Increase in malicious accounts amid COVID-19

A word of caution. I admin an established community which has been using discourse for three years. We have seen an uptick in applications to register, which we screen carefully. But we have also seen a significant uptick in malicious applications. Practice online hygiene too.


I think I know what you’re referring to – those spammy (hey, I think I’ll fill out my profile but spend zero time reading) signups have always been there, it’s only in a very recent version of Discourse that we started pushing them through the review system.

So there isn’t actually an uptick, at least once you work through the backlog.


The site used to allow anyone to sign‑on automatically but require that their first posting be approved. About eight months ago we changed that policy. We now require all new user registrations to be reviewed by an admin (that authority may also extend to moderators?). We wave through anyone with a university or institutional email account of course. But those with an ISP email account, including gmail, get a dedicated email asking about their interest in the field.

Several things happen. We get a clearly legitimate and entirely sensible reply. Or some text copied from the internet — which we do not accept of course. Or no rely, in which case we reject the application via the  Delete and Block User  button after a week or so.

It is hard to assign motivation. A minority of rejected applications would fall under viral marketing — people who wish to sell things like virtual blackboard software to a receptive audience. Before we started screening, we had three individuals sign‑on and add “regular bloke” pictures to their profiles, such as standing in front of off‑road vehicles — completely inappropriate and perhaps sock‑puppets building online personas, possibly to run down wind farms or advocate nuclear power (our forum covers energy policy). I would guess some would be people wishing to follow our discussion but are too shy to answer our screening emails — which is a pity and counts as collateral damage.

Irrespective, I think it is becoming increasingly important to keep online communities clean. As just one example, we can now gate‑keep our video‑conferences by displaying the attendance password in a private topic. Otherwise, uncontrolled attendees can locally record the session and make malicious use of those recordings — that said, I cannot cite an example of that happening but I guess it has.

To conclude, I would say there is definitely an uptick in suspicious new user applications which we now review carefully and act on accordingly.