The MUD Development forum.
Game Development Discussion, Chat, Technical Debate, and people who just love games talking about building worlds.

Home » Hosted Mud Projects » Wheelmud » General » mysterious registration - WheelMUD - A C# MUD Server - Forums - General - Lounge
mysterious registration - WheelMUD - A C# MUD Server - Forums - General - Lounge [message #491] Sun, 22 March 2015 11:56
Karak is currently offline  Karak
Messages: 489
Registered: March 2015
Location: Seattle, WA
Senior Member
This thread originates from prior WheelMUD forum software archives. It has been migrated here to preserve the contents.

Post by (redacted) (28 Dec 2014 09:40 AM):
I woke up on 12/28/14 to discover 2 emails from this community. One requested my registration to this website, and the other confirmed it. I assume my gmail account has been comprimised, and I have changed my security information for that gmail account.
Now, how do I terminate this account? After clicking through the site, I did not see any interface through which I could do this.

Post by Karak (30 Dec 2014 12:03 AM):
What a weird thing to have happen. I don't see anything to be gained from hijacking an account to use for registering at this particular site, unless they intended to post spam or something, or maybe this is some strange social engineering thing. I believe there's a way to at least disable the account, if not delete it entirely, but I think Fasta will need to have a look.

Post by Fastalanasa (30 Dec 2014 11:12 AM):

Spammers are using random email accounts to register on this site. I changed the registration to need email verification. Every once in a while they use a legitimate account. Unfortunately, I can't do much more on my end. You could set an email rule to send emails from our site to the trash, or just outright delete them.

I delete an average of 60 fake accounts every day.


Post by Karak (03 Jan 2015 10:15 PM):
How are they Confirming though? Through compromised emails?

Post by Fastalanasa (06 Jan 2015 11:20 AM):
Posted By Karak on 03 Jan 2015 10:15 PM
How are they Confirming though? Through compromised emails?

They are not. That's how I know they are bad registrations. These registrations show up in the "unregistered" list. What's going on is this:
1) Script or program that autogenerates email addreses and passwords
2) This system hits our website and registers these emails
3) Since they are not the actual email owners, the registrations sit on the "unregistered" bin.
That's why I know these emails are not compromised. Just scuzzy spammers trying to gain SEO for links. What I don't understand is why they keep doing it, after I set the registration to verify. My only guess is that they get paid by the amount of registration, otherwise they would have gone away by now. Still deleting between 60 to 100 bad registrations a day. Shocked
Previous Topic: TODO List - WheelMUD - A C# MUD Server - Forums - WheelMUD - General
Next Topic: New, Feature Full Help System - WheelMUD - A C# MUD Server - Forums - WheelMUD - Design
Goto Forum:

Current Time: Tue Jul 23 14:57:40 PDT 2019