spamming
Latest
Twitter botnet quotes 'Star Wars' from the middle of the sea
Along with trolls and bullies, one of Twitter's biggest problems is bots -- automated accounts that puff up follower numbers, troll users or turn fake news into trending topics. Researchers investigating botnets found maybe the strangest one ever: 350,000 that tweet only random Star Wars quotes from Windows Phone devices. While that's actually kind of amusing, the researchers say that it reveals "profound limitations of existing bot detection methods" and shows the potential risks that hidden networks pose to the Twitter ecosystem.
ArcheAge Russia punishes 57,955 destructive players; ArcheAge West opens forums, streams
If you're lucky enough to be playing the Russian version of ArcheAge, then you're probably pretty annoyed at the MMO's recent server downtime. It might make you feel better to know the outage was the result of Mail.ru's investigation into mass exploits plaguing the game since its soft launch last month. Not only has the company fixed those exploits and apparently banned approximately 2,000 users, but it also punished 57,955 players for various destructive behaviors, including spamming chat and botting. Mail.ru exhorts players to continue reporting exploits to customer service rather than post them publicly. Meanwhile, Trion Worlds kicked off its hype machine for the Western version of the game with brand-new forums and a livestream introducing the gameplay to the west. We've embedded the video behind the cut. [With thanks to Oskar and Balsbigbrother!]
Man spams App Store for fun and makes $2,800 in profit
Gabriel Machuret is not an app developer; in fact he "couldn't care less about apps." He looks at an app and doesn't see a coding challenge or an opportunity for creativity; he sees a revenue stream. He's an App Store Optimization (ASO) expert, and he recently put his money where his mouth is with an experiment in reskinning apps that he tossed into the App Store. How did his experiment turn out? We talked with Machuret to find out. If you are not familiar with the process, reskinning involves buying an app's source code and then swapping out the graphics and sounds to create a new or different app. Buy the right code, and you can use the same core app to create a variety of games or apps. In his experiment, Machuret used the same code and the same category with different niche approaches. He ended up producing 35 apps in about a month; five got rejected by Apple and 30 apps are live in the App Store. As for the quality of those apps, Machuret has his own definition: "It is important to understand you can build a quality app even if the app itself is not, from a developer point of view, 'high quality.'" As much as you may disagree with his strategy, you can't argue with the results. Just using ASO, well-written descriptions and apps that hit a target niche, Machuret was able to pull in just under $5,000 in revenue in two months. After factoring in costs, he walked away with $2,892 in profit. All this for one month of work and one month of relaxation. To maximize his profit, Machuret cut development costs to the limit. He chose "non-conventional" apps so the development was very affordable. He also didn't overcomplicate the process, quickly changing strategy when something in the reskinning became too costly. It may raise some hackles, but Machuret approached the App Store as a salesman and not a developer. "I spent more time researching and understanding the market and niche, than wondering if I should make my graphics yellow or green," said Machuret. "For me the biggest asset is the data that my own apps provide me about the market I'm trying to target." Being successful to Machuret is not about the developer's goals, but about the user and what the user expects. "What the user expects versus what the developer would love to produce, are different in many situations," Machuret notes. "The goal is to provide to the user exactly what you announced your app provides and if you did the right market research your app will be purchased and/or downloaded." This isn't a short-term revenue stream, either. Machuret believes his app experiment is sustainable as long as he is careful with the code that he picks and the market that he targets. "Not every app is meant to be reskinned in the long term," said Machuret. "Revenue always falls if you choose an app on a quick trend. Many of my apps are in evergreen topics, so I expect that at least 70 percent of the revenue will remain." So what does Machuret plan for the future? Though he is pleased with the $3,000 that he made in the past two months, he wants to up the game by making $5,000 per month in app revenue. He will use this same app factory strategy he used last year to produce another round of 30 apps with different code than his first batch. He also plans a joint venture with another app entrepreneur to produce 20 additional apps. This time around, he will improve his method by building better apps, working harder at ASO and, most importantly, investing in niches that nobody is doing. This latter tactic is useful to stay under Apple's radar. "I doubt that Apple will allow low-level apps to rule the jungle for very long, that's why if you want to play the game, you need to choose those codes and niches nobody is even looking at," said Machuret. Can he pull this off and make a sustainable profit by spamming the App Store? You can follow his App Income Report blog and track his success or failure. As for the strategy he is using, sound off in the comments and let us know what you think.
Dropbox two-step login verification available in experimental build, coming to all accounts soon
Following up on its promise to tighten account security following a recent breach, Dropbox is now offering two-step login authentication to users who install the service's latest experimental desktop build. The team says the functionality will roll out to all users in the coming days, but listed full instructions to forum users who just can't wait. Those who op-in only need to download a new version of the Dropbox desktop software and activate the feature in their account settings. Once set up, Dropbox will require all unrecognized machines to provide a code, culled from an authenticator app or received via text message. The firm also provides an emergency back-up code that'll disable the feature should you lose your phone. Feeling insecure? Check out the source link below to get started. Update: Dropbox just made it official, detailing set up instructions once more on the Dropbox blog.
