Many of you have been seeing a sharp increase in the number of spammers attempting to sign-up to your networks. For NCs with member moderation turned on, this means you need to spend time each day wading through spammers to find valuable, legitimate new members. For those of you who don’t have member moderation turned on, spammers are clogging up your member lists. We are facing similar challenges on Creators and personal networks. Allison is getting 10-20 spammers attempting to sign-up each day on Creators despite having CAPTCHA, email verification and the quiz turned on.
Unfortunately, spam continues to grow across the Internet as spammers get more sophisticated and build larger teams to overcome defenses. This Spam Volume Index reported by Trustwave shows a 3x to 4x increase in spam since late last year. Patrick Chappelle recently posted a discussion on Creators discussing spam trends off the Ning Platform. And community owners are reporting issues on other platforms, such as this discussion in the Drupal forum.
Ning has invested a large amount of engineering resources in an arms race to fight spammers, starting in 2009 and working almost continuously up to today. This summer, we released the spam folder to automatically detect spam and prevent your members from seeing it. We are evaluating a number of options that will make it harder for spammers to join your network, including a more sophisticated sign-up quiz. We expect to release these new tools in September. We also plan to improve the member moderation interface in your dashboard in Q4 to make it easier to reject spammers in bulk.
Blocking spam is a complex problem. Almost every solution has trade-offs. I’d like to share what Ning has implemented over the past 4 years to help you understand the trade-offs we’ve made and all of the tools that are available to you.
Our approach has evolved since spam first emerged as a significant problem in 2009, but generally has had three elements:
Identify Spammy Members
There are several ways to identify spammy members. Each has drawbacks:
Ning rolled out a spammy member detection system in February 2010 based on member behavior and flagging by other NCs. We immediately received a high volume of complaints from NCs and members about false positives – legitimate members that were disabled. Based on the complaints, we modified our approach to soft block suspicious accounts, rather than disable them.
We are continuing to soft block suspicious accounts. However, we found it difficult to expand this approach without impacting an unacceptable number of legitimate members. So in May 2011, we introduced the Spam Watchlist. Rather than automatically disabling or soft blocking a suspicious member, we flagged them and placed them in a Spam Watchlist folder in the member moderation interface of your dashboard. This gives you or your admins the ability to review and take action as you see fit.
Identify and Block Spam
A major disadvantage of spammy member identification is that by the time we identify and you take action on the spammer, the spam has already been published to your network and the damage is done. To address this issue, the Ning engineering team built and “taught” a spam classifier to detect spammy content with a high degree of accuracy. We first used this classifier last spring to clean-up old spam that was cluttering up your networks. This also helped our engineering team to test the performance of the classifier under a high load.
This summer, we deployed the spam classifier to block spam in real-time through the Spam Folder feature, released on Ning 3.0 Networks in early June and Ning 2.0 Networks in late June. If the spam classifier detects spam with a high degree of confidence, we place it in your network Spam Folder rather than publish it. Administrators can remove content from the spam folder and publish it. Content left in the spam folder for longer than 14 days will be automatically and permanently deleted from your network, which makes it easier for you to manage the spam folder.
This solution also has a trade-off. In order to catch more spam (increase the catch rate), we need to block content we are less certain is spam (decrease the hit rate). A lower hit rate means more false positives. We feel it is important to have a very low number of false positives, so we are currently only blocking content that we are highly confident is spam.
NC and Admin Tools
Over the past 4 years, we have also released a variety of tools to help you block spammy members from joining your network. These tools are primarily meant to defeat automated sign-up scripts or bots and slow a human spammer down. None are silver bullets – they are meant to be speed bumps. By forcing a spammer to register with a human being and making the process more expensive, we can reduce a spammer’s return on investment (ROI) and encourage them to attack easier targets than a Ning Network. Here’s a list of tools we currently offer:
The major advantage of the tools approach is that it gives you control. You can make the trade-off between limiting the number of spammers who join vs. adding friction to the sign-up process for legitimate members. You can find valuable advice and creative suggestions about using these tools in Creators discussions initiated by Kos and Patrick last month.
Note, turning on member moderation is a very effective way to block spammers from joining your network. However, we recognize it puts an administrative burden on you and your admins. And it introduces a delay between a member signing-up and being able to participate on your network. Even if you have member moderation turned on, we recommend that you take advantage of the tools above to reduce your workload.
As our last 4 years show, fighting spam is an ongoing battle. We will continue to invest engineering resources to help you keep your networks clean and reduce your community management workload. In September, we plan to release at least one new tool to make it harder for spammers to join your network. Longer-term, we plan to optimize and expand the scope of our spam classifier (Spam Folder) and investigate new ways to identify spammers when they try to sign-up.
