azurite: (cat: what the shit is this!?)
Okay, so WikiFic's spam problem is a LOT worse than I initially thought it was. I implemented a captcha requirement for all new accounts (using ReCaptcha, no less, not just some lame funky image captcha, or numeric captcha!), but poseur accounts are still getting created.

The spam blacklist isn't helping with the fake pages (which relate to diet stuff or new jobs), and in trying to delete the fake pages after properly installing Bad Behavior 2 and the Bad Behavior 2 Extended extensions, I myself have gotten blocked!

Fixed??? )

ETA: Fixed... sort of. Turns out the issue was with 2 lines of whitespace after the closing PHP tag, which has since been fixed. Bad Behavior is now working, along with the BB2 Extended Special: page, but I've got a truckload of spam pages in the Recent Changes history, which I'm stuck deleting individually, by hand.

The problem is, there are these lines for including a Database Functions file:

include_once( 'includes/DatabaseFunctions.php' );

that are repeated, and I think that's causing the cleanup.php script to fail with the above error. I don't want to render Bad Behavior (which has that line in it, in LocalSettings.php and in somewhere else...I thought the bad-behavior-mediawiki.php file, but maybe since I updated it to the latest version, not?

ETA: Actually, it's because one version of the line was formatted like so:

include_once( './includes/DatabaseFunctions.php' );

(notice the "./"), but when I changed it to:

include_once( 'includes/DatabaseFunctions.php' );

the script ran just fine.

However, I'm still stuck with a truckload of spam pages that have already been created, as well as pages caught by the cleanup script and blanked out.

Anyone know of another way to delete (not just blank-out, as I've been doing with the Spam Blacklist cleanup.php script) pages en masse? It seems like these are all on a specific date, and it'd be nice to have an extension that allows me to tick boxes of pages created on a specified date and delete all the pages I check off, or something like that. Anyone know of something like that, or similar?
azurite: (don't fuck with eagles)
Day 3 of the Repo Men hunt saw an influx of spam on the #repomen channel on Twitter, with known spammers (auto-bots) likely trying to protect the whereabouts of #repowill (Will La Ferriere), who went on-grid after he failed to complete a task for Groundswell, Inc. He was last known to be in Nashville, IL traveling at 39 MPH (likely in a car). His most recent purchase was for an Amtrak ticket, but no Amtrak stations are within walking distance of his location on Mission Rd. near the South Side Sports Bar. However, there are several within a short drive's distance.

Because it was a $121 credit purchase, it's possible he actually made the purchase a few days ago, but that doesn't mean the ticket couldn't have been used for a trip today.

The (currently) known spammer/bot list:
@Toga_Bot (possibly unrelated, but it picked up on the use of TOGA! in some of the spam tweets and kept the cycle going)

These bots will respond in a flood to any Tweets with the #repomen or #repowill hashtag, usually with links to the Repo Men trailer on YouTube or another YT link (that is dead/incorrectly written), or a lot of gibberish or repetitive words.

As many of these bots have been reported for spam and blocked as possible; please continue to do so to help keep the #repomen channel clean. I've also communicated with @TheUnionCares to assist in this issue, if it's possible.

I've created a private List containing all these spammers, but I'd be happy to make it public if it would help in any way.

More coming soon.
azurite: (submit to the webmistress!)
I watched MSNBC's "To Catch an ID Thief" a while ago, and while the year-long investigative report uncovered just how twisted and international identity theft can be, it wasn't conclusive-- no one got "caught" or "busted," and the real person(s) behind the mass of thefts (Wendy Kenyon) never got unmasked or brought to justice, either.

Fact is, with the ability to make up any name and grab any picture from the Internet, anyone can be anyone else. Knowing that any one of millions of people could pretend to be anyone else, and that they can be anywhere in the world, and the likelihood of being extradited and prosecuted is less than 1%, the fault can't lie entirely with them.