Dropbox confirms user info was stolen, adds new security measures
Dropbox has admitted that spam reported by its users over the last few weeks was the direct result of a security breach. Both login names and passwords were stolen from an unstated number of users, including a Dropbox employee. That account contained a list of clients' email addresses, which is what the company believes led to the spam in the first place. In response, it has contacted those affected to protect their accounts and outlined several new security features. These include a two-factor authentication option coming in several weeks and a new automated feature that will check for suspicious activity. A new landing page will also show you any logins to your account, while Dropbox reheated that always-helpful advise to avoid reusing passwords on multiple websites -- noting that a breach on one site can cause an entire cascade of grief.
Who's behind those spammy video converter apps
There's an interesting article from last year over on Macworld about how spammers try to use comment systems on discussion forums to promote their wares. Christopher Breen, one of their moderators, dug into the world of Chinese companies promoting dodgy (as in "don't work very well") video converters. "The software is advertised through forum spam -- usually in the form of tutorials that show you how to use it -- but there's sock puppeting going on as well," he says. "These companies will often first pose a question along the lines of 'How do I convert my videos for the iPad?' and then, under a different identity (but using the same IP address), answer their own question with a recommendation for one of these tools. Additionally, they create shareware sites that, coincidentally enough, rave about these products in fake reviews." Breen managed to confront some of these spammers when they contacted Macworld asking them to review their software. "I was contacted by a PR representative from one of these companies asking for a review. I replied that we don't review software from spammers but if they were willing to forego this sleazy practice, we might consider a review, just as we'd consider a review of any legitimate product." He goes on to detail how the spammers offered to pay for advertising and offer special deals and prizes to readers in return for a review, and he always replied, "We don't support spammers." Breen lists the names of many of the video converters to avoid and offers advice to those running discussion forums on how to recognize and remove their spam. Good stuff.
Lost Pages of Taborea: Spam heal is the enemy of strategy
Last week, I spoke a bit about whether Runes of Magic was too easy or not. In that article I harken back to the mana strike that players held to remove part of a patch that added a percentage-to-cost modifier on all spells for all classes. This week I wanted to flit around the same subjects, but from the viewpoint of healing and strategy. I want my readers to be well-versed in RoM 101. Just like I set out to do with my community guide for new and old players, I want to educate players today on the fine art of button-mashing. Let's start by covering what spam healing -- or spamming any skill -- is, and why it's not always fun. I'll put this into the context of dungeon-running, cover some fun strategy that results from not being able to spam heal, and give my opinion on how well (or not-so-well) all this works in RoM.
One month: Aion October community address
Aion has officially been out for one full month and NCsoft just released an October community address in response. The notice reads less like a giant pat on the back and more like a checklist of major issues they are working on, which is bound to churn up speculation about how well the title is doing. Oh, we're sure Aion is doing quite well even though we haven't heard the official numbers yet, but developers usually use these opportunities to shout about their accomplishments rather than their shortcomings.The top three issues mentioned in the letter are experience curves, client performance, and spammers/botters. Most players will agree that it can feel like a part-time job to level your character at times. Some players have had performance issues specifically related to "Cryssystem.dll." And finally, everyone has been forced to /ignore the odd spammer... or fifty. NCsoft is using this opportunity to yet again tell players they are aware of these issues and fixes are on the way. We're curious how this may relate to differences between eastern and western gaming cultures. Aion has been released for nearly a year in Asia and yet only the outcry from European and North American players against experience grinds and gold spamming specifically seems to be sparking a change.
Friday Favorite: SpamSieve 2.76
My Friday favorite is SpamSieve. We have mentioned it a few times previously, but since it has recently been updated to version 2.76 I wanted to sing its praises again. It's the best way I've found to deal with spam. Using Bayesian filtering, SpamSieve installs as a plug-in to your mail client and lets you mark messages as spam. As you do, it builds a a corpus file of rules telling determining what is spam and what isn't. The more messages you mark, or train, the more accurate SpamSieve gets. I've been using it since November of 2003 and after years of training, it's so accurate that it rarely fails to catch an errant spam encrusted message. When it does, using either a keystroke sequence or a pulldown menu from your Mail client you can train it as spam. At the start, it's quite labor intensive since you have to mark a few hundred messages for it to really start working, but it pays dividends. After a while, you'll have a personalized set of inclusion/exclusion rules that gets better over time. To give you an idea, yesterday I received 307 emails. Out of those SpamSieve correctly marked and moved over 30 messages and missed only 2 that needed training. This is a shot of my corpus screen showing how many messages have been filtered and how many words were read resulting in messages being regarded as spam or good. Yes, over 15,000 messages is a big number, but by being cumulative, SpamSieve gets more and more accurate over time. SpamSieve allows you to import or export the corpus file so if you get a new computer, or decide to use a different email client, you lose nothing.