I’d like to thank all of you for being vigilant and training your admins and moderators to effectively use the spam-fighting tools we offer. As always, we appreciate your feedback and ideas.
Image courtesy of Scent of Green Bananas via Flickr.
Thanks for keeping us informed on your progress. I know this is a herculean task for all involved, and I look forward to whatever new spam fighting tools Ning will implement come September.
Flagging by other NCs. If one or more other NCs suspend a member for spam, then we could block them from signing-up for any Ning Network. However, different NCs have different definitions for what they consider spam. And one NC could ‘black ball’ an IP address or another NC from joining other Ning Networks for malicious reasons.
If you block all sign ups that are banned as spammers right away by NCs AND lots of NCs automatically ban obvious spam profiles (all are fairly obvious), it seems the problem would be solved.
There is no downside to placing spammers identified by multiple other Network Creators in quarantine upon joining other networks. An individual NC couldn't blackball anybody. It would take multiple NC's to identify spammers. And these members could still be manually approved by the new network if they so desired.
At least that way they would only have to manually approve members identified as spammers instead of every single one.
I have no idea why Ning hasn't bothered to implement this and instead keep bring up red herrings about why its a bad thing. It's not. It would work marvelously well. Have you seen how spam free Gmail is? This is a major component of their solution.
I wrote about this over two years ago here: http://creators.ning.com/forum/topics/how-spam-prevention-should
This is still a viable solution. Please consider it.
Banning human spammers is one thing, banning a spambot is another. You can ban a human spammer, but spambot creators can generate hundreds of email addresses in minutes, and return to bugger your site in no time.
For instance, I have several email addresses, and if I were a spammer, could make several attempts to join your site, after being removed. If you ban all of the email addresses I have used to sign up to your site, it's likely I will not create another email address simply to infiltrate your site. I will move on to another site. However, if I have access to such programs as OCR (to circumvent captchas), or XRumer, I can continue to send fake profiles to your site while I sleep. It doesn't matter if you block whichever email address my bots are using, I will generate more.
spambot[at]gmail[dot]com, spambot1[at]gmail[dot]com, spambot2[at]gmail[dot]com, spambot3[at]gmail[dot]com, spambot937[at]gmail[dot]com, spamalot[at]gmail][dot]com, spamusilly[at]gmail[dot]com, etc.
I was going to post a video one spammer uploaded to Youtube here, but it has a rap song with lots of profanity. If you want to see how one particular kind of spambot works (there are different types, mind you), you can click this link, and have a look for yourself. I recommend turning your volume down or off before watching. The video was posted by the creator of the spambot, where he (or she) also offers a link to download the program to would-be spammers.
I agree- with spammers hitting now they are using hundreds of email addresses -I check all of them off as spam and BAN them from the network using the tools provided.
It would be easy to use this list as a collective database to identify the worst spammer programs (email addresses) and ban them across all networks.
They hit me a few months back with hundreds of requests daily- when I change the security question to
"What is another word for H20?" and answer of course was "water"...this stop them dead in their tracks-but now months later they are back-seems they have the answer.
2 days ago I changed the question to "What is 12 X 12?" answer of course is 144-this has slowed them down by about 80%- still I get a dozen a day that make it through
Spam is always going to be a problem- but a database of spammers who use this new spamming tool could easily be stopped using a collective database type of tool
Thanks for the history and initiative progress report.
thank you for all Ning has done and continues to do.
We have been flooded by applicants we feel Ning should be able to detect with a high degree of accuracy pretty easily and block from completing the application process.
They answer our profile questions with
abc or frg or other nonesense letters, always just 3
or with ..., 3 dots, always just 3.
Any reason you can't program in an abort of those applications for all networks????
We have ALL the hoops in place, including mandatory profile photo. So we have not admitted a spammer in many many months, since we put all the hoops in place, and we recently added the quiz, and that has reduced the number of the above types of applications to ALMOST zero, but not quite.
Before that, we got a dozen or more per day, and the admin time was unconscionable.
PS It was clear that exchanging lists of spammers we suspended didn't work, sad to say. But the hoops in place now make that moot, thank goodness.
Correction: We don't have social signup in place, because the process of setting it up is beyond us, all of the admins and the NC..
My biggest spam problem is 'new blog posts' except Blogs are supposed to be turned off on my network.
Webwahm, that is not a spam problem at all. If you do not have the blog feature enabled, your members should not be able to see the option to post a blog. In that case, you have a serious technical problem, and should contact Ning Help as soon as possible.