@pleary @kueda @tiwane
These so far, and all their projects:
https://www.inaturalist.org/users/recent?description=no&flagged_by=any&from=2396253&ids=any&obs=any&spammer=yes
Still online, lucky me. If you suspend from the list of project admins, be sure there is only one admin, or be sure you are suspending the right one. Occasionally they will add another legitimate user as an admin. I don’t think that negatively affects the legit user when the project gets flagged, but haven’t heard confirmation of that yet.
2 Likes
I blocked a bunch of IPs, marked some of the users you all hadn’t already caught as spammers, and reindexed these projects so https://www.inaturalist.org/projects/browse is looking ok… for now.
Theoretically marking a user as a spammer does mark their projects as spam too, but there might be a bit of lag before you see that on https://www.inaturalist.org/projects/browse. Note that the project detail page will still show up to a curator even if it is spam, apparently without a notice, so make sure to check it in an incognito window or something.
Assigning a legit user as an admin should not be possible. In theory you can only relinquish admin status to someone who has already chosen to join the project and is a project curator. If I’m wrong and you’re really seeing evidence of this, please include URLs.
3 Likes
Whew, thanks @kueda!
Maybe I mean project curator, not admin. In some of the football streaming projects, there have been two “members” listed, one the spammer and one legit. But maybe the legit one wasn’t admin in the strict sense. Will post a URL next time I see it, or anyone feel free. I think @cmcheatle noted some earlier?
Looks like some are still coming through, but now the projects disappear from the browse page as soon as the accounts are suspended, which they didn’t seem to before.
What impact might there be if you were to just disable project creation via the API, and require manual creation? Or is there really no functional difference?
1 Like
I blocked a few more IPs, but this is basically whackamole.
There’s no real difference. Almost anything you can do in a browser you can automate with a program.
3 Likes
aaaand the moles are popping again, but I gotta sign off for the night.
Is there something that can be done beyond post-hoc “whackamole”? I am seeing that the users are being suspended, but the projects are still being generated prior the user being caught and suspended. This appears to be a very automated and persistent attack. Still seems like the “50 verifiable obs before you can create any type of project” might be necessary. Unless those observations can be automated too, which I suppose they can… One is brought back to the hard problem of proving one is a human interacting appropriately with a site…
2 Likes
Ken-ichi, isn’t this the opposite, you can’t assign yourself as an an admin onto projects, so someone has to do it for you who is already an admin on the project.
Still flowing in massive numbers, the first 40 pages on the new project search are currently them, took me 40 pages before I could find the stream tv ones 
I will start a new round of suspensions shortly but am starting to have Pahang CNC flashbacks.
They are obviously spoofing their IP addresses so blocking won’t work.
As the account names currently start with qw… isn’t there are faster way to search and flag them ?
Theoretically they will appear on the new users page that curators have access to, assuming of course they dont change that string.
I have mixed feelings on this. It is a balacing act between making it annoying enough that they go elsewhere and the reality that as Ken-ichi noted they can simply automate creating observations, and that would be even worse.
They dont care where there content sits, the objective is not for someone to click the links etc on the iNat content, it is to manipulate search engine results, by having the crawlers find their content on as many pages as possible and thus uprank it in search results. What form that content takes is of no interest to them.
2 Likes
OK, I’m a little confused. https://www.inaturalist.org/projects/mariposas-y-polillas-de-tecnoparque-yamboro and https://www.inaturalist.org/projects/mammals-of-churchill have both been identified as spam. Yet, to me, they seem like valid projects. How can I tell real from fake? Is the purpose of spam not to sell something? If someone could help me with this, I might be able to help out.
Where are you seeing them indicated as spam ?
I dont see that, nor do I see the projects listed in the flag log.
Can you share a screen print ?
Both those projects and their admins look clear to me.
The spam projects have quieted down for now, but if you want to see recent examples, start with these accounts and click through to their project lists:
https://www.inaturalist.org/users/recent?spammer=yes&flagged_by=any&obs=no&ids=no&description=no
And then you can start here for some different ones before the most recent attack:
1 Like
I got them from this link, which I now see is a bunch of spam/non spam accounts
Is this spam? https://www.inaturalist.org/projects/sps-shs-biologic-survey-e17d070c-c423-4f8e-8773-26276c55a55f
Do the spam projects show up on the “New User” chart, or is it best to look at the project list?
Sorry for the delayed response @mamestraconfigurata – I’ve been away for several days. The project browse page shows all existing projects in alphabetic order. It says nothing about whether a given project is spam or not. That can only be determined by looking for odd visual cues, and investigating further.
If you use https://www.inaturalist.org/projects/browse?order=created, you will see the most recently created ones first, which is the best way to monitor for any incoming spam. These usually accumulate at a rate of a few pages per day, and currently I am not seeing any new or recent spam projects. You will see projects in many different languages and alphabets, with or without icons, etc., so you really have to translate/read their content to determine if they are spam.
Here is a fairly typical example of a recently flagged spam Project. The most recent deluge of spam seems to have been removed from the system entirely, so I can’t show you those examples. But the ones still in the system can always be found here.
Doesn’t look like it to me – apparently just an old dead project, but nothing spammy there.
Hope that helps.
Thank you, those are very useful examples. However, I noticed on one of the ‘recently flagged’ projects (https://www.inaturalist.org/projects/rtyhghf?tab=about) a legitimate user is listed as a co-project Admin. Any idea how that happened? I seriously do not think he signed up.
What happens to the spam still in the system?
Yes, we noticed that some of the spam projects had been grabbing a legitimate user as a second “manager” of the project. Legit projects can do that too, with no notification to the person being added (there is a feature request to add notification and confirmation for such actions).
I’m pretty sure there are no consequences to the legit account when the project gets flagged as spam, only to the account creating the spam project. But still awaiting staff confirmation that this is true…
As for the spam still in the system, it is hidden from view except for curators and the account that created it. I don’t know what the site policy is for when they outright delete such content, as appears to have happened with the spam blizzard from 2 weeks ago.
1 Like
Thank you :)