

----------------------------------------------------
Forum Administration http://www.silentpcreview.com

Re: Spam via Private Messaging

Posted: Sat Mar 06, 2010 1:59 pm
by lm
MikeC wrote:...private messages that contain a Trojan virus...
Did the messages themselves contain a virus, or was it just a link to a malicious site?

Posted: Sat Mar 06, 2010 2:37 pm
by NeilBlanchard
Apparently, there was a link to a site that then loaded the malware.

(I'm very glad I use a Mac...)

Posted: Sat Mar 06, 2010 3:20 pm
by rpsgc
NeilBlanchard wrote:Apparently, there was a link to a site that then loaded the malware.

(I'm very glad I use a Mac...)
Or... Just don't use IE? :lol:

Posted: Sun Mar 07, 2010 5:56 am
by jfweaver
Mike,

I had a problem with spambots on my forum. I was getting 10-15 new bots a day. The problem is the spam bot programs now are automated, they signup, follow the activation email links, and handle CAPTCHAs via workers in China/India. The solution I found that is still working was the PHPBB kittenauth plugin. In the past ~2 years I've had a few (2-3) non-automated spammers register. By forcing them to use a human to do the registration it forces them to find low hanging fruit elsewhere.

Posted: Sun Mar 07, 2010 8:26 am
by xan_user
How about just banning links form appearing in PM's? (or at least make them nonclickable.)

Posted: Sun Mar 07, 2010 2:25 pm
by qviri
rpsgc wrote:
NeilBlanchard wrote:(I'm very glad I use a Mac...)
Or... Just don't use IE? :lol:
I'd suggest using a brain, personally, but...

Posted: Sun Mar 07, 2010 7:00 pm
by xan_user
NeilBlanchard wrote:
(I'm very glad I use a Mac...)
or at least very glad that macs don't hold as large of a market share and thus not a target like M$... :wink:

Posted: Wed Mar 24, 2010 4:56 am
by kogi
Got one of those from a different user

VaughnWhite

Posted: Wed Mar 24, 2010 5:10 am
by NeilBlanchard
Thanks for your patience on this (again!)! Until the Admin can find the Spammer's IP, I cannot ban them.

Do not click on the link in these PM's!

Posted: Wed Mar 24, 2010 5:14 am
by frenchie
How about you force a certain number of posts before a PM can be sent, link it's done with the links ?
(Don't know if it's feasable)

Posted: Wed Mar 24, 2010 5:41 am
by Monkeh16
NeilBlanchard wrote:Thanks for your patience on this (again!)! Until the Admin can find the Spammer's IP, I cannot ban them.
Why is getting the IP taking so long?

Posted: Wed Mar 24, 2010 1:31 pm
by NeilBlanchard
The user was banned earlier today.