Jump to content
Latest News: (loading..)
Snarg

Removing fake customers

Recommended Posts

I think an easy way to get around bot creation of fake accounts or abuse of Tell A Friend page is to add in a script that requires the user to approve the account or email-send action via a button sent to their email. This is an added step, but you could spin it as it is designed to protect them (the customer). And a hacker or spammer is not going to use their own email account.

This would not work for the Contact Us page, but if set up right, it will only execute the final account-submit or email-send action upon a human approval from the account of the email they used.

It would likely require some A/B testing to see if an added step like this would have a significant negative impact on new account creations and Tell A Friend emails sent via real customers.

 

Edited by Demitry

Share this post


Link to post
Share on other sites
10 hours ago, Snarg said:

Should I be worried?

remove them using phpMyAdmin directly in the db in customers table  it will overcome this issue.

I would imagine that the garbage they entered when making the account is causing issues.

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites

I have "Tell a Friend" switched off in my shop. Can a fake account still do anything naughty?


OsC 2.3.4.1 CE Frozen   PHP 7.2   MySQL 10.1.36-MariaDB-cll-lve

Share this post


Link to post
Share on other sites

Any input form on your site that accepts input from a user and stores it in your database is open to abuse.

You just have to do what you can to secure each one.

@Jack_mcs  Honeypot lets you pick which pages to cover so should work for most issues.

If it’s some idiot sitting at a pc with time on there hands doing the spamming ( and there are many doing this) then there is very little you can do to stop them. Blocking IP’s works for a while but the just move to another using VPN’s!

If it’s bot’s then the honeypot should catch most of them. They look at the code and when they find a form/input filed they dump rubbish into it.

Honeypots normally add a hidden ( to the user) filed to the page which the user will not see but the bot’s will and they dump rubbish into it which tells the honeypot that it’s not a human and it can block that bot.

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites
14 hours ago, Snarg said:

When I select one of these fake accounts, I get a bunch of errors. Should I be worried?

This error means that some of the customer data is missing from either the customers db table or the customers_info table. 

customers_info table is more likely to have data missing.


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites
4 hours ago, JcMagpie said:

If it’s bot’s then the honeypot should catch most of them. They look at the code and when they find a form/input filed they dump rubbish into it.

Honeypots normally add a hidden ( to the user) filed to the page which the user will not see but the bot’s will and they dump rubbish into it which tells the honeypot that it’s not a human and it can block that bot.

Just be careful that if it's a blind person using a screen reader that they don't get blocked by your anti-bot measures. That could even be illegal. You might want to label the input field "anti-spambot measure, leave empty" or something like that, until the spammers wise up and catch on to it! (looking for "leave empty", "leave blank", "don't fill in", "for office use only", etc.) Then you might need to use Javascript to scramble the label so bots can't see it without processing the JS (like email hiding can be done), but a screen reader can still speak it. Or maybe the prompt/label could say "enter 735 here:", where the number is randomly generated. It's a never-ending war...


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get (stable) Frozen or (unstable) Edge. See also the naming convention and the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites
3 hours ago, burt said:

This error means that some of the customer data is missing from either the customers db table or the customers_info table. 

customers_info table is more likely to have data missing.

If simply missing data will blow up osC, that's a code error. I'm guessing that this is a very old (2.3.4) version of osC, and it might have been fixed in Frozen.


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get (stable) Frozen or (unstable) Edge. See also the naming convention and the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites
12 hours ago, MrPhil said:

I presume that's the "official" osC 2.3.4? I'm not sure it will properly run at PHP 5.6. The community-supported osC 2.3.4.1BS "Frozen" (see link in my signature) will go to at least PHP 7.1, so you should strongly consider upgrading your shop. As for why only "fake" accounts exhibit this behavior, I have never heard of this behavior. I suppose it's somewhat possible that there is some fishy data stored with these accounts, but offhand I can't think of what it could be. Maybe you could go into phpMyAdmin and take a look at one of these problem-causing fake accounts, and compare them with a normal real account, and see if there is anything in the customer data that looks like a script (HTML tags) or something else odd. Are you sure it's only fake accounts, or are those the only ones you tried this operation on? This is only selecting the account, and you haven't pressed Delete yet?

burt installed my shop a while ago, I think it is, BE'? How can I get the exact version?

