Skip to main content

Best Practices For Dealing With Spam

  • 7 August 2024
  • 2 replies
  • 53 views

Introduction to Spam

Nobody wants spam in their community. It’s annoying for you and your members!  Unfortunately, when we manage an enterprise community, we will inevitably run into it at some point. If you’re reading this article, chances are you’re running into it now.  On any platform where users can create accounts and post content, spammers will try to take advantage. Without effective measures, they will try to flood your community with unsolicited links, gaining 'free' access to your audience.

Spammer tactics have evolved over the years. It’s important to note, that in our experience, there is generally a human behind spam accounts. This is one of the reasons that automated measures alone are not 100% effective. Spammers will typically identify a community and start ‘testing the defences’ by creating accounts and posting some relatively innocent content.  In some cases they’ll re-purpose real content from other topics, making it harder to identify.  Inevitably, at some point, their posts will start including links.

Some degree of spam may be inevitable, but thankfully there are powerful tools and best practices at our disposal that we can put into play to deter spammers. And that’s the key principle - the goal is to deter spammers so that their efforts feel wasted.  They’ll then move on.  

So let’s look at how we do that.

Spam detection powered by Akismet

Our Gainsight CC platform includes a powerful automated AI and machine learning spam-fighting filter powered by Akismet.  We recommend to all of our customers to have this filter enabled (Settings > Spam prevention).  This spam detection filter will work to identify incoming spam based on known patterns.  

When the spam detection fails to automatically detect incoming spam, it’s important to click on Mark as spam in the moderate topic view.  This will help the filter to learn and detect this type of spam automatically in the future.

Identified spam will appear in the Content > Spam folder, where you can validate that flagged content is, indeed, spam.  This validation is important as it is possible to get a false positive. It can be a good idea to exempt active members from the spam checker so they don’t run the risk of experiencing a false positive.  A smart way to do that is to create a custom role that is exempt from the spam checker and automatically assign it to members via a rank, once they pass a certain threshold.  

Note on data privacy

 

Akismet is a third-party but no personally identifiable information is sent to it as part of our integration. Here is an example of the content that is sent to Akismet:

{

    "blog": "https://gainsight-us.insided.com",

    "user_ip": "0xcc62fd51caf7580d19146dad8c0916f2",

    "comment_author": "users_username",

    "comment_content": "<p>This is the content</p>",

    "comment_type": "forum-post",

    "comment_author_email": "0xcaaa85b24f7a4705bfe699e22075f44e"

}

As you can see, no identifiable information about the user is transmitted. All that is sent are hashed versions of the email address and IP address, which Akismet then uses to look up known spammers.

 

Pre-moderation rules

A handy tool in the CC platform is the keyword blocker (Settings > Pre-moderation rules > Keyword blocker).  It allows you to configure a set of words and phrases that will automatically trigger a post to go to the Pending queue, where a moderator will need to approve the post before it appears in the community.  This is often used for profanity but it can also be used to fight spam.  Simply add any distinct terms that spammers are using in your community to this filter.

You also have the option of enabling moderator approval of all new content (Settings > Pre-moderation rules > Moderator approval of new topics and replies).  We rarely encourage this feature to be enabled, as it impacts the experience of all members significantly, but it can be a useful tool to enable for a short period of time in extreme cases, as it will heavily deter spammers.

One more powerful option is to enable registration approvals (Settings > Registration rules > Registration approvals).  This is another feature we would only recommend to enable in extreme situations, but similar to moderation approval of all new content, it can be a useful way to powerfully deter spammers by blocking their ability to create new accounts.

If you do get to the stage of locking down content or registrations pending approval from moderators, the spammers will generally move on quickly. If you are unsure if the spammers have moved on, you are welcome to email our engineers at ccsupport@gainsight.com who can dig into the traffic data for you.

Community Management and Moderation Best Practices

The tools above are very powerful, but as we’re dealing with humans who are able to quickly adjust their tactics, it’s important to also apply some daily best practices:

  • If you’re seeing spammers starting to target your community, regularly monitor the User Overview (Users > User Overview) page for new registrations.  Some spammers are easily identifiable by their email addresses or terms they’ve entered in their profile fields.  By doing this regularly you’re likely able to ban spammer accounts before they’ve posted their first content.
  • You may sometimes find it challenging to identify if a member is a spammer or not.  There might be something slightly ‘off’ about the username, email address or the posted content, but not enough to be entirely certain.  In those cases you can check the IP address within the topic moderation view.  Spammers will sometimes create multiple accounts from the same IP.  When still in doubt, you can choose to simply keep an eye on the account.  Or send a friendly private message to gauge if the member is genuine or not.
  • While it can be inconvenient in the short-term, if you’re finding that spammers are starting to target your community it’s a good idea to prioritize moderation so that new accounts and spam content are identified and removed as quickly as possible.  Again, you want to deter them as much as possible - once they realize that your community is tightly moderated, they will feel that their efforts are wasted and they will move on.  
  • Encourage your community members to report suspicious activity to you. You may want to set up your email address to directly receive notifications of reported content (Settings > Moderation notifications > Reported content) to help you take swift action on these reports.

With these tools and best practices you should be able to prevent and deter spammers from sticking around in your community.  Hang in there, and you will win!

One final note, which is more long-term and strategic, is that implementing Single Sign-On (SSO) can be a helpful ingredient in preventing spam in the long-term, as it will take more effort for spammers to set up an account and will give you more options around the registration flow.  We don’t generally see SSO set up for this reason alone, but it’s definitely one factor to consider if you’re thinking about it.

 

Excellent article @Kenneth R.

I would like to add one hint, spammers might use private messaging. Yes, it is manual work for them, to send each and every message one by one. But still it is possible. And you dont know nothing about it. But you do 😃

From Control - Analytics - Export you can download Private Messaging report and you can see who have sent PM for who, and when.

This might help you in some cases.


Thank you @revote - that is a really great point, I’m going to add that to the article!  :) 


Reply