The Year of the Spammers

[DerVVulfman]

Dear friends,

Do not be alarmed that a good number of accounts have been banned since the middle of the month.  For none of these accounts belong to members who stayed for anything longer than twelve seconds.  In fact, one account was created in so brief a period of time, the time spend online actually displays None Registered. A very interesting occurrence if one indeed wished to be a member of the community.

But no.  None of these accounts belong to anyone wishing to join the community, and more than half either heralding from or associated with a single nation. And all of these, likely computer generated spambots.  Oh, I doubt they will return any time soon. But if a human operator accesses these accounts now banned, I hope they will appreciate their new custom membership avatar:

As to the timing of why more bots would wish to access any site, I believe that their rise coincides with the start of the U.S. Election Year. Upon checking the IP addresses of the spam-bots that have entered and those who are constantly viewing the "No Permission Page" having been shut out for spam activity, I have no illusions why spam content would be set to explode. 

However, the use of anti-spam software is online, and I strengthened the Security Questions system, removing the two weakest queries and replacing them with questions that comically may actually confuse AI-driven systems. Since added just yesterday, 75 registration attempts with these 'actually simple' questions were made, halting bot access and activity.

So please be at ease.  In no way will bot spam be allowed within the forum. And if any case of spam activity within forum posts or PMs (Private Messages) have occurred, feel free to send a report for it to be handled.

[DerVVulfman]

Dear Friends,

Likely you will see that a dozen of accounts were created within the past three days. Yes, these all clearly appear to be spam related. Upon joining, not a one had stayed online for longer than five seconds while some had no apparent trackable online time at all.

Also, these members are using verified eMail provider, or a new eMail provider that I had checked and verified that it is not a disposable service. However, the current services that determine if an eMail given is valid currently cannot verify this new provider now being used. I assume it is only a matter of time if the service will be able to determine the validity of these eMail addresses, whether proper or if designed for 'send-only' spam accounts.

These new accounts are indeed being checked daily. As of one-hour ago (of this post), one of the accounts that came in with a clean IP address had now begun improper online activities and was reported for actual hacking, attempting to breach security and hack their member-base. Not only is their registration IP being tracked, but any IP address they use thereafter. It is this second IP address that the fore-mentioned member used within this forum that he/she used for such illicit and immoral activities.

As towards the new security questions put to use, I can safely say that those that created accounts within the past three days had not been able to answer. This suggests that the way the questions were formed does indeed confuse and prohibit AI-based systems from entry. Rather proud, I may need to ponder others.

Again, security is always a top priority.

If you receive any unwanted or suspicious PMs (Private Messages) through this board, please notify administration.

[DerVVulfman]

Dear Friends,

Your eyes do not deceive you.  There are more members appearing, and only a small number of those are spammers.  I see this as no coincidence as we have a large number of RPGMaker XP resources and archives from a couple now-lost sites, and that RPGMaker XP has gone on sale (for free) at steam.  So most of these appear as fresh new members to the community.

Now, if these new members were to make a welcoming post within announcements, their accounts would become fully active and not under the 'newcomer' category.

As towards those who had come in last week, new tools had appeared for post-registration testing purposes. And all those that appeared to be spam-related accounts proved themselves. After joining, some waited a week before beginning spam activity which included  100+ reports of Brute Force attacks and webspam.

On top of that, three more of the security questions have been altered/updated with certain conditions that appear to be thwarting AI-based recognition systems.  In otherwords, a small change confused good number of the bots.  Daily checks of the number of correct and incorrect answers verified this.

So yes, security for our membership is always a top priority.