Spam - fake customers

[ma.r.a]

Please, give me an advice. How can I get rid of spam that creates fake customers? Every day 20-30 fake customers are created.

Thanks!

[djdavedawson]

This is happening to me also. 3 different sites on 3 different servers. All started happening around the same time. Roughly a week ago. March 23rd ish.

[davewest]

adding reCAPTCHA or non-CAPTCHA can help fix issues with bots... with non-bots or human spammers, a simple regex line can help. Regex can also limit or hinder good account creation too..

The standard create account line for first name on a ZC156a page is

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' .  ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

adding this in red blocks some characters not normal to names and limit the length to 20 characters.

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" pattern="^[^±!@£$%^&*_+§¡€#¢§¶•ªº«\\/<>?:;|=.,]{' . ENTRY_FIRST_NAME_MIN_LENGTH . ',20}$" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' . ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

This only works on humans, bots well walk right by it...

I would also check the template or mods you may be using that they meet current ZC filters.

[shags38]

adding reCAPTCHA or non-CAPTCHA can help fix issues with bots... with non-bots or human spammers, a simple regex line can help. Regex can also limit or hinder good account creation too..

The standard create account line for first name on a ZC156a page is

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' .  ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

adding this in red blocks some characters not normal to names and limit the length to 20 characters.

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" pattern="^[^±!@£$%^&*_+§¡€#¢§¶•ªº«\\/<>?:;|=.,]{' . ENTRY_FIRST_NAME_MIN_LENGTH . ',20}$" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' . ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

This only works on humans, bots well walk right by it...

I would also check the template or mods you may be using that they meet current ZC filters.

Hi Dave - I asked the question in another thread but no reply to it - "What harm can be done by these spam created accounts?" (if any, aside from being a nuisance)

cheers, Mike

[davewest]

Hi Dave - I asked the question in another thread but no reply to it - "What harm can be done by these spam created accounts?" (if any, aside from being a nuisance)

cheers, Mike

None other then wasting your time and resources... basically your mail server and database. If its IP addresses to countries you don't serve you can do a whois search and get the IP range to block through your cpanel ip blocker. I use geektools dot com Pointing to there entry page so you know who they are... look to the top right for the whois page. Assuming you have a tracking mod installed in ZC or you would have to use your raw access logs from your cpanel for IP's.

The spam I've seen are bots who found you to have open inputs without spam protection or using the default words. If they find an open submit, they will exploit it to the max inputs your system can handle. The default ZC filters well strip out html in basic name input fields, the fact that some fields have URL's in them is interesting, I would check your code to see why.

[Zean]

The default ZC filters well strip out html in basic name input fields, the fact that some fields have URL's in them is interesting, I would check your code to see why.

Zen Cart 155e

I'm not so sure about the filters because I'm also getting url's in the name fields.

[Zean]

Hi Dave - I asked the question in another thread but no reply to it - "What harm can be done by these spam created accounts?" (if any, aside from being a nuisance)

cheers, Mike

The harm is damage to your reputation. You are not the target of the attack . . . merely the tool. The account creation sends an email to the email address provided containing spam and links to potentially serious malware from your shop, domain and ip address. Potential result is blacklisting of your genuine emails by major email providers like gmail, yahoo, apple, etc.

[ianhg]

adding reCAPTCHA or non-CAPTCHA can help fix issues with bots... with non-bots or human spammers, a simple regex line can help. Regex can also limit or hinder good account creation too..

The standard create account line for first name on a ZC156a page is

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' .  ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

adding this in red blocks some characters not normal to names and limit the length to 20 characters.

Code:

<?php  echo zen_draw_input_field('firstname', '',  zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . '  id="firstname" pattern="^[^±!@£$%^&*_+§¡€#¢§¶•ªº«\\/<>?:;|=.,]{' . ENTRY_FIRST_NAME_MIN_LENGTH . ',20}$" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' . ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>

This only works on humans, bots well walk right by it...

I would also check the template or mods you may be using that they meet current ZC filters.

@davewest Thanks for this.
I applied your excellent non-captcha and it has stopped spam coming from contact page on one particular site. It has also appeared to have stopped the spam bot setting up fake accounts on another site with links as described in this thread. I did get four fake accounts which I think may have been done by an actual spammer, as they came through with long first names and surnames so I have added the above tested and it appears to work. So I wait to see if anything happens later today, many thanks excellent help from you. Just one thing is it possible to only except UK postal codes in the correct format in postal code field.
Thanks again.

[davewest]

Just one thing is it possible to only except UK postal codes in the correct format in postal code field.
Thanks again.

I'm not sure what the UK pattern is, but on many of my pages I use jquery maskedinput script to format things like dates, phone numbers.. This could work if you only have one pattern only.. The script is tied to input class or id and script is placed at the bottom of the tpl_PAGE You can see how it works by looking at my map request page.. Google jquery maskedinput to get the latest version and instructions.. The UI script and css is used for the popup calendar.

Code:

<script src="<?php echo $template->get_template_dir('jquery-ui.min.js',DIR_WS_TEMPLATE, $current_page_base,'jscript') . '/jquery-ui.min.js' ?>" type="text/javascript"></script>
<script src="<?php echo $template->get_template_dir('jquery.maskedinput.js',DIR_WS_TEMPLATE, $current_page_base,'jscript') . '/jquery.maskedinput.js' ?>" type="text/javascript"></script>
<script type="text/javascript">
    $(function() {
        $("#date")
                .datepicker({ nextText: "", prevText: "", changeMonth: true, changeYear: true })
                .mask("99/99/9999");
    $(".phone")             .mask("999-999-9999");
    });
</script>

[ianhg]

@davewest Thank you for your speedy response. Just one other point do you need to be using PHP7 or greater for your honey pot CAPTCHA to work?