What tactics have folks found effective against "customer refund" spam?

We’ve been seeing an intermittent onslaught of spam posts that seem to be trying to poison the web (and I suspect trying to get into LLM training datasets) with bad phone numbers for customer support — often for mobile phones or payment processors or airlines, largely coming from India. Folks have talked about some of this before, and I’ve reviewed the spam tips, but many of those don’t apply:

  • They’re not even trying to drop outbound links here
  • It’d be nice to use a regex to block phone numbers, but we don’t have regex watched words available to us
  • Akismet frequently misses
  • They’re always from a unique IP (and I think the subnets span large portions of the subcontinent) with random gmail or outlook addresses — and we cannot block those email hosts.
  • They often avoid our targeted watchwords (e.g., “PhonePe” “customer” “refund” “transaction” etc) by posting real-ish content and then immediately editing in the spam.
  • They often create many accounts at once — spamming and creating new accounts as fast as I can delete them.

We cannot close down new user registrations — at least not for long periods. But temporarily turning them off has sometimes helped stop an ongoing onslaught. And we get enough new users that requiring approval on every TL0’s first post is even more work.

Surely other communities are seeing this as well. What have you done that’s worked? I wish we could change just TL0’s editing abilities, but I don’t think that’s possible.

1 Like

Hi Matt,

Sorry to see you’re struggling with a wave of spam posts. :disappointed:

How do you have the edit post allowed groups site setting configured? I believe you would be able to block TL0 edits there.

Edited to add:

When I try this method on my test site, my edit is blocked by the Watched Words rule, unless I’m not completely grasping what you’re explaining. (Create a post. Click edit, replace the content with content that includes a Watched Word, submit the edit.)

7 Likes

Aha, great, thanks for the pointer — I had missed that setting in my search. We’ll see what disabling TL0 edits does here.

I’m not quite sure; I’ll have to run some tests. Our community is very quick on flag-killing these, but I’m only seeing community flags on posts that include the edited-in watchwords. Some of these watchwords are so definitive and with zero false positives that that I’d happily auto-ban TL0s that use them at this point.

5 Likes

This actually happened to us a week ago. The mods decided to stop new user creation, maybe that’ll work for you too.

2 Likes

So I found this website with way too much phonepe spam on search results:

EVERY SINGLE TOPIC IS PHONEPE SPAM.

I created an account and tried to contact the staff there but to no response yet.

They are also running an extremely outdated version of Discourse.


Yeah, I am a member of the gimkit forums and it happened there too. So the moderator of the gimkit forums @Blackhole927 made a trusted group of people have TL4 abilities to somewhat take care of the bots. Then Pharlain announced new user creations were disabled (by Josh) and the forum was getting updates quite soon.

Topics about bot spam the Gimkit Forums created

Can’t find anymore, they were deleted.

So basically, your best bet is to disable new user registration until it is all clear.

1 Like

yea but that gimkit forum has email verification disabled i think - that is almost like asking for spam.

3 Likes

We have it. Idek how they got verified


So, basically the mods suspended all the bots (they made 1+ topics and posts)
And disabled new account registrations.

they should also consider enabling this setting - normalize emails (it’s disabled by default)

image

4 Likes

If I recall correctly, there’s a setting to change topic creation to TL1+. It should fall under the posting category of the admin dashboard (if not, try the trust levels section and if it still doesn’t work, try to search for it). If it doesn’t exist (because I haven’t used the admin dashboard for like, 2 months now), disable the creation of new users.

On the Gimkit forum (yes, a forum for a literal educational game got attacked), the bots did the same thing. A solution I would propose is not to add more watched words but to employ staff members that stay up late/are in different timezones.

I think that you should probably try and keep doing this over and over again. Alternatively, you could try to make every single account get approved before they enter, although that’ll still be hard work.

Yep. The Gimkit forum got attacked as well.

In the Gimkit forum, we have tried to flag posts like you’re giving out candy on Halloween night, but that didn’t work, even with the use of alts. The most successful solution is to get anybody TL4+ to unlist/delete topics.

That’s definitely a red flag for them.

They have it enabled, just not the normalized email setting (which, as you said, they should enable).

2 Likes