Bombarded By AI Fueled Spam

Hi @jillian.bejtlich 👋,

Yes I’m sure this is just the beginning of spammers using AI to disguise their malicious behaviour.

We are able to block IP ranges for certain regions, although this could be easily overcome by using a VPN, but it should at least help prevent some of the attacks, particularly if the culprits are from one particular region. Let our support team know and they can add this for you.

Unfortunately we don’t have a way of preventing hyperlinks from being added right now.

We’ll be in touch with Akismet to see what their plans are to tackle this type of spam.

We have spotted a couple of bursts of AI authored Spam on this Community, some of them pretty thinly veiled as a useful piece of content, but luckily not ‘hammered’. They are getting smarter.

The standard ‘train your Anti-Spam’ seems to be the defense system we have now.

Btw, here’s an interesting ‘throttling’ approach, a feature that seems to hold promise

Spam is SO annoying! And AI fuelled spam bots are just incredibly frustrating to deal with. I understand your pain, @jillian.bejtlich !

Until the Akismet filter learns the unique and individual situations, there’s unfortunately not much you can do.

The big spam attacks thankfully only come in bursts, but once you’re in the middle of it, it’s really, really annoying, and takes an ungodly amount of time to deal with. We had a spam attack some years back where we got 23000+ spam posts/topics in the span of 6 weeks, and a few months later 17000+ posts/topics in the span of two weeks, this was before Akismet and autoban/removal of spam accounts and their content. It was painful.

One thing that has proven efficient for us, in those moments, is keeping an eye on the user overview page in control when the spamming starts. Spammers are not (yet) very good at coming up with inconspicuous usernames, and they often follow the same naming convention (and comes in waves of three for some reason). Once you spot a new batch on the user overview page, just nuke it on sight. Should you manage to accidentally ban an actual, genuine user, you’ll quickly hear about it through your community email, or your support, in which case it’s a swiftly remedied situation.

You can also ally with some (very) trusted superusers, and grant them moderation access (with heavy guidelines) to control to help you when you and your team isn’t online. We have a few trusted superusers that deal with spam during weekends.

Good luck on your spam fighting, Jillian! :) 

@anirbandutta Just upvoted that idea. That would be a wonderful solution and I was actually just thinking about posting it as an idea here this morning. Glad someone already had!

@Ditte Oof. Yeah. I’ve experienced a few of those absolute waves in my career, so needless to say it’s why the more gentle subtle ones make me nervous. Usually something bigger is coming. In our case, Calendly Community is still a very young community (4 months live!) so we’re lacking super users at the moment to help us out, but I’ll certainly leverage them as soon as I have them.