What a spambot attack looks like and update on Easy Sign Up

30
16.8K followers
Updated

SPAMBOTS CAN LOOK LIKE REAL SIGNUPS!

Part of my problem was ALL the sign ups on my site are spam, but they look real. Real names, with gmail, hotmail, you name it real providers! They started off so subtle at 1 per day with real names and real-looking addresses, they didn't pass 5 a day in the first few weeks. I'd seen someone else in the forums talk about being hit by 20 sign ups a day with randomly generated numbers so he knew immediately it was a bot - I didn't.

WHAT MADE ME SUSPICIOUS

1. Some of the addresses looked 'off' and didn't pan out, but that was only a handful.

2. None of the addresses responded to my 'confirm subscription' page that I set the plugin to send everyone just as an extra precaution - I know some people can be put off by a double sign up but I did mention it was to confirm humanity [!] and that they were not spambots and they only had to hit reply and send, which was a good deal seeing I was about to send them something useful.

3. I emailed everyone on my list and asked them 'to do me a favor' and confirm they were not bots - still no reply - not even one.

4. One of my affiliate centers showed unusual activity - 3 addresses sitting on my site all day every day, apparently clicking my affiliate links! I was lucky to have had that data. I can't see them in analytics, no idea why.

5. I had been wondering how come I was getting 5 sign ups a day without being ranked, which might be ok were it not for all of the above.

I COULD HAVE EMAILED THESE FALSE ADDRESSES FOREVER!

One week of this totally got me set up with my email schedule but it is a lot of work and you don't want to be emailing false addresses! I don't know how it works with a paid company like Aweber, or Mailchimp but for sure you need to check in with your list including all the very normal looking sign ups and make sure they are real. I know most lists I sign up to have a confirm subscription, so it is normal to do this.

Easy Sign Up may have locked me out once, I wish I had a good explanation for that [who knows maybe I did accidentally autofill it], but when I switched in on and off a few times and had it let me in then it does seem that it is working properly. It certainly is stopping all of these false sign ups now. The honeypot is an option within the plugin, make sure you tick it in the plugin settings. I guess I'm now doing overkill by getting them to also confirm subscription, I may drop that later now that I know the spam blocking honeypot is working.

ps I did an earlier blog on 'build it and they will come' well my flag count is now all over the world, but turns out the first 3 flags I showed you were the bots :D

Update on the Easy SIgn Up Plugin

THE DEVELOPER OF THIS PLUGIN RESPONDED IMMEDIATELY

I'd been having a couple of problems in that when I turned the honeypot spam blocker on within the plugin all sign ups stopped and at one point it even stopped me, so I wondered if it was stopping everyone. I wrote to the developer's support forum at Wordpress .org and he replied immediately in the WP Forums where you find the support for this plugin.

At this point I'd had the spam block on and off a few times to see what would happen and it was now letting me back in again. He asked for me to send him a page from my site and he actually signed up himself with the honeypot spam blocker on and got through. So it was working, and it is blocking false sign ups.

Moz.


Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training

Recent Comments

18

Glad you got this sorted out Moz!

Wow! Good info. Thanks

What great info, Moz. I was so wondering about this on my site. Thank you. shary

The folks below seem to have good advice.

Most of my spam problems came from legit SEO companies. A big problem was that my genealogy site was family friendly and this SEO company dumped porn sites on my forum every day. I finally had to contact them and threaten them. They stopped. Otherewise, Captcha can really help with random bot spam. Unsolicited spam is one of the most annoying facets of using the internet.

I always use a double optin and I did a blog post that explains why

...will check it out
update: I'll be keeping my double opt-in after reading this!

Hi guys,
I seem to have problems with spam sign ups as well. How do you integrate a double opt-in like you are mentioning?

thanks!!

Rotten bits!

You have been having a lot of problems with them, but I think you have learned how to get through this issues. Good for you!

Good to know. Thank you

What a process! At least you got some support.

Good to know it's working for you Moz. I'm still getting lots of random numbers instead of names on my signup page. The honeypot doesn't seem to be working on my site.

Wow Marion! The developer is in chat with me right now at WP forums, he did ask me to open a new thread when I went in here - it takes a bit of rumaging around to find where to open a new thread but may be worth it

wordpress .org and type name of plugin into search box, open new thread - on a recent thread previous to mine the guy there was being given some advice on his spambot random numbers...

Thanks Moz. I'll pop into wordpress.org and check it out when I've got a bit more time.

See more comments

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training