Spam - fake customers

**Zean** · 2 Apr 2019, 06:26 AM

Originally Posted by davewest

The default ZC filters well strip out html in basic name input fields, the fact that some fields have URL's in them is interesting, I would check your code to see why.

Zen Cart 155e

I'm not so sure about the filters because I'm also getting url's in the name fields.

**dianeg** · 2 Apr 2019, 10:21 AM

Using Zen Cart 155e
Our website has been receiving the same fake account creations. I've blocked a range of IP addresses via our cPanel and have removed a number of countries from the database that we don't serve. I've also tried to track down the IP address to find a common denominator and blocked them. Given we are not the only targets or tools suggests bots are being used and for us they all seem to come from Urkraine/Russia. I'm no expert but this has been my observation. If only we could rename 'create_account' on a global scale - assuming these bots are trawling the web for create account files.

I've looked at the common factors in the emails we've received (9 since 28 March) from the fake accounts. In the From section these are:
http://project1226271.tilda.ws
http://project1206632.tilda.ws

Full examples (these are only 2 of the 9):
Dear Mr. Constance has left you 3 personal calls http://www.vejen-jagtforening.dk/ind...26271.tilda.ws

Dear Mr. Helena wants to see you in 12 hours http://www.theu.ro/click.php?url=htt...06632.tilda.ws

**dianeg** · 2 Apr 2019, 10:26 AM

Originally Posted by Zean

Zen Cart 155e

I'm not so sure about the filters because I'm also getting url's in the name fields.

We're getting the same issue with url's in the name field. I've also looked in the Customer table in our database using PHPMyAdmin. I can see that for all our legit customers the email field is HTML where at the fake accounts are TEXT. Not sure if this is relevant. We are using ZC 155e. I would have automatically assumed that ZC filters would scan the name fields and prevent certain characters from being used.

**edadk** · 11 Apr 2019, 06:41 PM

Can anyone tell me where the line of code is that sends email when an account is created, I can't find it.

**edadk** · 11 Apr 2019, 07:10 PM

Found the email send in modules/create_account. I've disabled that for the moment. New customers will not get a welcome email but that will work for now.

**fwood2** · 13 Apr 2019, 01:13 PM

I replied on another thread. I done everything imaginable EXCEPT add another CAPTCHA. I suppose I should do so, but I am not encouraged. Has anyone solved this?

**davewest** · 14 Apr 2019, 04:43 AM

Originally Posted by fwood2

I replied on another thread. I done everything imaginable EXCEPT add another CAPTCHA. I suppose I should do so, but I am not encouraged. Has anyone solved this?

Without a link or text link back to your site and/or a list of mods installed, its a guess as to solving or commenting on your problem. The few hits I've noticed on my own site failed to create accounts!!

**ianhg** · 16 Apr 2019, 08:30 PM

Having the same issue currently only on one site running version 1.5.5f.
Can anyone suggest ways of stopping these fake accounts or the bots using the site?
Many thanks

**toyseller** · 26 Jun 2019, 02:16 PM

ZC154 - Responsive Sheffield Blue template

Having problems with fake customers with http in the name and Ukraine being set up in the Country
(although Ukraine isnt listed as an option in the pull-down list for customers to select) ... it is set to a red button in "Locations/Taxes"/Countries.

Please could you tell me what to change this line to ...

public_html/includes/templates/template_default/templates/tpl_modules_create_account.php

Line #57 : <?php echo zen_draw_input_field('firstname', '', zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . ' id="firstname"') . (zen_not_null(ENTRY_FIRST_NAME_TEXT) ? '<span class="alert">' . ENTRY_FIRST_NAME_TEXT . '</span>': ''); ?>

public_html/includes/templates/responsive_sheffield_blue/templates/tpl_account_edit_default.php

Line #35 : <?php echo zen_draw_input_field('firstname', $account->fields['customers_firstname'], 'id="firstname"') . (zen_not_null(ENTRY_FIRST_NAME_TEXT) ? '<span class="alert">' . ENTRY_FIRST_NAME_TEXT . '</span>': ''); ?>

I have 5 similar lines in my website coding but Im assuming that only one or both of the above will need changing
The other 3 are in files ...

public_html/includes/templates/template_default/templates/tpl_account_edit_default.php
public_html/includes/templates/template_default/templates/tpl_modules_address_book_details.php
public_html/includes/templates/template_default/templates/tpl_modules_checkout_new_address.php

Apologies, Im not a coder but can change the code.

Have blocked a Ukraine, Finnish, German and Australian range of isps ... trying to shake off this person.

Thread: Spam - fake customers

Thread Tools

Search Thread

Display

Hybrid View

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Re: Spam - fake customers

Similar Threads

Fake Phantom Spam Customers? CAPTCHA No Help

Posting Permissions