Jerry Bell is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Jerry Bell @jerry
Follow

Just had to block the first spam account on infosec.exchange. I suspect Mastodon is going to quickly need to implement defensive tools to combat automated spam account registrations, as has had to be done on other sites, like blogs and forums. My wordpress instance for defensivesscurity.org, for example, has about 2k-3k attempted spam account registrations per day. Given the nature and reach of Mastodon, I suspect spammers will focus their efforts here soon

@jerry Tbh I'm surprised there are not more here already

@Sir_Boops agree. It’s likely just lack of awareness up to now.

@jerry a honeypot form that blocks by IP still works surprisingly well!

@Efi agree. That is pretty effective. But, if this become an important place for spammers, they will quickly adapt.

@jerry Yes, mastodon.gougere.fr already had a lot of spam registrations. @gougerenet

@bortzmeyer @gougerenet @jerry I think the fact we have a load of smaller instances which are actively managed by admins means that spam will get less of a foothold on the fediverse tbh.

@stolas @bortzmeyer @gougerenet I hope you’re right. But I see a possibly different nightmare scenario. Given that these campaigns are often completely automated, there’s little difference to a spammer spamming 1 instance or 1000. In any event, it’s pretty manageable now, but I’ve seen how bad it can get and I don’t think GS/Pleroma/Mastodon/et al have the tools in place for admins to cope without disabling registrations

@jerry
Japanese?

Something about the imperial family?

@jerry in any event, I may be being too alarmist based on my mode of thinking due to $dayjob. Have a good Sunday, everyone.

@jerry I wager you are correct. It's a fun exercise to defend a site of this size.

@jerry 2k-3k attempted spam registrations per day ! 😲

How do you fight this on your wordpress blog ? (tools, admin tips, ...)

@Roland I've found the "Stop Spammers" worked pretty well, but the people at Automattic added some functionality that works extremely well to Jetpack (called "Jetpack Protect"). Disabling that creates an absolute mess.

@Roland I forgot to mention that I also use wp-spamshield. I think that jetpack likely does enough that wp-spamshield is no loner necessary, though.

@jerry Ok thank you! I have this crazy idea of building an activitypub server over Wordpress. I'm sure your informations will be useful!

@jerry is this a manual process or are there tools specifically built to aid in this type of activity?

@jeff there’s nothing I’m aware, other than the normal moderator tools - which is a manual interface for suspending/silencing accounts or deleting toots

@jerry what is your methodology then for determining if an account is spam then? Other than watching it and seeing what it posts. Or other metrics like post frequency or time between posts.

@jeff so far, It's just waiting until an account does something in appropriate. The account today was gratuitous... Posted a link to learn how to make money trading oil futures or something similar.

@jerry I had similar thoughts. My other instance (toot.berlin) has closed down registrations toot.berlin/@jan/1000852813020

In German but EN translation is:

Unfortunately, our little toot.BERLIN was discovered by scriptkiddies, who created tons of accounts and post spam. We have temporarily suspended the registration of new accounts. If you want to help with cleaning up, please report all spam accounts that come in contact with you via the report function in Mastodon. Danke Unse

@superruserr I don’t use wordfence. I haven’t found a particular problem that it solves for me (yet) to justify the cost.