Spambot Announcement

We are being spammed by an extremely clever and aggressive spambot.

The bot uses several techniques to spoof users but is trying a new one today.

If your email address is your username+yahoo.com or username+gmail.com there’s a good chance the bot will successfully spoof you and bypass moderation.

If you have a username email combination that uses the above formula, it is probably a good idea to change username or use a different email. You’ll be moderated at first but once your first comment is approved it will be back to normal for you.

4.8 26 votes
Article Rating
41 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Richard Brown
September 30, 2022 12:44 pm

Mikey Mann trying to wind up normal people?

Scissor
Reply to  Richard Brown
September 30, 2022 1:24 pm

As honest as the Nigerian Prince scam.

HotScot
Reply to  Scissor
September 30, 2022 1:56 pm

A scam!? You mean I have to give my $100Bn back?

H.R.
Reply to  HotScot
October 1, 2022 6:12 am

Is that all you got? Man, did you ever get taken for a ride. Shoulda held out for more.

ResourceGuy
Reply to  Richard Brown
September 30, 2022 1:36 pm

or Gregory

ATheoK
Reply to  Richard Brown
September 30, 2022 5:46 pm

Mikey Mann trying to wind up normal people?”

Manniacal can’t wind fast enough to wind up normal people. Some that he tried to wind up went backwards for awhile.

D. J. Hawkins
September 30, 2022 12:53 pm

Is this our friend “Christopher” who’s shown up in several threads?

Chris R
Reply to  Charles Rotter
September 30, 2022 8:34 pm

So, let’s see–I don’t quite meet the criteria, I should be okay.

David Solan
September 30, 2022 1:23 pm

Does “spoofing” mean someone will imitate me and falsely adopt my identity? Inquiring minds want to know.
David Solan

Mark BLR
Reply to  David Solan
October 1, 2022 7:29 am

Does “spoofing” mean someone will imitate me and falsely adopt my identity?

[ Enter “lofty pontification” mode … ]

“Spoofing” is usually imitating someone else, who the target would be expected to consider as “trustworthy”, in order to extract useful information (/ money) from the target.

In the specific case of “E-mail spoofing” this is usually done by editing the “From:” field of an E-mail, e.g. to “bank.manager@yourbank.com”, and hoping you don’t notice the (not always shown by the E-mail client) “Reply-To:” field — which gets copied automatically to the “To:” field when you absent-mindedly click on the “Reply” button to send your credit card details because you’re distracted by other things at that moment in time — contained something like “scam.artist.666@evil-corp.com” instead.

What’s being described ATL looks to me more like “Brute Force Password Hacking”, as WUWT — like many other comments sections around the Internet ! — effectively uses an E-mail address as the “password” to check the person clicking the “Post Comment” button is actually the “User Name” they say they are.

Once you have gone through the “validation” process for an E-mail address (once, the first time you post with that “User Name”), anyone who can guess your new “password” can post in your “User Name”.

[ Exit “lofty pontification” mode … maybe … if possible … ]

Mark BLR
Reply to  Charles Rotter
October 1, 2022 10:23 am

It’s a stretch to describe two iterations … as a “brute force” hack.

Agreed, but I’m not sure what the “professional / industry standard” term might be for this case, given that it isn’t “spoofing” …

“Wishful Thinking Password Hacking” ?

“Lazy Sod Password Hacking” ?

“Certified Agile Programmer Password Hacking” ?

.
.
.

OK, OK ! I’ll get my coat …

Editor
September 30, 2022 1:29 pm

Changed my username, CTM.

For the past two months, each month, my blog has had spam attacks on back-to-back days. The wordpress spam filter catches them, but there are over 1,000 spam comments each of those days. It takes about 5 minutes for wordpress to empty the spam gueue after I ask for it to be emptied. They’re coming from Indonesia and are limited to dozen or two dozen visitors.

Regards,
Bob Tisdale

Editor
Reply to  That ENSO Guy
September 30, 2022 6:19 pm

It is WHY I never allow first postings from Indonesia, Russia, North Korea and other troubled nonspeaking nations that don’t come close to speaking English.

I am currently moderating three WORDPRESS blogs which I see this kind of of problem show up I just send it to the spam bin immediately this prevents them from ever posting a single bot/spam post successfully.

I am now down to one forum I run as the owner in which I require Administrator approval for people who filled the registration form before they can join it is how I try to stop the problem by stopping the completion of the membership.

In case I failed to spot the spammer (never happened so far) because everything looks clean on their registration manage to answer one of the questions successfully my forum software has a PURGE SPAMMER feature which at the single click of the button automatically deletes all of them then I can ban the loser.

fretslider
September 30, 2022 1:32 pm

This is the real me….

And awaiting approval

Last edited 2 months ago by strativarius
fretslider
Reply to  Charles Rotter
September 30, 2022 1:59 pm

Ooer

Calm down dear

September 30, 2022 1:41 pm

Yet another reason to avoid using Google.

