Spam, Spam and more Spam

tadman's Avatar

tadman

21 Jan, 2017 07:22 AM

I'm not sure what's happened but lately I'm getting a lot of "support" spam for CAD services, fixing printers, and just now, some kind of obviously fraudulent thing about "Windows Mail Helpline Number Australia".

Normally the filters here seem to do their job, but they're completely ignoring these for some reason. Is there any way to get the filters made a little smarter? These messages are nothing like usual support mail.

  1. 1 Posted by tadman on 23 Jan, 2017 05:02 PM

    tadman's Avatar

    Getting even more of these today. This is completely out of control.

  2. Support Staff 2 Posted by brandi on 24 Jan, 2017 11:40 PM

    brandi's Avatar

    Hi Scott,

    Can you please provide some links to these discussions? How many is a lot?

    Thanks,
    Brandi

  3. 3 Posted by tadman on 07 Feb, 2017 06:58 AM

    tadman's Avatar

    Today I got three more. This is getting absolutely ridiculous. I don't know what changed but where I used to get one every six or so months now I'm getting multiple messages per day.

    Your spam detection system is completely failing here.

    http://help.postageapp.com/discussions/suggestions/948-yahoo-websit...
    http://help.postageapp.com/discussions/support/3866-get-yahoo-custo...

    There's a bot obviously stuffing these in there. Ban that URL. This can't be hard.

  4. 4 Posted by tadman on 07 Feb, 2017 09:09 AM

    tadman's Avatar
  5. Support Staff 5 Posted by Courtenay on 09 Feb, 2017 10:21 PM

    Courtenay's Avatar

    wow! it's not even a bot - it's a person doing those manually. That's probably why you're getting 2 or 4 and not 40.

  6. Support Staff 6 Posted by Courtenay on 09 Feb, 2017 10:32 PM

    Courtenay's Avatar

    I've added a few more keys to the spam checker - including some specific pattern matchers on those support numbers and on the support sites. hopefully this will cut it down a bit, but dang they actually have someone typing those manually each time.

  7. 7 Posted by tadman on 09 Feb, 2017 11:36 PM

    tadman's Avatar

    Some people are really tenacious, I know, I'm having to fight battles like that myself.

    I've seen a sharp uptick in "scripted browser spam" in the last few years, where it's presumably a human with a lot of macros to help facilitate this. It's really hard to suppress without having better filters to trap certain behaviours.

    Thanks for looking into this. It's usually not a problem, your filters do the job, but this particular pattern has been getting through with irritating frequency.

  8. brandi closed this discussion on 29 Mar, 2017 07:40 PM.

  9. tadman re-opened this discussion on 03 Apr, 2017 05:56 PM

  10. 8 Posted by tadman on 03 Apr, 2017 05:56 PM

    tadman's Avatar

    I'm still getting these, so if there's anything you can do to block these that would help considerably. Normally support emails are quite urgent, but these are anything but and they're highly disruptive.

  11. Support Staff 9 Posted by Courtenay on 06 Apr, 2017 01:27 AM

    Courtenay's Avatar

    You have disabled your captcha for new users, so if you go into settings http://postageapp.tenderapp.com/settings/index and turn on recaptcha, that will help somewhat!

  12. 10 Posted by tadman on 19 Apr, 2017 06:30 PM

    tadman's Avatar

    A captcha is really a barrier of last resort. Isn't there a way on the Tender side to detect these? The URLs they spam out should be easy to black-list, they're very distinct:

    http://www.email-customerservice.com/
    http://www.email-customerservice.com/facebook-support.html
    http://www.tollfree-help-number.com/brother-printer.php
    http://www.emailphonenumber.org/yahoo-helpline-number.html

    We can't be the only customer impacted by this. There's an unending stream of these that trickles in day after day with the same basic link in them.

  13. Support Staff 11 Posted by Courtenay on 20 Apr, 2017 02:57 AM

    Courtenay's Avatar

    That's four, but they have thousands. They change every day. We do catch some things like their toll-free phone numbers and more general patterns in their urls. We also do heavy monitoring of IP addresses with a global comment spam registry. This works but often they're using a new IP and it takes a bit for it to register.

