My suggestion for Ning spam prevention: Let's only add real spammers to the Spam Watchlist - people who have actually spammed. Not theoretical algorithm spammers who might be spammers. ONLY REAL SPAMMERS. This is easy to do with Ning's access to spam data network wide. Simply add any member to the Spam Watchlist of ALL Ning networks if they are ever been Suspended for Spam on any other Ning network. If they have been suspended for spam on 2 or more Ning networks, quarantine them on all networks and don't allow them to add any content until manually approved (or suspended) by each individual NC.
This leverages the power of your whole network. Any time a Network Creator suspends a member for spam, she is helping every other NC. Not to mention, this method flat out works. Have you seen how little spam gets through Gmail's filters? It is because they use a method very much like this. Ning has a whole army of NC's marking members as spammers... but then does nothing with that information. It's time to use it for the benefit of all.
Ning needs to completely scrap the method they are using to arrive at who is placed on the Watchlist. Ning is currently using algorithms and spam word counts and other such theoretical mumbo jumbo. And it's not working. At all. Spammers continue to post spam messages on profile comments, send mass emails to groups, and send "personal messages" to those they friend request. They do this with impunity and without restriction. And two out of three of these methods are invisible to NC's. But these forms of spam could easily be stopped.
By quarantining known spammers and not allowing them to post content or contact members, NC's still have the option to allow them membership and full access but the member can do no damage without a manual approval from the NC. This eliminates any false positives.
Yes, there would still be ways around this (new email address + new IP for every network they join). But it would eliminate 95%+ of all comment spam, group message spam, and friend request personal message spam that we are currently seeing.
Identify and quarantine members by email address but also identify and quarantine any member from an IP address that has a history of members suspended for spam across the Ning networks. IP addresses are a blunt tool but by quarantining only, members will not be wrongly accused if they are legit. So quarantine any IP address that has had multiple spammers join and be suspended for spam. NC's can manually approve that small fraction of members instead of having to moderate all members.
What are your thoughts?
Just curious how many people here have also used a simple sign-up quiz to curtail spammers, and if you've had success using it?
Our ning site is not big enough yet to be able to tell if it's having a real effect or the spammers just haven't found us yet, but on another site that hadn't even been released to the public yet, we had 50 spammers in a day, but close to zero in the months since I implemented the simple quiz.
Part of the reason this is an effective tool seems to be that mass-spammers tend to be spambots designed to post as much as spam as they can before you catch on. Thus, even if they have the ability to read a captcha, no computer can be able to answer a particular question without instruction first.
That's the idea anyway, but I am very interested to hear if this has helped people deter mass-spammers...
Nothing that ning has now to deal with spam works and when you come from another platform like me (a self hosted site that i still have) I do feel very vulnerable on my ning site. im not new at this game been doing it many years so i know what whats and what works best.
The only thing that really works is to put your membership on admin approval, then go google the I.P, email and user name. The I.P is the most important one because that tells you where they are from and if any suspicious behavior has been picked up by anybody. there are sites out there that log most I.Ps and report the activity of them, and then we have things like Honeypots who track spammers and report them so if you google an I.P you will see if you need to be wary or not.
the information is there just waiting to be utilized, but of course on ning we dont see the I.P of people wanting to join up so we have to trust to luck and cross our fingers.
The spam problem would be dealt with, with this one simple thing on our networks. Everything else is a waste of time and a waste of resources and we simply wont control this until we get to see the I.P. and i speak as a person who uses this method on another site i have, where at least one spammer tries to join every day and over a period of 4 years, not one has slipped through the net using this system...
I agree that the method you suggest works almost 100% of the time. But as you also note, most Ning NC's cannot see the IP of potential or present members. So it's a wish and a prayer.
But the manual moderation method you suggest is not scalable. Can you manually approve 100 members a day? 1000? 10,000? Why should we have to approve them at all? This simple method of quarantining actual spammers that have been marked as spammers by other NC's would take that requirement away from the NC.
Yes we would still see some spammers. But they would have to set up a completely new email address for each network AND spoof their IP address. It makes it much, much more difficult for spammers.
My proposed solution is a SYSTEM solution to the problem - not a ADMIN HAS TO WORK EXTRA HOURS solution. Ning has access to all this information. It's time to use it.
On the subject of making the Spam Watchlist work, there is another algorithm that apparently is not being used. Most of the comment spammers put an email address or link into their comments. That email address or URL is very consistent across many different profiles that the spammers use across many sites. So why not have the Spam Watchlist algorithm look at the email address / URL included in the comments made by actual spammers (members that have been suspended for spam). Follow the money. Use that URL or email address to quarantine any members (and their content) that links to that URL / email address. Do this across ALL networks. If I suspend someone for spam, any member that links to the same URL/email address on any network should be quarantined.
There are several solutions that would drastically cut down on spam. Why is Ning not doing more? Why are they not responding to this discussion?
Spammers are a moving target. But we must keep closing avenues where spam proliferates.
There is a way for you to see the IP of somebody trying to sign up to your network. It's called 'Trace My IP'. It is free to use (with limitations) and it gives you a little bit of code you need to paste into your network (kind of like Google Analytics). More specifically, you paste it into a text box which you have configured (using the 'features layout' in the dashboard) to appear on every one of your pages (you do this by placing the text box in the green-shaded box shown on your 'features layout' page)
I appreciate that isn't very clear, so if you want I will post full instructions. Oh yeah, and this tip came from JenSocial originally. So many thanks to her.
TMIP (Trace My IP) logs the IP address of everyone who has visited your website. I have found that when somebody uses the sign-up page, TMIP logs them as visiting a URL ending with 'pending'. When you go into TMIP, you can search the list for URLs ending in 'pending', and then cross-reference the time on the TMIP log with the time on the email you receive notifying you that somebody has requested membership. You then look at both the answers to your sign-up questions, and the TMIP log and decide if they are telling the truth.
This system isn't perfect, but I find it works 99% of the time. My network has been spam-free since I started this system.
BUT, this is a HUGE pain the the neck and really laborious. It just won't work for networks that approve tons of people every day.
Perhaps if EVERYBODY were doing this, then in theory you would be able to share the IPs of people you blocked - which would ensure work is not multiplied unnecessarily.
Just for the record, I think we should have the option to block all IPs originating out of certain countries. I'm not going to name names, but we all know that certain countries are famous for the amount of scams that originate from them. I have also found that all the dodgy IPs that visit my network all originate from the same country (oh yeah, and nobody appears to be using anonymous proxies, but then again, if and when they do, you just deny them membership!)
Sorry I'm really rambling now :)
Hello Matt..This would be very useful for us too. Occasionally we get banned members who sign up with all new info and we don't know for sure till the BS starts again. It does no good to watch the email addy when they change it anyhow.
Is it possible to set this up to track new sign up's only ?