Forum spam

A post containing spam links.

Forum spam is the creating of messages that are advertisements, abusive, or otherwise unwanted on Internet forums. It is generally done by automated spambots, or manually with unscrupulous intentions.

Types of spam

Forum spambots surf the web, looking for guestbooks, wikis, blogs, forums and any other web forms to submit spam links to. These spambots often use OCR technology to bypass CAPTCHAs present. Some spam messages are targeted towards readers and can involve techniques of target marketing or even phishing, making it hard to tell real posts from the bot generated ones. Not all of the spam posts are meant for the readers; some spam messages are simply hyperlinks intended to boost search engine ranking.

Most forum spam consists of links to external sites, with the dual goals of increasing search engine visibility in highly competitive areas such as weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating more traffic for these commercial websites. Some of these links contain code to track the spambot's identity if a sale goes through, when the spammer behind the spambot works on commission.

Spam posts may contain anything from a single link, to dozens of links. Text content is minimal, usually innocuous and unrelated to the forum's topic, or in a very old thread that is revived by the spammer solely for the purpose of spamming links. Some text is included to prevent the post being caught by automated spam filters that prevent posts which consist solely of external links from being submitted. Full banner advertisements have also been reported.^{[by whom?]}

Alternatively, the spam links are posted in the user's signature, in which case the spambot will never post. The link sits quietly in the signature field, where it is more likely to be harvested by search engine spiders than discovered by forum administrators and moderators.

Since November 2006, a very destructive forum and wiki spam attack has been propagated by inserting into comments redirect domains with an automated posting script like XRumer. These domains redirect a user to pornographic websites. If a user clicks on the image or attempts to close the Website an ActiveX codec will be downloaded as a Zlob Trojan. The spambot can often bypass many of the safeguards administrators use to reduce the amount of spam posted.

Effects of spam

Spam prevention and deletions measurably increase the workload of forum administrators and moderators. The amount of time and resources spent keeping a forum spam free contributes significantly to labor cost, and the skill required in the running of a public forum. Marginally profitable or smaller forums may be permanently closed by administrators.

Administrators may block the ip address of the spammer and in severe cases the whole ip rage from that internet gateway provider. Thus a lack of connection from that spammers location, and neighbors will not have those resources, information, and access to the domain, or a server which house hundreds of websites, the administrators has the option to block from an entire region. Thus the spammer interferes with their communities - family and friends - internet connections and its resources that too will be blocked from.

Spam prevention

• Blacklists: Services such as Stop Forum Spam keep databases of the IP addresses and e-mail addresses used to post spam or register forum accounts. Forum software can query these lists and either deny posts or registration, or submit the request for human moderation. This is similar to DNSBL services.
• Flood control: This forces users to wait for a short interval between making posts to the forum, thus preventing spambots from flooding the forum with repeated spam messages.
• Registration control:
  • Some forums employ CAPTCHA (visual confirmation) routines on their registration pages to prevent spambots carrying out automated registrations. Simple CAPTCHA systems which display alphanumeric characters have proven vulnerable to optical character recognition software but those that scramble the characters appear to be far more effective.
  • Alternative is Textual Confirmation, where the user answers one or more random questions to prove he/she is not a spambot.
  • Forums have a feature where they send an e-mail to users who registered, either containing the password used to log in or an activation code/link.
  • Some forums have required registration approval where the administrator has to approve accounts.
• Authoritative voice: Using an external filtering service to get a verdict if the data is spam or not.
• Posting limits: Limit posting to registered users and/or require that the user pass a CAPTCHA test before posting.
• Registration restrictions: Applying careful restrictions can seriously impact bogus and spambot registrations. One approach consists in the denial of registration from certain domains that are a major source of spambots, or even domain extensions such as .ru, .br, .biz. Another, more labor-intensive, consists in manual examination of new registrants. This examination looks at several indicators. First, spambots often delay email confirmation by several hours, while humans will confirm promptly. Second, spambots will tend to create user names that are unique, and unlikely to already be used in the forum, preferring "John84731" or "JohnbassKeepsie" to the much more common "John." Third, using a search engine to investigate, one finds hundreds, if not thousands of profiles using the spambot login name, sometimes with the diagnostic spam post, or "banned" label.
• Changing technical details of the forum software to confuse bots — for example, changing "agreed=true" to "mode=agreed" in the registration page of phpBB.
• Block posts or registrations that contain certain blacklisted words.
• Be wary of IPs used by untrusted posters (anonymous posts or newly registered users). A useful technique for proactive detection of well-known spammer proxies is to query a search engine for this IP. It will show up on pages that specialize in the listing of proxies.
• Some forums also have their own "spam subforums" to direct spam off their main site.
• Some forums have the signature option disabled.

Page widening

Page widening is the intentional or accidental act of posting a long string of unbroken characters or a wide image to a forum, increasing the web page's width excessively, to the point where other users cannot read the text without scrolling the screen left and right. Page widening is undertaken by internet trolls who wish to render a page harder to read, and is one of the Slashdot trolling phenomena.

Page widening can be triggered by a wide image, a very long string of characters without breaks, a long line with the specification that the browser should not break it (for instance, use of the HTML tags <pre> or <nobr>), a table with many columns, in particular if columns contain a long word (the minimum width of a column is the width of the longest word in it) or a table where the HTML specifies a large width.

Although some forums detect and prevent such page widening, often by inserting spaces into excessively long text strings, some forum software fails to take into account that the reader may be using a lower screen resolution (such as on a PDA or mobile phone), a smaller window size or a larger font.

See also

• Spam (electronic)
• Internet forum
• CAPTCHA

References