What tactics have folks found effective against "customer refund" spam?

We’ve been seeing an intermittent onslaught of spam posts that seem to be trying to poison the web (and I suspect trying to get into LLM training datasets) with bad phone numbers for customer support — often for mobile phones or payment processors or airlines, largely coming from India. Folks have talked about some of this before, and I’ve reviewed the spam tips, but many of those don’t apply:

  • They’re not even trying to drop outbound links here
  • It’d be nice to use a regex to block phone numbers, but we don’t have regex watched words available to us
  • Akismet frequently misses
  • They’re always from a unique IP (and I think the subnets span large portions of the subcontinent) with random gmail or outlook addresses — and we cannot block those email hosts.
  • They often avoid our targeted watchwords (e.g., “PhonePe” “customer” “refund” “transaction” etc) by posting real-ish content and then immediately editing in the spam.
  • They often create many accounts at once — spamming and creating new accounts as fast as I can delete them.

We cannot close down new user registrations — at least not for long periods. But temporarily turning them off has sometimes helped stop an ongoing onslaught. And we get enough new users that requiring approval on every TL0’s first post is even more work.

Surely other communities are seeing this as well. What have you done that’s worked? I wish we could change just TL0’s editing abilities, but I don’t think that’s possible.

1 Like

Hi Matt,

Sorry to see you’re struggling with a wave of spam posts. :disappointed:

How do you have the edit post allowed groups site setting configured? I believe you would be able to block TL0 edits there.

Edited to add:

When I try this method on my test site, my edit is blocked by the Watched Words rule, unless I’m not completely grasping what you’re explaining. (Create a post. Click edit, replace the content with content that includes a Watched Word, submit the edit.)

6 Likes

Aha, great, thanks for the pointer — I had missed that setting in my search. We’ll see what disabling TL0 edits does here.

I’m not quite sure; I’ll have to run some tests. Our community is very quick on flag-killing these, but I’m only seeing community flags on posts that include the edited-in watchwords. Some of these watchwords are so definitive and with zero false positives that that I’d happily auto-ban TL0s that use them at this point.

5 Likes

This actually happened to us a week ago. The mods decided to stop new user creation, maybe that’ll work for you too.

1 Like

So I found this website with way too much phonepe spam on search results:

EVERY SINGLE TOPIC IS PHONEPE SPAM.

I created an account and tried to contact the staff there but to no response yet.

They are also running an extremely outdated version of Discourse.


Yeah, I am a member of the gimkit forums and it happened there too. So the moderator of the gimkit forums @Blackhole927 made a trusted group of people have TL4 abilities to somewhat take care of the bots. Then Pharlain announced new user creations were disabled (by Josh) and the forum was getting updates quite soon.

Topics about bot spam the Gimkit Forums created

Can’t find anymore, they were deleted.

So basically, your best bet is to disable new user registration until it is all clear.

1 Like