SasjaL
Reply to  Philip Mulholland
October 1, 2022 12:52 am

Someone with common sense would not use gmail, as Google acts precisely like the former STASI. They read and store all the emails for future “use”, but they are not alone …

TonyG
September 30, 2022 2:14 pm

They keep getting smarter, unfortunately. Guess this will need to be moderated…

Tony.K
September 30, 2022 3:01 pm

Yes we know,it’s called griff.

Pillage Idiot
September 30, 2022 3:05 pm

Dear Moderators,

Thank you for everything you do to publish important scientific information on the WUWT blog.

The fact that you have to slay aggressive bots to perform the job above, certainly requires an extra level of appreciation from the readers.

I hereby tip my Friday evening libation to our hosts – and encourage others to do the same!

David S
September 30, 2022 3:51 pm

trying it out

Alas Babylon
September 30, 2022 4:31 pm

Watts Up With That is getting flak. Means we’re over the target, boys!

September 30, 2022 6:47 pm

Ah. Well, no problem for me – I pay for my email service. This always happens when you let yourself be a product; you are no more important than any other of a hundred million widgets.

Reply to  writing observer
October 4, 2022 12:47 am

Ah. Well, no problem for me – I pay for my email service

If the writing observer read a bit more widely, he would recognize the irony in his statement, should he manage to get past his naivety.
But I guess you are all right, brother, Baal Gates has assured us personally he does not have time to read all our emails…

Dena
September 30, 2022 7:23 pm

It’s unlikely to catch me. My user name is my first name. My last name is in my email and never mentioned with my first name. My email provider was once a major email provider however because they charge for the service, they are not one of the big email services.
I prefer paying for email because it blocks some of the spam and it allows me to work email off line. Handy when I am away from the internet.
Also should a site request I use my real name as some have in the past, I only need to indicate that the two can be combined to find my real name. It helps that both my first and last name are rare names making a guess nearly impossible.
If your user name is associated with your email address, it would be best to separate the two so the spambot doesn’t have the information it needs for spoofing.
That said, I have had experience keeping spammers out of a web site and it can be very difficult. The best solution is to make it so useless to spam a site that they go elsewhere, Unfortunately that requires a crew that constantly watches for spammers and nails them as soon as they make their first post. It helps if there is a button to notify staff of problem posts however it appears this platform doesn’t support such a feature.

commieBob
Reply to  Dena
October 1, 2022 8:55 am

I post anonymously because I’m surrounded by Social Justice Warriors, and they’re just plain nasty.

One of the best pieces of advice I gave my kids, back when the internet was still new, is to be careful what you say online because things change. What used to be an innocuous comment can result in big problems later.

It seems to be standard operating practice that a stupid comment someone posted as a teenager can come back twenty years later and cause a political party to dump them as a political candidate.

Joe
September 30, 2022 11:27 pm

Joe here. This is interesting news. Someone doesn’t like people talking here, evidently. I wonder who that is?

Dena
Reply to  Joe
October 1, 2022 7:02 am

If they didn’t like people talking here, they wouldn’t be here. The spam is a get rich by working from home scam. Normally they take the form roping other people in to assist them in spreading spam on other sites. They might also demand a fee for training and once you pay, that is the last you will hear from them. For this to work, they target sites that have a good deal of traffic and hopefully have limited moderator staff so their posts will stay up as long as possible.
These are normally run out of poor countries or countries where they are unlikely to deal with legal issues. Sometimes the money can be quite good and the posts are the result of a boiler room operation. Unfortunately there are ways to hide your IP address so some spammers are nearly impossible to block. It appears that these spammers haven’t mastered that one yet and hopefully they will not. This is why it’s so important to get those posts down as soon as possible. If you create the illusion of strong moderation, they will give up and go elsewhere.
The only way to end spamming once and for all is for everybody to realize that there isn’t an easy way to get rich and stop falling for the spam. Take the money out of it and the spammers will be unable to operate.

2hotel9
October 1, 2022 6:11 am

Not changing anything. Most here know my comments, if suddenly “I” start sounding like a leftarded treehugger it will be quite obvious to all concerned.

Gunga Din
October 1, 2022 10:20 am

Am I correct in saying if a user name is spotted as being a victim then they’d get an email from WUWT warning them (if possible)?
Just asking.

johnbuk
October 1, 2022 12:03 pm

Griff? Is that you? How many Bitcoins?

observa
Reply to  johnbuk
October 1, 2022 9:17 pm

Griff’s will be easy to detect as it will be carbon aware. Err…no…hang on a minute…
Windows Update is now carbon aware (microsoft.com)

Mark D
Reply to  observa
October 3, 2022 5:41 am

Yet another reason to love my Linux.

mal
October 1, 2022 8:00 pm

Thanks for the info and will do. Oh sorry looks like I already have! In any case thanks for the info, it looks like my yahoo account is just for junk, PERIOD!

Last edited 2 months ago by mal
Oddgeir
October 7, 2022 2:28 pm

So this is why my hard work disappeared in cyberspace. Darned!

Oddgeir

%d bloggers like this: