Jump to content
René H4

Fake accounts

Recommended Posts

Hi,

I meant my installation of 2.3.4 was up to date.

I don't think a captcha will help, they somehow have got round the ''error out if country is Algeria' code on create_account.php, which works as I have tested it.

To me this indicates something else is going on, bypassing the normal create account procedure.

I have started on a Pheonix version but my site is SO custom it will be along time before I have added all the various contributions, added code and changes to code on the back office side, let alone made it look similar to the current layout.

Work in progress!

 

 

Share this post


Link to post
Share on other sites

Well excuse me for being an idiot. Despite my 15 years on OsC.

But please explain how a web user cannot submit the create _account form if he has Algeria as country, yet it is still getting inserted into the Db.

Surely a Captcha just prohibits submission of the form, which I have already implemented.

 

Edited by yahalimu

Share this post


Link to post
Share on other sites
1 hour ago, yahalimu said:

Anyone else with this issue or any suggestions?

osC is beeing targeted by hackers. The honypot and recapatch will stop some auto bots but it will not stop the human factory hackers. Yes people being paid to target account and contact us pages. It's a relativly new trend for doggy marketing and hacking. I have recived several emails offering to do this type of marketing.

Set a time limit on the contact_us page of about 30-40 mins or more will slow them down but not stop them.  Then it's a case of manualy deleting bad accounts as and when they are made.

Most of mine originated from .ru

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites

Over last few days I have started getting these types of new accounts at a rate of 10-20 a day,q and attempts to send emails. Haven't had any for a long time so it's being a real PITA. I have a maths question on the contact us form but nothing else. I have added a honey pot thing but that hasn't stopped anything just let's me know it's happening. This weekend I am going to find a recapthcha addon and see if that stops them.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites
5 hours ago, 14steve14 said:

I have added a honey pot thing but that hasn't stopped anything just let's me know it's happening. This weekend I am going to find a recapthcha addon and see if that stops them.

If the new account is similar to a legitimate account, neither will stop them. You need to determine where they are coming from. A hundred accounts created by a hundred different people can't be stopped if they are using the form as a legitimate customer would. But if a hundred are created by the same person, Honey Pot can stop 99 of them. If they are bypassing the form somehow then either should catch them. 

Share this post


Link to post
Share on other sites
14 hours ago, JcMagpie said:

I have this by Demitry  running on both Frozen and Phoenix upto 1.0.3.x and it works fine. Stops most of them.

Just installed the above. Will see what happens now. Hopefully they will loose interest soon.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites

Thanks to those that helped with info in this thread.

It would appear that after a few days all fake accounts have stopped being created and also stopped sending emails through the contact us form. I would like to think that this is because I installed the google captcha mod as before that nothing changed. I did change the time between sending emails in "action recorder" also. I now have a simple maths question, a captcha and honeypot on create account and contact us so lets hope its stopped them until they figure out a way around them again.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites

I wish you luck, I would wait a while before celebrating though, I also have had no attempts last weekend and this week so far.

My only change so far was to change the URL of contact and create account pages. (I already have a maths question)

I was going to implement the honeypot afterwards if it didn't help.

Then if absolutely necessary a Captcha after that.

The server logs indicated a human interaction about a minute and a half after a failed maths question, that was then answered  correctly, so it is possible they may start again if the URL change is noticed and manually updated.

Fingers crossed.

 

 

 

 

Share this post


Link to post
Share on other sites

this stop most spam and inform you by mail

$bad_companies = array('google', 'apple', 'add next', 'add next'); 

add this after line 58 $error = false;

//Added to block spammers A
    $bad_companies = array('google', 'apple');    

   if (in_array(strtolower($company), $bad_companies)) {
    $error = true;
      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If your info is correct and you are not a spammer please contact us or try again.");
      $spam_email_text = "Spammer Alert: <b>" . $firstname . " " . $lastname . "</b> Using company name <b> " . $company . "</b> triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'BOT Spammer Alert!', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
    }

    if (in_array(strtolower($entry_tax_id), $bad_companies)) {
      $error = true;

      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If you info is correct and you are not a spammer please contact us or try again.");

      $spam_email_text = "Spammer Alert: " . $firstname . " " . $lastname . "Using company name: " . $company . " with tax id: " . $entry_tax_id . " triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Spammer Alert:', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
    }
//block ZIP CODE without number like this      hjhjkjgkjbkgjg   
if ($postcode != '') {
if (ctype_alpha($postcode)) {
    
      $error = true;

      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If you info is correct and you are not a spammer please contact us or try again.");

      $spam_email_text = "Spammer Alert: postcode" . $firstname . " " . $lastname . " " . $email_address . " Using company name: " . $company . " with postcode: " . $postcode . '-'. $good_postcode . " triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Spammer Alert:', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}}

//END Added to block spammers

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×