eHarmony advertises in Warsong Gulch
Quinionn on Magtheridon sent us this picture -- apparently dating website eHarmony has gotten in on the in-game advertising just in time for Valentine's Day. He had just joined a Warsong Gulch when this guy showed up spamming an ad.There's a number of strange things going on here -- as far as we know, this isn't an official Blizzard move, but most of the people spamming ads in the game are shady gold-selling websites, not real corporations with bigger profiles. And the weirdest thing might be this: Eharmony on Arthas isn't a one-time character created to spam in Trade -- he's level 80 with 450 Jewelcrafting and Mining. There's actually a lot of characters with the same name around, with different levels and classes, even in different guilds (though this one is probably the funniest).Very weird. At the very least, the spammer's aiming to lose his character, and at worst, if this is an organized action, Blizzard might actually have a case against eHarmony for spamming inside the game. Have you seen any other ads like this around the game?Update: Mystery seems to be solved: it was just some guy messing around. Strange way to mess around, though. He's in our comments, and says he's getting a free name change after the GMs said what he was doing was not so cool.
Anti-gold-seller FAQ page goes up at the official EU site
World of Warcraft's European site has posted a new page of their FAQ aiming to describe the effects and consequences of third party gold selling, also known as RMT (Real Money Trade or Real Money Transactions). There doesn't seem to be a similar page added to the American site yet, but we've seen enough to know very well that they disapprove as well. The page mostly focuses on the more underhanded tactics the companies use to get money, such as keyloggers and trojans, or simply stealing the accounts of people who paid for powerleveling, and using them as farming bots, or spamming in high traffic areas on level 1 characters with hard to spell names. It's a good start, and certainly reminds people of the harm that these gold farmers do, and how it can hit close to home. As a veteran MMORPGer who's watched Johnathan Yantis and Brock Pierce practically invent the industry and most of the dirty tricks it pulls, I'm glad to see Blizzard continue to make a stand against these types of leeches and hope they continue to do so. I'd love to see them explain more fully how the constant amount of kill stealing and spawn and AH camping they do hurts the game. A campaign of information might be just what we need to stop the gold farmers once and for all. Legal measures and community shame (and thus shrinking of their customer base) for a one-two punch? Here's hoping! Thanks for the heads up, Richard!
PotBS devlog discusses the gold-spammer issue
"Do you annoy not afford new ship?" Anyone that has played Pirates of the Burning Sea since launch will have received countless private messages similar to the above, soliciting the sale of in-game currency. The latest devlog from the official PotBS site talks about how they are working to combat the spamming -- well, they tell us what they can, because if we can read it, so can the spammers.Some extremely good news is that a new command is on the way that will make reporting spammers a breeze. Currently players have to leave the game or alt-tab out to condemn these nuisances, but those days will soon be over. The process for Flying Lab Software to actually receive and act on these reports is being streamlined as well. Behind the scenes, they say that they are looking at better ways to catch the spammers before they even get to spam, but as per the above reason, don't expect these methods to be made public. FLS has attemped to deal with this problem from the very start, and it looks like the beginning of round two is on the horizon.
WoW Moviewatch: How the spammers did it
We covered the story of the dead goldspam gnomes in Ironforge the other day, but now, direct from Alice (complete with Benny Hill accompaniment), here's video footage of exactly how it was done. How incredibly strange.As far as anyone can figure out, they created these gnomes using a bot, and then used a client-side teleport hack to put them in exactly the right place above the Ironforge floor. They also had to kill them somehow of course, but who knows how that was done. Did they send newly created gnomes out to the trolls in the lowbie area (because most starter mobs are actually neutral, so won't attack normally), and then wait until right as they died to teleport them away? If you went to the starting area while this was happening, would you see little gnomes disappearing? As I said: how extremely strange.Update: You commenters are so smart-- that's why we keep you around. Jesse and hookkick80 instantly recognized that they probably die from the fall damage after the teleport.
What are the gold farmers up to now?
I'm sure you've heard that Blizzard's anti-spam additions to the game have caused gold selling spammers to change their tactics. However, it certainly hasn't stopped their activity -- they're still out there, spamming us with raid invites, says, and messages over general chat channels since they can no longer do so in whispers. Lately I've been joining their raid groups to see what they've got to say, and, of course, report them. However, earlier today in one goldseller raid, I noticed that instead of listing their full site name, they're telling you to visit, for example http://www.i*****.com/. i*****.com? What? Is that even a valid domain name? My questions are soon answered, as later in the message, the spammer explains that the ***** stands for something else, which does turn it into a valid domain name. But I have to ask -- why are they doing this? It just makes it more difficult for their potential customers to figure out where to go, so I presume there must be a reason they'd do this. So, even though there's nothing official from Blizzard, I have to think that they're doing something that causes trouble for the spammers if they use their full domain name. Are they flagging people using known gold-selling domains in chat for further investigation? Since we haven't heard anything from Blizzard, we can't say for certain. But until we hear something, there's room for speculation.
