A forum I help with has been experiencing a tidal wave spam account registrations in recent months. These are almost for sure AI bots, as they seem to be able to fill out some registration form (basically, box checking), solve an hCaptcha, and deal with the verification email, even user profile information. We can usually guess which registrations are fake based on a few factors (e.g. zero article read time, some subtle things about names/email addresses, obviously fake user info), but it’s not easy (e.g. they are often legit gmail addresses). This process is unsustainable, though - we’ve sometimes had 10 fakes a day, and it’s far too easy to make a mistake given our limited capacity to triage these.
Adding captchas decreased the number of fake registrations, but we still have a big backlog of users that need to be approved, which means it often takes a week or two for new users to be able to join. We considered text based questionnaires for new users, but the reality is that we don’t have the capacity to read a bunch of questions and guess whether they are AI generated or not (and: this problem will only get harder).
One option is to simple allow these users to join, and then flag them if they post something obviously spammy? I think we’re hesitant to open the gate on this, as it simply displaces the process from one place (registration) to another (flagged posts) and the cat can’t be put back in the bag on this: a hundred latent ai users that all slowly start posting over a few months could easily ruin the forum completely.
Anyone have strategies to help dealing with this? We’re relatively small so i can’t imagine we’re the only ones experiencing it…
Regarding AI user accounts, can you expand on what “damage” it causes if the users never posts?
We made a change a month ago where we suppress profiles from low trust and anonymous users till a user actually posts, so the spam is hidden.
One interesting approach imo if the volume is really high would be to junk accounts after 30 days if they don’t post, they need to reveal themselves or they will be junked.
AI spam detection has been spectacularly successful on all the forums we enabled it, you can use it on your forum with some free models like gemini free tier. We give our customers access to our model, but this is not widely available to self hosters.