Jump to content
René H4

Fake accounts

Recommended Posts

Hi,

I meant my installation of 2.3.4 was up to date.

I don't think a captcha will help, they somehow have got round the ''error out if country is Algeria' code on create_account.php, which works as I have tested it.

To me this indicates something else is going on, bypassing the normal create account procedure.

I have started on a Pheonix version but my site is SO custom it will be along time before I have added all the various contributions, added code and changes to code on the back office side, let alone made it look similar to the current layout.

Work in progress!

 

 

Share this post


Link to post
Share on other sites

Well excuse me for being an idiot. Despite my 15 years on OsC.

But please explain how a web user cannot submit the create _account form if he has Algeria as country, yet it is still getting inserted into the Db.

Surely a Captcha just prohibits submission of the form, which I have already implemented.

 

Edited by yahalimu

Share this post


Link to post
Share on other sites
1 hour ago, yahalimu said:

Anyone else with this issue or any suggestions?

osC is beeing targeted by hackers. The honypot and recapatch will stop some auto bots but it will not stop the human factory hackers. Yes people being paid to target account and contact us pages. It's a relativly new trend for doggy marketing and hacking. I have recived several emails offering to do this type of marketing.

Set a time limit on the contact_us page of about 30-40 mins or more will slow them down but not stop them.  Then it's a case of manualy deleting bad accounts as and when they are made.

Most of mine originated from .ru

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites

Over last few days I have started getting these types of new accounts at a rate of 10-20 a day,q and attempts to send emails. Haven't had any for a long time so it's being a real PITA. I have a maths question on the contact us form but nothing else. I have added a honey pot thing but that hasn't stopped anything just let's me know it's happening. This weekend I am going to find a recapthcha addon and see if that stops them.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites
5 hours ago, 14steve14 said:

I have added a honey pot thing but that hasn't stopped anything just let's me know it's happening. This weekend I am going to find a recapthcha addon and see if that stops them.

If the new account is similar to a legitimate account, neither will stop them. You need to determine where they are coming from. A hundred accounts created by a hundred different people can't be stopped if they are using the form as a legitimate customer would. But if a hundred are created by the same person, Honey Pot can stop 99 of them. If they are bypassing the form somehow then either should catch them. 

Share this post


Link to post
Share on other sites
14 hours ago, JcMagpie said:

I have this by Demitry  running on both Frozen and Phoenix upto 1.0.3.x and it works fine. Stops most of them.

Just installed the above. Will see what happens now. Hopefully they will loose interest soon.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites

Thanks to those that helped with info in this thread.

It would appear that after a few days all fake accounts have stopped being created and also stopped sending emails through the contact us form. I would like to think that this is because I installed the google captcha mod as before that nothing changed. I did change the time between sending emails in "action recorder" also. I now have a simple maths question, a captcha and honeypot on create account and contact us so lets hope its stopped them until they figure out a way around them again.


REMEMBER BACKUP, BACKUP AND BACKUP

Get the latest Responsive osCommerce CE (community edition) here

It's very easy to over complicate what are simple things in life

Share this post


Link to post
Share on other sites

I wish you luck, I would wait a while before celebrating though, I also have had no attempts last weekend and this week so far.

My only change so far was to change the URL of contact and create account pages. (I already have a maths question)

I was going to implement the honeypot afterwards if it didn't help.

Then if absolutely necessary a Captcha after that.

The server logs indicated a human interaction about a minute and a half after a failed maths question, that was then answered  correctly, so it is possible they may start again if the URL change is noticed and manually updated.

Fingers crossed.

 

 

 

 

Share this post


Link to post
Share on other sites

this stop most spam and inform you by mail

$bad_companies = array('google', 'apple', 'add next', 'add next'); 

add this after line 58 $error = false;

//Added to block spammers A
    $bad_companies = array('google', 'apple');    

   if (in_array(strtolower($company), $bad_companies)) {
    $error = true;
      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If your info is correct and you are not a spammer please contact us or try again.");
      $spam_email_text = "Spammer Alert: <b>" . $firstname . " " . $lastname . "</b> Using company name <b> " . $company . "</b> triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'BOT Spammer Alert!', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
    }

    if (in_array(strtolower($entry_tax_id), $bad_companies)) {
      $error = true;

      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If you info is correct and you are not a spammer please contact us or try again.");

      $spam_email_text = "Spammer Alert: " . $firstname . " " . $lastname . "Using company name: " . $company . " with tax id: " . $entry_tax_id . " triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Spammer Alert:', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
    }
//block ZIP CODE without number like this      hjhjkjgkjbkgjg   
if ($postcode != '') {
if (ctype_alpha($postcode)) {
    
      $error = true;

      $messageStack->add('create_account', "You have triggered spamming prevention rules.  If you info is correct and you are not a spammer please contact us or try again.");

