WordPress Payment Scan spam
-
Hello STAFF, this is a FYI only, in case yu or anyone else didn’t know.
[spam comment]
WP.com: Yes
Jetpack: No
Correct account: YesThe blog I need help with is: (visible only to logged in users)
-
Clearly a scam as the 2 days us up and I’m still alive!
Just like the Bitcoin sextortion scams that pop up now and again.SCREEN SHOT
-
Hi there, thanks for the heads up. If you mark this as spam (as you seem to have correctly done already) that will allow us to train our spam filters so we can get better about catching these.
Thanks!
-
allow us to train our spam filters so we can get better about catching these
For sure @staff-totoro.
However, so far I have had 2, different (fake) email accounts but same IP so chances are this is more bot driven spam. You may need to train your system to look for repeating or recurring IP’s else she will be always be behind the 8 ball, blocking a never ending series of auto generated, one off Emails but never winning.
Just a though.
Happy year of the Rabbit.Apart from the initial confirmation of question, seems I am not getting follow up email notifications any more despite having ticked the notify me etc box?
Any thoughts there please? -
For sure @staff-totoro.
However, so far I have had 2, different (fake) email accounts but same IP so chances are this is more bot driven spam. You may need to train your system to look for repeating or recurring IP’s else she will be always be behind the 8 ball, blocking a never ending series of auto generated, one off Emails but never winning.
Just a though.
Happy year of the Rabbit.Absolutely, the mark-as-spam option aids in this. Any time you can mark a spam comment as spam is appreciated, as it does help!
Apart from the initial confirmation of question, seems I am not getting follow up email notifications any more despite having ticked the notify me etc box?
Any thoughts there please?Just to check, which notifications in particular are you not receiving? Was this for this particular forum topic, the forums in general, or comments on blog posts?
-
Just to check, which notifications in particular are you not receiving? Was this for this particular forum topic, the forums in general, or comments on blog posts?
Ahh yes, it was a bit vague, but, I know you would be replying @staff-95percentghost and expected you to use your ethereal powers to know that.
I was meaning this forum, the help forum and the issue began with my last post re dodgy embed etc and the TEST website. Which was why I missed the final reply, I think it was your, and wrote an any progress follow up.
But, mysteriously, this time I DID receive notification of your reply, but not the one before from @staff-totoro . Seems it has been fixed now!
Of course, in theory, it should’ve been t’other way round – if one believes in ghosts, 96% or not.
Thx team.
-
@staff-totoro
RE SPAM
Now THIS is an interesting and clever development~
[more spam! this one pretending to have a wp.com email]
-
@staff-totoro
Sorry oversensitive mouse – sent prematurely.
If I read it right, adding 37.19.199.151 to my “black list” In settings > comments > disallowed comments should block that IP. Am I right?
If so, it doesn’t – at least not any more.
Both it and the Eastern European IP are blocked but still slipping through.Cheers P
-
Hi there,
IP address blocking is sometimes an inexact science, especially in this case where we’re scanning comments as the come in (for a matching IP) and not performing a full traffic block of that IP at the server level.
With that in mind you may also need to use a combination of strategies to block these comments. I would recommend that you also focus on specific words that these commenters use that is unique to the spam content, and not something you see in legitimate comments to your site. For example if they mention a web address in their message, that is a good thing to add to the disallowed list.
Hope that helps. Please let us know if you have any more questions.
-
Thanks @staff-totoro, I had considered that but was cautious against the possibility of blocking legit comments. Those promoting bot financial schemes are easy, but others are pretty crafty.
Your suggestion of a website is interesting, but, excuse my ignorance, would .com then not exclude any other comment with that?
I wondered about: “FREE Shipping – TODAY ONLY!” not many of my followers would use that, but, does it not then block all 4 words?
I did not receive any notification of your reply in my email again, however, I DID receive one for @staff-95percentghost’s previous reply?
Are your settings excluding notifications?Thnx
P -
I wondered about: “FREE Shipping – TODAY ONLY!” not many of my followers would use that, but, does it not then block all 4 words?
Yes, it would block all comments that would have any of those words within. Looking at that example, you could start with
shippingand see how that works. It can be challenging to find the right words that would not spam legitimate comments, but you would be able to review them in the comments trash section to make sure it was not catching legitimate ones.Currently your Discussion settings are set to require all comments to be approved, so you are assured that none will get though by mistake. Any that are spam, do mark them as spam as we have mentioned. Our spam system looks at a number of different things and areas to determine spam, and is quite good at what it does.
I did not receive any notification of your reply in my email again, however, I DID receive one for @staff-95percentghost’s previous reply?
Are your settings excluding notifications?The settings are for the forums, not for individual staff members, so as long as you have set it when you commented on the thread, to get notification of new replies, you should get those. That setting should remain until you choose otherwise or the thread is closed.
You may want to check your email spam, just in case to make sure they were not caught there, if you have not already.
-
Hello @thesacredpath, lets start with notifications.
Do you mean the little box, bottom left of this form that says:
Tags:
Notify me of new replies.
If yes, then that box is ticked and I see the thread is still open. Nope, nothing in my SPAM box. Again, it is curious that I DID receive notification for 95% Ghost’s reply, but not Totota nor you.
SPAM
Is the spam catcher case sensitive?
I see most SPAM can’t resist the temptation to use CAPS – whereas it seems most humans do not.If I were to use the web address, (domain name) as suggested by Totora, would THAT also stop any words included in the URL?
One series appears to be using robot generated different wordpress.com email accounts but both the IP and url (www.bbc.com) are static. Would blocking that work or would I end up blocking each word again?
Cheers
p
-
Hello there,
If yes, then that box is ticked and I see the thread is still open. Nope, nothing in my SPAM box. Again, it is curious that I DID receive notification for 95% Ghost’s reply, but not Totota nor you.
Many thanks for that confirmation – we’re taking a look at this a bit more closely.
If I were to use the web address, (domain name) as suggested by Totora, would THAT also stop any words included in the URL?
Is the spam catcher case sensitive?
If I were to use the web address, (domain name) as suggested by Totora, would THAT also stop any words included in the URL?The way Akismet works is actually quite secretive, to ensure the system is not compromised.
I wouldn’t be able to answer the above as a result.
What I can tell you is that, the more you mark spam as spam the better, as it’s something that’s constantly learning.
My advice would be to mark spam comments as such to help reduce the spam coming in.
I know that doesn’t offer a lot of information, but I do hope it’s helpful.
-
@thesacredpath – Hello, tried adding FREE shipping to the black list last week.
Sadly it seemed to fail as today I receive exactly the same comment.
To add insult, the great secret spam super shredder only binned it, failed to mark it as SPAM. Be great if we could block entire regions, countries~“If the learner (spam machine) hasn’t learnt, the master hasn’t taught”
-
Hi @146386q , honestly I’d worry less about using the allow/deny list features and more on just mashing that spam button if they come through. Akismet will spot their patterns soon, and then you’ll only see them in your “spam” folder that gets emptied out automatically.
If these are getting automatically approved so they show up publicly on your site, and not just in your “pending” comments area, you may want to tighten up the moderation controls for a bit.
Also, so they can’t succeed in spreading their links, I’m going to go ahead and redact their info from your posts here.
-
… there. I’ve redacted those. Going forward, if you want to share a concerning spam message that keeps getting through in spite of you hitting that spam button on similar messages, you can leave it in your moderation queue and update us here; as staff we can have a look. Thanks!
- The topic ‘WordPress Payment Scan spam’ is closed to new replies.
WordPress.com Forums 