Fact is, people are stupid. It's a sad and unfortunate truth. But it's not a bad thing to want to help others, to help them NOT get caught in "international crime rings" and have to put up with all the stress and time lost associated with identity theft. I know because I've been there.

Sure, I didn't go through as much as some of the people featured on the show, but that could mean either I got lucky (my hacker wasn't as "smart" as some of the scam artists in Nigeria and Benin) or I was smarter. I don't mean to sound egotistical, but unlike them, I would never wire thousands of dollars to someone I'd never met, believe their story about being in a car accident and need money for a hand operation, or ship packages for thousands of dollars in fees to a place in Africa. Why doesn't ANY of that sound suspicious? How can someone hear all that and not have bells and whistles and alarms going off in their brain?

That's what baffles me the most, I guess.

See, I have people that I trust-- people I know in real life, that I've met, and that I think have earned my trust. There are also people online --people I've never met in real life-- that I trust, but it's a different kind of relationship there, and a different kind of trust earned. It's true that if any of them said they were in trouble and needed help, I would want to in a New York minute, but I'd want to do it in a way that I can trust-- not wiring money and not knowing where it's going, who's getting it, or what it's getting used for.

It's also surprising that people with relatively comfortable lives buy into this kind of scam, too. Whether it's single guys or guys with marriage issues, they believe that some beautiful porn-esque model has her own business that involves shipping pricey electronics to Africa? And luv luv luvs them sooooo much? Seriously, wake up and smell the manure, folks. There's nothing honest, pitiful, or reasonable about ANY of that. Women buy into it too, thinking some nice, handsome guy needs their help-- and they give their time, money, good name, credit, and who knows what else without ever bothering to MEET the damn guy. I see that as the height of gullibility. Don't buy into B.S. like this, guys AND girls.

More stuff you can do to protect yourself:
* Don't use the same password for every account you have. It should be obvious why. If you use the same account for your email that you do for your account, which has your credit card saved on it, and someone gets into your email account because your password was made up of words that can be found in a dictionary, with no symbols and numbers that are in a row (for example 'dogcat456'), you're more or less screwed. If you do use the same password anywhere, make it no more than 5 times, and NEVER for the same category of accounts, especially if those accounts are emails and/or sites that have bank or credit information on it (e.g. PayPal, bank accounts, shopping sites). So you can use the same password for fanfic sites, but not for email accounts, if you have more than one.

* You should change up your username, too, even if you keep some parts the same. For example, I'm the_sweet here, the-sweet on DeviantART, Azurite in a lot of places... and I have tons of other usernames elsewhere.

* It also helps to have multiple email addresses too-- not just to sort out email you want from spam, but also to vary up what information is where. Any important accounts (e.g. bank accounts, PayPal, etc.) should always have "Additional Email Addresses" on file, because should someone manage to hack into your account, you want to be notified of any changes.

* Check any accounts that have money attached to them (again, bank accounts, PayPal, shopping sites) regularly to make sure there are no suspicious charges. Even if you have complex passwords, only copy-paste them rather than type them, regularly change your usernames and/or passwords, STILL check the account. You never know when information can accidentally slip through the cracks, as a result of using a public computer, spyware, or even someone you think you can trust (e.g. a sales clerk, a server at a restaurant, etc.) CHECK REGULARLY. Cheesy as it sounds, balance your checkbook, too. Account for every transaction so that when something fishy DOES come up, you can recognize it immediately. Not all fraudulent charges are made for hundreds or thousands of dollars-- hackers and scammers may do a "test run" of a card to see if it's any good. And make sure to call your bank, PayPal, and/or your credit card company if you see something strange. "Better safe than sorry." I know some people think caution can be a pain in the ass, but if it ends up saving you thousands of dollars and days of time, isn't it worth it? Also make sure to get your annual free credit report to make sure nothing's slipped your notice.

Hope that helps!

January 2016

171819 20212223

Most Popular Tags

Page generated Sep. 25th, 2017 11:37 am
Powered by Dreamwidth Studios