      $spam_email_text = "Spammer Alert: postcode" . $firstname . " " . $lastname . " " . $email_address . " Using company name: " . $company . " with postcode: " . $postcode . '-'. $good_postcode . " triggered spam alert.";
      tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Spammer Alert:', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}}

//END Added to block spammers

Share this post


Link to post
Share on other sites

hello I have osc 2.3 installed with a very custom theme and lot of manual code changes. Is there a simply way to stop these fake accounts? I checked that there is not captcha cotribution for 2.3 version

Share this post


Link to post
Share on other sites

I just installed it but captcha image is not working... Today I had a new fake registration from Afghanistan 

Share this post


Link to post
Share on other sites
Posted (edited)

@danil0Please post questions/problems, for any addon, in its support thread. The one for Honey Pot is here. Also follow the instructions in the install file for when there is a problem with fake accounts not being blocked.

Edited by Jack_mcs

Share this post


Link to post
Share on other sites

thank you for your answer .. your link goes back here.. but ok I will ask here ... I followed directions for my 2.3.4 version ... the captcha check is working but the captcha image is not appear and the strings are not translated ... see here please 

is the last version of honeypot complete?

 

Share this post


Link to post
Share on other sites
Posted (edited)

@danil0

2 things ...

1) Make sure you are using the correct instructions for your v2.3.4 shop, and not the Phoenix instructions

2) Double-check your edits to contact_us.php. Per the instructions, the edited code is supposed to look like this (lines numbered for clarity):

1    <div class="form-group has-feedback">
2      <label for="inputEnquiry" class="control-label col-sm-3"><?php echo ENTRY_ENQUIRY; ?></label>
3      <div class="col-sm-9">
4        <?php
5        echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, NULL, 'required aria-required="true" id="inputEnquiry" placeholder="' . ENTRY_ENQUIRY_TEXT . '"');
6        echo FORM_REQUIRED_INPUT;
7        ?>
8      </div>
9    </div>
10  </div>
11
12  <?php
13  /*** BEGIN HONEYPOT ***/
14  include('includes/honeypot/modules/honeypot_display.php');
15  /*** END HONEYPOT ***/  
16  ?>
17      
18  <div class="buttonSet">
19    <div class="text-right"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'fas fa-paper-plane', null, 'primary', null, 'btn-success'); ?></div>
20  </div>
21</div>

Pay particular attention to any typos in lines 4-7. Also, make sure you have installed the header tag module in Admin, and have configured it correctly for your particular shop.

I've just installed this in a v2.3.3.4 shop, so I know it works.

HTH

Malcolm

Edited by ArtcoInc

Get the latest Responsive osCommerce CE (community edition) here .

Share this post


Link to post
Share on other sites
2 hours ago, danil0 said:

your link goes back here..

I apologize - don't know how that happened. I have corrected my post so the link is correct now.

Share this post


Link to post
Share on other sites
20 hours ago, ArtcoInc said:

@danil0

2 things ...

1) Make sure you are using the correct instructions for your v2.3.4 shop, and not the Phoenix instructions

2) Double-check your edits to contact_us.php. Per the instructions, the edited code is supposed to look like this (lines numbered for clarity):


1    <div class="form-group has-feedback">
2      <label for="inputEnquiry" class="control-label col-sm-3"><?php echo ENTRY_ENQUIRY; ?></label>
3      <div class="col-sm-9">
4        <?php
5        echo tep_draw_textarea_field('enquiry', 'soft', 50, 15, NULL, 'required aria-required="true" id="inputEnquiry" placeholder="' . ENTRY_ENQUIRY_TEXT . '"');
6        echo FORM_REQUIRED_INPUT;
7        ?>
8      </div>
9    </div>
10  </div>
11
12  <?php
13  /*** BEGIN HONEYPOT ***/
14  include('includes/honeypot/modules/honeypot_display.php');
15  /*** END HONEYPOT ***/  
16  ?>
17      
18  <div class="buttonSet">
19    <div class="text-right"><?php echo tep_draw_button(IMAGE_BUTTON_CONTINUE, 'fas fa-paper-plane', null, 'primary', null, 'btn-success'); ?></div>
20  </div>
21</div>

Pay particular attention to any typos in lines 4-7. Also, make sure you have installed the header tag module in Admin, and have configured it correctly for your particular shop.

I've just installed this in a v2.3.3.4 shop, so I know it works.

HTH

Malcolm

thank you Malcolm

1. I checked the new files and instructions was from 234 version (Install_Frozen_V234.txt)

2. I tried the contact_us.php changed file also from zipped cotribution file and the result was the same (to avoid misstyping) ...seems like it has no access on some directories I guess... I m thinking of that because I add some "bad words" on settings but when I save the words gone and never saved.

3. header tag module in Admin is installed because I installed the honeypot Module from this..

any other ideas?

Share this post


Link to post
Share on other sites

Thanks for the HoneyPot addon i have been plagued by these spammers this last week (have banned so many ips) installed it on a 2.34 install all went well.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×