New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
They're looking for @WSS
I really don't think those orders looks like fake orders or attacks - looks like more spam to me.
Maybe @wss can post more screenshots so we can figure it out?
I meant blocking the traffic from China for some time. Obviously, it will only work for people who do not have any existing customers from China. Irrespective of the country they use, these are mostly from China.
such order/ticket spam from qq.com is not new. I have seen many people complaining about such spam from this domain in the recent past.
I disabled the "create new account without order" function and this stopped.
They pay with paysafecards at this company, for a 5/Yr webhosting package. Then we recieve a abuse report from either Netkraft or Google Fraud report and suspend them immediately. They have No right on money Back and They paid by paysafe (their mistake Paypal was also an option) So we cant refund it
I did this too but it didn't help until I added a custom field that asked them to type YES to continue.
I have tried a few tricks however I have noticed that since the latest update the recaptcha box does not appear on new orders only on the domain checking page!
DeathByCaptcha is so 2005. Haven't needed humans in a while due to things like XEvil.
Looks like that thing may be more successful at solving captcha than I am.
If you think captcha solving for that amount of money is too low, try Facebook hiring mods through oDesk who usually were from Morocco to moderate "some of the worst things I have ever seen" according to one guy for $1/hr
$1/hr to them is like $25/hr here in the states. The PPP against the US dollar over there is pretty good last I heard.
Oops,Obviously your mailbox was compromised by illegal gambling websites in China.
They use robots to crawl mailboxes on search engines, so I want your email to be sent to certain forums in China.
@randvegeta @WebProject @AlexanderM @quadhost This type of bot can be easily stopped...... Sure bot know how to automate the default registration form
Just create a custom client field with required option.
As now they missing the custom field value ..none of their try, enter to your database.
We able to block it 100%. Hope it helps
We already have validation filtering on the form working from yesterday. Nice and quiet over here now.
We already had this, likely they have not updated the script for your site yet since you added the custom field.
Thank you for sharing. We do use clientexec software and we do have at least 3 custom customers rules, but some users can do quick registration less than 1 minute order/registration.
i received 2000 + new registrations of client from qq.com fake one
@Dilstar how long you receiving such registration on WHMCS. I don't think 2000+ possible by the bot we discussing in few days .(we have got email from over 15 different email domain with average internal 30 minutes )
Follow the custom field method i informed on previous reply
Don't block qq.com their are many valid clients using the email domain.
Well, you're basically training Google's neural networks by filling in reCAPTCHAs. reCAPTCHA stopped being about bot prevention a long time ago, and now it's really just a way for Google to get free labour out of everybody, while pretending that it's still a good bot prevention mechanism.
There's roughly two kinds of CAPTCHAs:
Current-day reCAPTCHAs are basically still the second category, except with a little more complexity. Now you're training Google's neural networks for free (rather than the originally lofty goal of reCAPTCHA, namely transcribing public domain books for the common good), and depending on how bot-y your client looks, you get more or less control questions. But it's still the same concept.
The thing is, breaking CAPTCHAs is similarly simple. It's literally just a matter of automating whatever you can to solve CAPTCHAs (since automated solving is effectively free), and the remaining CAPTCHAs get passed to a human in a low-GDP country to solve manually for a pittance. This works for any kind of CAPTCHA, because it's being solved by a human.
The best solution for CAPTCHAs remains a 'reverse CAPTCHA', which is literally just a CSS-hidden field that only bots will fill out. Any generic, untargeted bot is going to break on this in the same way that it'd break on a 'regular' CAPTCHA, except you're not bothering your users and it doesn't require JS.
Targeted bots can't be stopped by that, but they can't be stopped by reCAPTCHA either; when you're dealing with a targeted bot, that means that somebody either hates you enough or considers you profitable enough to write code specifically for you - which means they'll also probably be willing to fork over a few bucks to DeathByCAPTCHA and similar services.
For targeted attacks, your best bet is content filtering/detection or behavioural analysis of some sort. There exists no generic solution for it.
</ramble>
They have a myBB plugin that blocks all these suspicious ass email services. Im sure you could just export the list and block it in WHMCS or just use recaptcha
Yup These chinese morons try to get a pre payment service... It has happened with many hosts in the pasts...
@joepie91 I'm aware of how it works and I'll be honest: I've thought of paying for someone else to fill my captchas. It's at the point now that Google doesn't care whether a bot gets through or not; they just want you to train their system for OCR (like you said).
I get frustrated because Google expects us to fill their captchas without giving a single criteria/instruction on what they mean by ex. "car" or "store fronts."
Received order from China but most of customers IP Location distance is not less than 1500. Idk why.
Right, I probably should've been clearer that I wasn't so much trying to explain it to you, as I was chaining my explanation onto your remark :P I figured your original comment was somewhat sarcastic anyway.
But yeah, I don't think precision is really needed for their training procedure. The goal, after all, is to train a car to spot things like a human-who's-paying-attention, so an averaged answer of lots of humans will do just fine.
That that produces a horrible user experience for the people doing the training... I don't think they really care much about that either
Seeing a bit of this, for those curious here's the IP addresses we're seeing:
+----------------+----------------+
| ip | total_accounts |
+----------------+----------------+
| 61.49.62.66 | 27 |
| 61.49.62.113 | 77 |
| 61.216.157.185 | 5 |
| 36.255.96.216 | 3 |
| 36.255.96.182 | 8 |
| 36.255.96.10 | 33 |
| 203.69.105.4 | 2 |
| 172.94.80.12 | 13 |
| 172.94.80.106 | 2 |
| 172.94.56.9 | 1 |
| 172.87.26.196 | 10 |
| 172.87.26.194 | 45 |
| 172.111.185.58 | 1 |
| 172.111.185.49 | 38 |
| 141.101.156.98 | 14 |
| 141.101.156.13 | 9 |
| 117.81.120.158 | 2 |
+----------------+----------------+
Francisco
I saw some suppliers discriminating against Chinese people.
I will sort out the list of these suppliers and tell my friends not to buy your services.
Is it part of US-China trade war?
Who is this question directed at?
Thank you for your additional security against chargebacks.
Probably not a very accurate depiction of what you're trying to say either, perhaps you mean people inside China. Lots of Chinese people in Europe that (I would imagine) do not have their datapoints flagged.