Spammers
-
Last night our forum was polluted with a large number of spam messages.
Apparently it is too easy for those criminals to gain access to this portal.
As far as I know, access to the forum is only possible if you also have an account on MRA Planner. These spammers even took the trouble to do that.
Is it an idea to add an extra threshold by also requiring one or more (public) routes to be included in the personal library? -
@Jack-van-Tilburg We will discuss this
-
Being forced to publish a route means learning the system, and a real user's first post might be 'How do I ...', i.e. it's quite possible they're not up to speed on how to create a route.
I think the recent posts were immediately after getting an account confirmed, so a simple 24 hour delay on posting might stop the obvious ones.
Most forums will have spam detection using name, email, IP location, and flag up the dodgy-looking ones for manual acceptance, so maybe MRA were a bit unlucky this time around. Although a username with 'fnaf security breach' would ring bells for me!
A secondary check is to have some simple 'challenge' questions/checks: "What does MRA stand for?'. 'Orange is the national colour of which country?', 'Type the satnav company with a repeating name'. The trouble there is that bots can answer those questions, but if you do keep modifying them slightly, you can keep ahead of the spammers.
-
@richtea999, I understand your reasoning. However I think a 24 hour delay poses a bigger obstacle for newcomers then the suggested obligated presence of a route (a rout is present from the moment you have clicked on "create new route", even if there are no waypoints in it. On the other side, the forum software will likely have no option for checking the presence of a route, so that will most have to be custom built. Checking countries and IP numbers is undoable for a forum with members all over the planet. I think a challenge will likely be easiest, but I like @Jack-van-Tilburg his suggestion. After all there are great devs behind the forum
And a pinned topic could explain how to get write access to the forum. -
Or allow access only after an admin check.
iPhone 12 pro (iOS 17.0.2)
Oukitel RT3 (Andr. 12)
Samsung Galaxy XCover 4 (Andr. 9 Pie)
Wireless CarPlay mit (Elebest C650)
Wired CarPlay (SEAT Arona - 2021)
TomTom Rider u. MyRoute-app Hilfe Gruppe -
We have a new one by the name of HANNA BAKER
I am not affiliated with MyRoute-App. The help I am offering is entirely voluntary.
I am just an enthusiastic user, and hope you will be one too!Most motorcycle problems are caused by the nut that connects the handlebar to the saddle.
-
@Con-Hennekens Gone now
-
-
Let’s put things into perspective.
We have about 150,000 users of this forum and occasionally we have a spam post that is normally dealt with very quickly by me or one of the other admins.
I would rather @Corjan-Meijerink spent his precious time dedicated to developing the app rather than trying to create security barriers for this forum.
We are very grateful to you all for flagging suspicious posts and to be honest I think that this is the way that we should continue.Always willing to help if I can.
Triumph Tiger 1200 XRT called Tina.
MRA Navigation and SilverFox bar buttons.
Quadlock wireless mount for IPhone 11.
Cardo Scala Packtalk Bold.
TomTom Rider 500. (In the cupboard now) -
@Nick-Carthew
I am fine with it.
But this is also about user protection.
I have been an IT professional for too long. And know that people simply click on links. And that can have very harmful consequences. -
I understand what you are saying @Jack-van-Tilburg and I appreciate your concern for the forum users, so thank you.
-
@Jack-van-Tilburg i copy that. We should think of something really simple to stop those @#£%%^&*
Littele protection is only vood until one of those uses the forum for a pfishing attack
-
@Nick-Carthew, I'll keep flaging as much as I can
-
@Corjan-Meijerink maybe introducing 2FA for the Forum would be a solution
-
And the spammers are becoming more and more sophisticated
It is the second time that I have seen spam in a message within an existing topic with text that could well fit within the topic. This time the link is very trickyly hidden.
Drift Hunters is a browser-based drifting game
Adequate reaction, the message is removed
-
@Jack-van-Tilburg Thanks for reporting this
