Scammers targeting Photopost Classifieds

creativepart · May 27th, 2012, 03:11 PM

Hi,
We've always had some scammers that target our users from our PP Classifieds, but we're seeing more and more scambots that are using the contact.php to send scam emails to every member with an ad.

Today we had one that goes by the name khotmiller (khotmiller@yahoo.com) and they are picking up the item title and using it in the email wording.

I just did a quick Google search of "khotmiller" and found that username registered at 4 different forums and each one had PP Classifieds installed.

It would be nice if we could limit the number of contact emails sent via contact.php to stop people from sending mass emails through it.

Do you have any ideas of workarounds that we could do locally that would thwart these scammers. Can we change the name of contact.php and then easily apply this across our installs to trip up any scambots trying look for contact.php in our classifieds.

Or can you think of something we could change to stop this. Perhaps using some kind of challenge system, like entering a specific word, or captcha?

What is Photopost planning to do to stop scammer use of PP Classifieds?

Here's what the email looks like on our forum:

Quote:

<REMOVED@juno.com>:
64.136.52.37 failed after I sent the message.
Remote host said: 550 Access denied...0e6130a11424a961456df414c444d06d7d5510e90541b9857d199d1964e4c9191051e410...

--- Below this line is a copy of the message.

Return-Path: <anonymous@geartalknet.com>
Received: (qmail 20404 invoked by uid 504); 27 May 2012 06:52:09 -0500
Date: 27 May 2012 06:52:09 -0500
Message-ID: <20120527115209.20402.qmail@geartalknet.com>
To: REMOVED@juno.com
Subject: A message about your ad on tdpri.com
X-PHP-Originating-Script: 10013:contact.php
From: khotmiller@yahoo.com

Larrivee L05 A/E

Good day,
Is your Larrivee L05 A/E still available for sale ? What is the last price and what is the condition? I will like to pay using PayPal,After payments has been made,I will arrange for the pick-up and will you let my pick-up agent to come to you house for the pick up? Because i don't want you to worry yourself about the shipment,Reply back khotmiller@yahoo.com

Regards

Larrivee L05 A/E - Guitars and Gear For Sale

Chuck S · May 27th, 2012, 04:06 PM

HMM well contact.php should only be available to registered users to my knowledge unless something has been altered. I do not have any ideas about how to prevent a user from sending an email to another user the contents that is. Captcha could be added we do use that other places.

creativepart · May 27th, 2012, 09:10 PM

Yeah, these guys are getting passed all of our other blocking efforts. If there was a captcha it would make things harder to use the contact.php with a bot.

Chuck S · May 28th, 2012, 08:38 AM

I can work on adding captcha in the next release but my thoughts are they will get past that also as they get past all the vbulletin forum captcha here all the time. I am always deleting scam posts and we have captcha for registration.

creativepart · May 28th, 2012, 03:19 PM

I think that or some other captcha will slow them down for a while. They have their bots all set up without it, adding it will throw them off for a while.

Either that or let admins set a challenge task like "1+3=?" or write "classified." Just like a lot of the VB mods for blocking spam do.

Some sort of scammer prevention really should be added to the product. It's a huge problem.

Chuck S · May 28th, 2012, 05:26 PM

Yeah captcha is already part of that page but only shown to guests in the present form. I added a global usergroup permission in usergroup settings in Classifieds 5.0 so stay on the lookout.