Dispatch from the Spam front

Share this content

AccountingWEB editor John Stokdyk reports on the aftermath of a torrid weekend battling evildoers and their dodgy HD video streaming services.

Dateline 29 June, Bristol - If you visited AccountingWEB over the weekend (27-8 June), you may have encountered a profusion of unwanted invitations to view HD films of dubious quality.

Please be assured this is not our usual weekend fare and we apologising unreservedly if the experience spoiled your enjoyment of AccountingWEB. For the past few weeks, our site has been the target of malicious spammers and for a 24hr period this weekend, they undoubtedly had the upper hand.

There have been minor skirmishes going back several months as the spammers probed our defences, and the weekend before last they staged an incursion on to our blog page, forcing us to shut down that facility temporarily.

This weekend, we faced a sustained assault on all the interactive corners of the site: Any Answers, Blogs and Discussion Groups. We had received warnings from members - for which we are very thankful - but had felt our preventive measures were adequate.

On this point we were mistaken. The attack was clearly conducted by determined people operating at odd hours of the weekend. Once we noticed the scale of the attack, it was dealt with reasonably swiftly, but we were forced to temporarily suspend new registrations to block any further activity.

Our technical team is reviewing the nature of this attack and looking into how we can strengthen our defences, and in response to exhortations from the members affected by the outbreak, we will also be beefing up our regime for monitoring site activity, which will get reported to our 24/7 on-call team. As an additional measure, we will also be reintroducing CAPTCHA on all comments to deter spammers. 

Please do bear in mind that we have many layers of security within our server systems, including an enterprise-level content moderation web service. While we will try our utmost to prevent a similar outbreak happening again, we have seen that we can’t always beat them with technological defences alone.

As our Community Manager and other AccountingWEB members have pointed out, we are involved in a never-ending game of cat-and-mouse with spammers. We generally enjoy a pretty high degree of spam-free activity on the site - but this weekend was a lesson to remind us not to be complacent.

We would like to thank all the community members who alerted us to the outbreak. We do care about what happens on the site at all times and will take on board many of the comments that were posted by actual AccountingWEB members over the weekend. 

About John Stokdyk

John Stokdyk, AccountingWEB head of insight

AccountingWEB’s Head of Insight has been with the site since 1999 and likes to spend his time studying accountants’ technology habits. When not nerding out, you can find him exploring obscure indie music and searching for the perfect organic sourdough loaf from his base in Brighton, UK.

Replies

Please login or register to join the discussion.

avatar
29th Jun 2015 14:29

Suggestion

CAPTCHA can be a bit of a pain for users and can often be gotten around by a half decent bot. Have you looked at Akismet? It's a very good anti-spam service which reviews posts and flags/holds back posts that look like spam for review. It's very popular across the Wordpress platform and has extensive experience from that.

Thanks (0)
29th Jun 2015 15:58

Suggestion noted!

Thanks! We'll be having a sit down to discuss the best way to prevent from happening and I'll be sure to mention your suggestion! Thank you kindly!

Thanks (0)
avatar
By Fizzy
30th Jun 2015 06:29

And yet if it hadn't had the potential for pissingp*ssing off their advertisers so greatly I doubt they'd have bothered to stir themselves before mid-week. 

Thanks (0)
30th Jun 2015 09:41

Hi Fizzy

We all care for AccountingWEB here. We're a passionate bunch. We have commercial interests sure, but we know that without our members this site is nothing. That's why we took time from our Sundays and evenings to clean up the mess caused by the spam. I welcome your criticism because it's what makes AccountingWEB such a great site and we'll continue to strive to maintain a site where you're free to criticise us as you see fit.

Cheers and enjoy the beautiful weather! 

François

Thanks (0)
avatar
By JC
30th Jun 2015 08:49

Analyse what has been happening …

Has anyone actually analysed what has been happening?

Simple things such as

- Days & times of day when this occurs

- Rapidity / speed of repeat posts to guess as to whether they are user input or machine generated

– Would suggest that most posts are manual rather than automatic because machine generated posts would flood in very much quicker (say 200-300+ per minute or more - last screenscrape I did dealt with around 10,000 complex pages/hr); but don't really have the stats so only a guess

– For manual entries, CAPTCHA is pretty much worthless because it only really works well with blocking machine generated postings. After all a manual poster can simply enter the code

- Restrict user repeat postings to say 10 per hour (should cover most people)

- Sandbox new users over the weekend or out of office times

None of this is rocket science but once the situation has been assessed is a start to limiting the impact of hackers/spammers

Thanks (0)
30th Jun 2015 09:43

Hi JC

Thanks for taking the time to write to us with your advice, it's most welcome. I've literally copy and pasted your comment verbatim and will check it against the protocols we've already implemented. We've a gone a long way towards fixing the problem. 

Cheers, 

F

Thanks (0)
02nd Jul 2015 18:08

A further update from the publisher

Some of our countermeasures have caused almost as much consternation as the week-long attack. The main problem has been caused by members of good standing having their comments rejected by an over-officious electronic defence mechanism.

If you have been caught in this net, our publisher Ben Smith has posted an explanation in Any Answers with advice about what to do.

Thanks (0)

Related content