Lately spammers have obviously been more effective due to AI - they can create realistic posts quite easily and even create some engagement. For example I've deleted one yesterday that was essentially "how do you use Joplin?" and it had already 5 or 6 answers.
Another technique they use, that is new to me, is to create a realistic post like the one below, then later change one of the keyword to a link:
So if you see something strange, such as random words being linked to something, feel free to flag and we'll check it!
9 Likes
We've been dealing with this in the Snapcraft forum for at least 2-3 years now. Moreso the editing the links thing, as the idea is they leech SEO from your website to theirs by putting a link in on a post that won't be read once there's several hundred replies (depending how busy your forums are). But they absolutely do make legitimate sounding posts like the above too, usually because it does a great job at giving moderation doubt to authenticity whilst a second bot will try do the link later. In some cases its less leech SEO and straight up hope you might keylog 1 user out of thousands who happens to see it.
I've pmed you one of the "tricks" I know Snapcraft uses to help mitigate it, but a lot of it does just come down to people responding and using the report spam buttons. Sometimes they at least make it obvious as they do 100 threads in a row.
Ultimately its lead to a scenario where I'm ultra suspicious of basically any single post made by new users (moreso in that community that's closer knit than this one), and at least in that community, 90% of the time I check back 23 hours and 59 minutes later (their editing window), there's your link!
And sometimes I've seen their LLM straight up copy and paste the mods word for word, so there's an element of they must be training on content unique to your own forums to make things extra annoying.
(But hey, I love being part of the Snapchat forums).
1 Like
Thanks for the PM, I'll look into it. Indeed we got to a point where we have to look long and hard at a post to decide if it's spam or not. Like this "How do you use Joplin?" post felt suspicious initially but I decided to allow it anyway, then later I checked it more closely and figured out it was spam. We got to a point where certain legitimate posts look more like spam than the actual spam.
Maybe we'll have to go back to ban links except for the most active users... If that helps. The problem is that they can probably go around this by flooding the forum with bot users, indistinguishable from real ones, and having regular interactions (if the technology is not there yet it will be soon). Then once they build up enough trust they can post links. We can block them at the time (if we notice them!) but since they can constantly flood the forum that's a losing battle.
Anyway I wonder where this is all going. On the other hand I'm glad we have the talented people from Discourse and elsewhere providing new tools to try to get this under control!
1 Like
I bet Discourse will come up with text classification LLM integration that's going to auto-report.
2 Likes
I would also add that they sometimes "hide" spam links in other text marks, e.g. commas or full stops. Those are difficult to spot if you just skip through the text. I'm a moderator on another forum, and I usually catch them thanks to being subscribed to the forum's RSS feed, which displays those URLs in full.
4 Likes
Is there no way to automatically add the nofollow attribute to external links? GitHub does it this way.
1 Like