    However, they have people manually entering these with a copy/paste and they just keep trying until something works. If captcha is turned on it dramatically reduces the volume - they only are able to make a few comments before they're blocked. Please turn on captcha because it slows them down to a tenth of the speed or stops them completely. Captcha isn't checked on existing users and if you have SSO turned on it doesn't check those either.

  14. Support Staff 12 Posted by Courtenay on 20 Apr, 2017 03:06 AM

    Courtenay's Avatar

    I should clarify I added a few more behavioral checks and regexes to the spam checks

  15. Courtenay closed this discussion on 20 Apr, 2017 03:06 AM.

  16. tadman re-opened this discussion on 04 May, 2017 09:11 PM

  17. 13 Posted by tadman on 04 May, 2017 09:11 PM

    tadman's Avatar

    Since this is an unrelenting deluge of garbage, I'm adding more here just from today:

    http://www.smartsnake.net/apple-technical-support/
    http://www.customer-helpnumber.com/office-365-support.html
    http://www.customer-helpnumber.com/outlook-support.html
    http://www.smartsnake.net/asus-technical-support/
    http://www.email-helpnumber.com/safari-browser-support.html

    Based on what I'm seeing here, if you scanned all sorts of first-time posts by people that contained both phone numbers, URLs with "help" or "support" in them, and image attachments you would probably have a pretty narrow set to work with.

    I know turning on a captcha is potentially a solution here, but they're extremely inconvenient for customers to use. Already it's a bit of a barrier to get them to sign up for TenderApp in the first place.

  18. 14 Posted by tadman on 04 May, 2017 09:13 PM

    tadman's Avatar

    Even sifting through URLs in conversations marked as spam that contain "support" would probably pull out 95% of the ones they've used for this junk.

  19. Support Staff 15 Posted by Courtenay on 05 May, 2017 01:09 AM

    Courtenay's Avatar

    The problem is that the sorts of words and phrases spammers are using in these are very similar to the sorts of words customers are entering.

    The immediate solution is to turn on the google captcha (recaptcha). For most people who are new to tender as users, they just get a 'i'm not a robot' button. Once they have a few comments or any one single comment replied-to by a support staff the captcha goes away.

  20. Support Staff 16 Posted by Courtenay on 05 May, 2017 01:14 AM

    Courtenay's Avatar

    Oh, and people don't have to 'sign up' for tender, they can just enter an email address for reply notification and not create an account. They can also alternatively email you. It was designed that way because we had the same hatred of having to sign up just to make an issue!

    I've added some more regexes like these that should catch a lot of the URLs, and some wider checks for unique way they post 1-800 numbers /(brother|hp|apple|facebook|yahoo|safari|office|outlook)-(printer|browser|technical|email|365)-support/

  21. 17 Posted by tadman on 05 May, 2017 01:18 AM

    tadman's Avatar

    I've turned on the Recapcha for now, hopefully that will help. Thanks for shoring up that a bit better, this seems epidemic and now I'm seeing other junk filter through. Looks like you're famous enough to be a target!

  22. 18 Posted by tadman on 05 May, 2017 01:19 AM

    tadman's Avatar

    Thanks for having a go at this. Support emails are usually super important, but these are anything but.

  23. 19 Posted by tadman on 08 May, 2017 06:00 PM

    tadman's Avatar

    After using the Captcha option I'm still getting notifications for junk like this, but it's of a different form:

    "The discussion 1-800-986-4764 apple support phone number | apple customer service toll free number | apple support number toll free was created by [email blocked] but he/she did not log in."

    Is this an inquiry sent via email to the support address? It looks like the spam filter caught it, but it's still generating email notifications.

Discussions are closed to public comments.
If you need help with Tender please start a new discussion.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

17 Jul, 2017 10:30 PM
16 Jul, 2017 10:44 AM
13 Jul, 2017 06:38 PM
25 Jun, 2017 08:56 PM
15 Jun, 2017 08:35 PM