APK Spam vs New Users

Everynone · September 20, 2024, 7:43am

Could you please address the insistent APK spam that has been plaguing the forums for months now; here’s the very top of the front page as of the moment of writing:

These posts are always from new users, in the same format and include a link that gathers hundreds of click-throughs within an hour. It’s a nuisance and a security risk. Reporting accomplishes little, it seems, with dozens upon dozens months-old tickets pending moderation:

Legitimate new users do not post links unless it’s YouTube or somehow related to the UE ecosystem. New users want to post screenshots of their blueprints / code and ask numerous repetitive questions. Let them. Perhaps a shift in restrictions would deter some of the spammers and make life easier for others:

new users can only post whitelisted domains
increase the number of allowed posts for new users
increase the number of images new users can include in a single post
flagging posts as Spam should hide the post unless moderated otherwise - this works in some sections of the forums, but not others

Not sure who to tag here, who’s the Epic Security Officer around these parts?

edit: and to further prove my point, 10 minutes later:

Someone found an avenue for some illicit activity that is now facilitated by the forums

Nawrot · September 20, 2024, 8:15am

I flagged several posts as spam. And surprise, all my ticked were closed as NOT SPAM or not violating rules. So no more flagging from me, pointless.

I think they are spreading some backdoors/malware in those apk. Just download one and check on virustotal.

Everynone · September 20, 2024, 8:34am

You’re missing out on the new, cool and free captcha minigame where you must select the Odd One Out! Engage mental faculties in order to report mindless posts. We’ve come a full circle.

Rawalanche · September 20, 2024, 8:49am

I used to report them but I immediately gave up once they “improved” the report button

Nawrot · September 20, 2024, 9:05am

Yup second login to another page. Well i endured it just for nostalgia (as FORMER volunteer mod here), but recently i looked closer and all my suffering with second login, was dismissed.

Flak · September 20, 2024, 11:44am

Looking into this.

Flak · September 20, 2024, 11:47am

Cleaning them up now and we’ll watch out for more. Thanks for calling this to our attention!

Everynone · September 25, 2024, 11:50am

I mean, one cannot report / remove them fast enough, not sure that’s the point:

308 click-throughs within 2 hours
edit, insert new url
rinse & repeat

The link rings all malware alarm bells. There are several new threads per hour, every hour, 24/7.

Wouldn’t that make sense, and at least render it somewhat harder to spam so egregiously? Please do consider it.

ScamBot45 · September 27, 2024, 6:05pm

Is there an way to streamline the report process? Because I’m so used to stuff not being consilidated jnside an ticket system

ScamBot45 · September 28, 2024, 7:18pm

So, should I be concerned about filing reports if they’re coming back as “this doesn’t violate our TOS”? Because while the last thread was deleted (probably by someone else) the feedback that I got was that the guy was innocent. So right now, I’ve reported this guy after I saw his other thread and I’m mildly concerned if I might get banned or something if Epic keeps saying that it violates their polices.

ScamBot45 · September 28, 2024, 7:57pm

Well, it certainly doesn’t help that the actual spam link is buried within an few seemingly AI-generated posts. Today, I’ve seen someone pitching an idea for something like Star Citizen, but with uploadable media to be converted into in-game currency and some nonsense about per capita GDP.

But the one that I saw barely passes as an regular post around here

ClockworkOcean · September 29, 2024, 7:16am

And so it continues…

ScamBot45 · September 29, 2024, 7:25am

I’m pretty sure that I reported those accounts either today or yesterday. Or just add an extra day to that last sentence, lmao

ClockworkOcean · September 29, 2024, 7:25am

There’s more spam than user content at the moment…

ScamBot45 · September 29, 2024, 7:35am

Yeah, I’m pretty sure that these are sleepers, unfortunately

Amanda.Schade · September 30, 2024, 11:40pm

We’ve added “apk” to the watched words list on the site to minimize the number of posts that just outright hit the site. We’re also digging in to see what else we can do to prevent this—sorry for the trouble folks!

ScamBot45 · October 1, 2024, 12:07am

Why not just put any post from an new account that’s trying to link to somewhere in a moderation queue? It’s not like most of the genuine questions on here were urgent enough for the regulars to immediately answer them

Everynone · October 1, 2024, 8:48am

It’s either not working, not working correctly or not working yet; that’s a span/m of just 10 minutes:

Note what happens in a lot (but not all) of cases:

since a lot of public forums have preventive measures in place, spammers believe they need to legitimise themselves first; they do it by copy / pasting existing genuine posts and having other accounts like them first
only then the post gets edited and a link inserted

Can the watched list be made to look at edits themselves as well, and pluck suspicious entries?

Please do consider not allowing new users (whatever defines one) post links outside of whitelisted domains. If at all feasible, ofc.

ClockworkOcean · October 1, 2024, 8:53am

Yes, the forum is becoming a SPAM repository…

Everynone · October 1, 2024, 8:59am

I also had my above post moderated and had to wait for manual approval, which I do not mind. So something is shifting, not sure about the direction being the right one, though.