Interesting, looks like a spammer is targeting .social email addresses. I got a message inviting me to join the "Montereybay Masterplan" project, and the link in the email leads to a phishing site with a truly unconvincing Mastodon logo. It is to laugh... #FediSpam

Two spam updates:

1. Registrations here were briefly closed this morning when we got hit by bots. I think we caught them before any spam was sent. Registrations are open again, I think we have figured out how to block spam registrations effectively 🤞

2. techhub.social has been silenced (not defederated) here, because they are the latest server to be flooding the fediverse with spam.

#MstdnParty #FediSpam

Use #fedispam hashtag to report spam activities on the #fediverse

#mastodon #pixelfed

@Guillin Wow 👌.. We're on the same page.

Let's use the #fedispam tag to spread this and identify spam accounts together

Someone kindly do something! Otherwise I'll start to act like crazy 😠...

I HATE YOU SPAMMER 😑!

@Mastodon @spreadmastodon @support
#fediban #fedispam #fediverse #mastodon

Seeing increased spam activity on Mastodon.social

@Mastodon
#fedispam #fediban #mastodon

This is one of those multiple-instance spammers, @bytebro . The same account has appeared on multiple instances today, and posted the same thing. They won't be listening.

Interestingly, my usual canary instance for multiple-instance spammers wasn't hit, but there are accounts on German servers.

Which makes no more sense than advertising this on a .UK instance does. But FediVerse spammers go for quantity not quality. Have server list, will spam.

#FediSpam @SolSoCoG
@Fyrsta

@TimMorris They made it years ago. If this is your first encounter, then the system is actually doing a fair job of keeping you and them apart.

The sysop to talk to about an account there is @thomas_virtubox, and the rules to refer to are at https://mastodon.top/about .

#FediVerse #FediSpam

@supernovae @Fyrsta @wild1145 @stux Nuance isn't lost, as I clearly stated that these are 1-advert-post accounts doing the exact same thing across many instances. It's quite clear from the listed examples what this specifically is.

The question about what systems are in place remains unanswered. It isn't something that gets noticed by a single site, whereas it is something that is noisy when multiplied by many instances. Reporting 1 post to a single site doesn't address that.

#FediSpam

@supernovae @Fyrsta @wild1145 @stux

This isn't lack of understanding. If anything, it's understanding the FediVerse very well: understanding that lots of advertisements from a single account is noticed, but using lots of instances with 1-advert-post accounts to achieve the same effect flies under the radar.

Today's first spammer using this same technique is an on-line gambling site: @fb88vietnam@podaboutli.st @fb88vietnam @fb88vietnam@mstdn.social @fb88vietnam@mastodon.london @fb88vietnam@sfba.social

#FediSpam

Just to reinforce the point that this is a frequent thing now, here's another one that was created _the very same day_.

@eliteiasacademy@beekeeping.ninja is another 1-advert-post account that's repeating its advertising by the trick of posting from it many instances, including
@eliteiasacademy@mastodon.london, @eliteiasacademy, @eliteiasacademy@cr8r.gg, @eliteiasacademy@universeodon.com , and others.

@Fyrsta @wild1145 @supernovae @stux @CR8R

#FediSpam

So, FediVerse, what systems do you have in place to stop #FediSpam not coming from a single instance but from hundreds of them?

Consider @imtaaa@podaboutli.st , which is also @imtaaa@cr8r.gg, @imtaaa@mastodon.london, @imtaaa, @imtaaa@universeodon.com, @imtaaa@masto.ai, and many others. There are several advertisers going around doing this, creating 1-advert-post accounts across many instances (at the rate of 1 or 2 per day, at 1 instance).

So what's stopping this? Or has no-one thought about it yet?

#FediHelp
@Fyrsta @wild1145 @supernovae @stux

Today I blocked and reported my first #fediverse #spammer, a particularly insidious one as their message preys on the social #activism that’s so prevalent here. As if I wasn’t cynical enough about that already.
#spam #FediSpam

#fedispam Has anybody seen any good papers / tools / thoughts regarding #spam on the #fediverse?

#fedispam Has anybody seen any good papers / tools / thoughts regarding #spam on the #fediverse?

Just noticed another of those spams came during my nighttime. Seems to have been an old, possibly abandoned account. Could have been an account takeover via credential stuffing. I blocked the user and reported them to my own admin and their home instance. Didn't block the whole instance this time, but @ajroach42 may decide to after some research.

If someone is taking over accounts with insecure credentials and then using them just to @ a bunch of people, in a way they're doing us all a favor by helping clean up these accounts. They could do something far more nefarious with stolen accounts, nefarious things that are probably already happening, like surveillance and sock-puppetry.

#fedispam #spam #FediMeta