 

I only get those errors from fake accounts. I have brought up the customers table in phpMyAdmin and examined the cells. Nothing, other than the bizarre, names, seems amiss. I'll attach some screenshots of what I see. I have not tried deleting one of the accounts yet.

cust001.jpg

cust002.jpg

Share this post


Link to post
Share on other sites
4 hours ago, burt said:

This error means that some of the customer data is missing from either the customers db table or the customers_info table. 

customers_info table is more likely to have data missing.

Does this look normal?

cust003.jpg

cust004.jpg

Share this post


Link to post
Share on other sites

That data looks fine. I would simply back up your database and then deleat one of the bad accounts. Log back in and check if all is well tthen simply remove the others.

compare it to stock data.

image.thumb.png.5c345f3fc6e5b743c08b6d665c837153.png

image.thumb.png.bb97a5fe191a553ab975d0b09801d8d2.png


 

Share this post


Link to post
Share on other sites
2 minutes ago, JcMagpie said:

That data looks fine. I would simply back up your database and then deleat one of the bad accounts. Log back in and check if all is well tthen simply remove the others.

compare it to stock data.

image.thumb.png.5c345f3fc6e5b743c08b6d665c837153.png

image.thumb.png.bb97a5fe191a553ab975d0b09801d8d2.png

Delete it from the customers table and customers_info?

Share this post


Link to post
Share on other sites

I'm not sure they are fake accounts! You bettter check first! Looking at some of the email used I would say it looks like your database has been comprmised and some data overwriten.


 

Share this post


Link to post
Share on other sites
5 minutes ago, JcMagpie said:

ok it's odd but looks like the fake accounts have no dob set! Have you checked?

I don't require a DOB for my store.

Share this post


Link to post
Share on other sites
57 minutes ago, Snarg said:

I think it is, BE'? How can I get the exact version?

That's not relavent if your using CE as they all say 2.3.4.1! But if you go to admin/tools/version checker it will show you somthing like this,

image.png.65fae4fbb54f929f55b7353c29dd1405.png


 

Share this post


Link to post
Share on other sites

looking at your error codes you get, which would point to an issue in the data that is beeing merged posiably id's not matching up?

image.png.08c87388b6747b38dbd2c0141bd63bbd.png

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites
29 minutes ago, JcMagpie said:

That's not relavent if your using CE as they all say 2.3.4.1! But if you go to admin/tools/version checker it will show you somthing like this,

 

I am fairly certain my version is 2.3.4 BS. Burt can confirm it.

Side note, I'm surprised it's not easier to tell what version you have.

Share this post


Link to post
Share on other sites
8 minutes ago, Snarg said:

Side note, I'm surprised it's not easier to tell what version you have.

😊 it is what it is.

I did a few checks on my test site and I was unable to produce the error you have by simply removing data from customers or customer_info tables or changing it. The only way I was able to brake customers deleat was by chnging a customer id so it did not match that in customer_info but all that did was stop that customer from beeing selected.

So I would say somthing else is going on with your db.

Edited by JcMagpie

 

Share this post


Link to post
Share on other sites

To add to the strangeness, I can not delete these fake accounts through the Admin CP. I get a bunch of errors and the accounts don't go away. I can, however, delete them via phpMyAdmin.

This *ONLY* happens with fake accounts. Normal accounts are not affected. This leads me to believe that it is not an error with my site but, rather, some type of odd hacking attempt is going on.

Share this post


Link to post
Share on other sites
1 hour ago, Snarg said:

type of odd hacking attempt is going on.

I think that could be the case as I can not reproduce your error by removing data from a test account. You should take one or two of the emails and see if they are linked to any orders! As I said the emails look valid but names are jibrish as if they have been over writen by a script. I would also run a virus scan on your db and site.


 

Share this post


Link to post
Share on other sites
18 hours ago, MrPhil said:

If simply missing data will blow up osC, that's a code error. I'm guessing that this is a very old (2.3.4) version of osC, and it might have been fixed in Frozen.

When joining two tables...if one side is broken...any software would react similarly.


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites
18 hours ago, Snarg said:

burt installed my shop a while ago, I think it is, BE'? How can I get the exact version?

You are somewhere between Gold and Frozen.  


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×