Jump to content


Photo

phpbb registration spam

phpbb forum registration

This topic has been archived. This means that you cannot reply to this topic.
No replies to this topic

#1 Kevin Goebel

Kevin Goebel
  • Members
  • 27 posts

Posted 26 February 2015 - 01:53 PM

Yesterday a co-worker started getting spammed by e-mails by hundreds of PHPBB forum registration confirmation e-mails. Someone is randomly generating bogus accounts on PHPBB boards and using this employee's e-mail in the registration process. The userid and display names are all different random letters, such as Bnmrxcc, Ytdpqfk, etc.

 

I blocked many of them with some quick filters based on the default canned text of the welcome messages generated by the sign-ups, but the e-mails are coming in from phpbb forums all over the world in different languages, domains,and topic orientations. None of the confirmation e-mails I viewed had a handy "registration received from i.p. address bla.bla.bla.bla to track down.

 

We have quarantined this account's e-mail in the Barracuda and preview it before passing it on to the mail server.

Has anyone else experienced this form of attack or have any tips on how to contain it or block it so we can remove the quarantine from the e-mail account?

 

Thanks,

 

Kevin Goebel