About a month ago I received a bucket load of signups from Cashette email accounts on the blaa.ie forum. I was curious as to who or what cashette was so I looked up their website and I found this little blurb there:
“Cashette provides an innovative solution for the ever-growing spam problem. The Cashette service allows users to name their own price for spam. An advertiser will have to pay Cashette users the price they set or the ad email will not reach their Inbox.”
So what they’re basically saying is that each time you receive a spam message and if you have an account with Cashette then you will receive a payment from the spammer.
Cashette’s founder, Leon Zuo, explains even further when he says:
“The fundamental reason that spam is flooding the email system is that, unlike traditional advertising, it costs almost nothing to send spam. There is a strong economic incentive for spammers to abuse email. Therefore the ultimate anti-spam solution is to simply take away that incentive by making the spammers pay. As the people who receive spam incur the loss of their valuable time, it is only fair to make the advertisers pay those who receive email advertising. That is exactly what Cashette does.
This sounds absolutely bollox to me. If that was the case then why are “users” from Cashette creating spam accounts on forums and posting porn links? If you run a forum then ban the @cashette email domain ASAP.
If you wish to crack down on spam signups on your forum then this thread - Banning Email Addresses within Vbulletin - may be of interest to you. It contains a blacklist of approx 40 spammy domains which are known to house spam email accounts.
If you're new here, you may want to subscribe to my RSS feed. Thank you for visiting! Cormac
16 responses so far ↓
Funnily enough I deleted five (dont laugh) accounts last week which were from cashette.com. The last of which was “hromsgrom@cashette.com “. Ive given up on checking the domain names as very often they are unrelated.
Hi Gary,
This thread over at the IWF should be of interest to you…
http://www.irishwebmasterforum.com/forum-management/1102-share-your-dodgy-email.html
Hi Cormac,
I really appreciate the heads-up regarding Cashette. I discovered your blog as I was performing a Google search on the aforementioned email service.
I run a local community BBS through Suddenlaunch, slow moving as it is, and logged in after work to check for new posts. I noticed a new member had joined and made note of his email address. I did a little investigating as I was not familiar with Cashette.com. I am darn glad I ran into your blog. Thank you!
I unfortunately posted, on the front end of my community bbs, the url to a recently purchased domain that hosts a scifi and fantasy forum that’s soon to go public. That url was the first item that Cashette user probably noticed upon registering.
I think that your blog entry may have saved me some undo grief.
Btw, you have one darn informative site. Keep up the good work….outstanding!
Awhhhh! That’s the perfect comment
Thanks Robert. Best of luck with your Sci-Fi website.
Cormac
I just banned about 30 @cashette.com regs myself and banned the domain.
Also ban @mail.ru - this and cashette account for about 80% of our fake regs.
Hi Emily, thanks for dropping by
web.de seem to be a popular choice for spam accounts too.
Take a look at this post - http://www.cormacmoylan.com/blog/vbulletin/banning-email-addresses-within-vbulletin.eire - it features a bucket load of dodgy spammy email domains.
[...] The remedy was the introduction of the nofollow tag into wordpress’s comments script. As you are more than likely aware, you can post comments on a user’s blog. The fields are ‘name’ , ‘url’ and of course ‘comment’. The URL field is optional but it became greatly abused by spammers who wrapped their link in anchor text in order to target specific keywords for websites. [...]
Banning a public mail service is not a good way at any case. I feel a lot of discomfort while trying to register at many forums with my favorite address. Thus I have an article http://tech.tolero.org/blog/en/web/blogs-and-forums-spam-bots-protection explaining non disturbing users ways to fight with spam. I’d recommend you to use them, instead of service ban method.
Hi Rommidze,
You have a very interesting, and technical, article on spam. It\’s a very good read.
You may think that banning a public email address is wrong, but the forum i run is mainly for Irish users. I have never had a real .ru or .de user signup to my forum, but i have had a lot of spam from those .tld\’s. So why not ban them? I would prefer not to, but i was getting approx 5 to 8 spam signups a day. It was my only option.
Since i have setup my anti-spam protection I haven\’t had a single false postive signup.
Thanks for your comment Rommidze.
Cormac
in my case, we are a small local news source with a web forum so readers can comment on stories. We’re dead center in the US but if you looked at our reg’d users, you’d think we were in Russia. We have no reason for mail.ru users to be registered on our forum and I have no qualms about blocking them.
What forum software are you using Emily?
If you’re using vbulletin you may want to install these two plugins:
RBL Checker - http://www.vbulletin.org/forum/showthread.php?
Enhanced Captcha Checker -
http://www.vbulletin.org/forum/showthread.php?t=132482
They have helped me greatly reduce the spam signups on my vbulletin forum. I couldn’t live without them.
phpbb…but because we’re owned by a large corp, they control some aspects of our site. I don’t have permissions or ability to install anything, unfortunately.
I used to run a phpbb forum before my VB one. The $85 was well worth it for the VB licence!
PHPbb has many security flaws (although in saying that, we never got hit by any hackers and we weren’t patched for ages against vulnurbilities).
I’m not too familiar with any mods to protect against spam, but I do know that Askimet is available for phpbb.
Here is the download page - http://www.eadz.co.nz/blog/article/phpbb-akismet.html - I use it on this blog and it works wonders. There is only so much that email verification and captcha can do for your forum. I hate spam
Spam from bots is a really nasty problem especially for young forums where there is not much scrutiny and moderation. I’ve been penning some thoughts down on my blog.
Main idea is that people registering from spammy domains should be made to jump through hoops when adding comments which contain hyperlinks. For instance, it may mean additional captchas that they have to pass through. (By the way, the rumy software already bypasses captcha, so you’d need better tests, such as pictures of kittens).
On top of it, we can use a bayesian classifier like b8 to flag it.
Chui,
The problem with adding all these extra hoops is that you’re treating your users the same as bots. Having a user fill out a captcha and a bot fill out the same captcha is bad practice in my opinion as it only differentiates users from bots after the captcha is solved.
Captchas provide a bad user experience and they defy usability.
Cormac,
I’d only serve additional captchas to @cashette.com, and @mail.ru addresses which has suspicious hyperlinks or high value CPC’s in the site url or hyperlinks.
Chui