FileMaker Technical Network > Developer Forum >
Are any of you also getting all this crap from user "sweetyji"?
How should this be reported?
OVER 75 junk Emails from this malicious user "sweetyji" now have been received in just 30 minutes.
SysAdmin... Please fix this. Thank you.
Its 4 in the morning where the sysadmin lives....
How come "Do Not Follow" is not working for this hacker unless they deactivated that forum function as well?
this is not the first hack... this is a little embarrising !
Could potentially NOT be a hack, just malicious use, which happens a lot on "free to use" forums.
I'm sure the user, and all of their posts, will be removed this morning by FM admins.
At least this is forum-wide and not just some hack snagging my Email address.
It's the first one I've experienced since joining FMP in Dec 2011 where I've never seen this kind of infiltration in other prof forums.
Not sure why it's embarrassing but the junk spam count now is at 130... Across all users?!? Wow...
Things should be limited. Like disallowing messages with certain phone numbers.
(that was how I deleted them all by searching for phone number)
Also sysadmin could have new users not post more than one message per hour.
What's puzzling is why people think this sort of foolishness is a good idea ...
This is not the first time spamming has happened on technet. I can recall at least two other instances.
Yes, it’s inconvenient, but when your forum jumps from ~1500 users to ~55000 users, it’s kind of expected that a few bad eggs filter in.
I don’t subscribe to any feeds so I didn’t get my email lit up by this, but I can see that’s an issue.
It's probably automated, so doesn't know it's being foolish :-)
In similar news, I've got Nigerian scammers trying to convince me they're German art connoisseurs looking to buy my artwork. It's a scam making the rounds of the art world - eventually they ask you to prepay for shipping/dock release, send you a check to compensate which bounces, etc.
The internet is fun.
Embarcadero Dev forum got hacked too a couple of weeks ago. Unfortunately.
So it's only Filemaker's one.
But Filemaker inc. should monitor this forum 24/365.
It leaves a very bad impression in case of serious problems.
I was talking about security a while ago in another topic...
I subscribe to Christian's ideas.
On behalf of FileMaker, Inc., I apologize for this happening.
We removed the posts and have removed the user.
As far as reporting things like this, you all did the right thing. I am a user just like the rest of you and therefore I get all the "junk" like the rest of you and saw it when I got in this morning. In addition, others other than me also monitor this site so likely we see it when you guys see it - unless in this case it happens after hours which was unfortunate.
Regarding 24/7 monitoring - it would be very challenging to do this for obvious reasons but more importantly it would be challenging because of the e-mail subscription aspect of the forum. There is no way to prevent the "bad" emails from going out to those who are subscribed to the forums via e-mail unless we screened every e-mail before it was sent.
With that said, we do what we can to prevent things like this from happening and take action as soon as we see it.
Thanks for the reply, Steve. While it is understood that...
There is no way to prevent the "bad" emails from going out to those who are subscribed to the forums via e-mail
...How come "Do Not Follow" was not working for me this morning when I flagged the hacker user name "sweetyji" as "Do Not Follow"?
Did said hacker somehow break that "Do Not Follow" function? If not, why wasn't it working?
Please kindly reply back on this.
PS: Julie Sigfrinius, don't suppose you might have anything to add, would you? Thanks!
There is no way to prevent the "bad" emails from going out to those who are subscribed to the forums via e-mail ...How come "Do Not Follow" was not working for me this morning when I flagged the hacker user name "sweetyji" as "Do Not Follow"? Did said hacker somehow break that "Do Not Follow" function? If not, why wasn't it working?
Can't answer this question presently. We are looking into it.
A possible educated guess is that subscribing to folder XYZ overrides the ignore person ABC who might post in folder XYZ. Or that could be totally wrong.
Since it just happened a couple of days ago, it makes me wonder if the "Admin Console" showing up on several of accounts was related to this hack? FYI, I run a standard Apple Mail server (OS X Server 10.9.3) and it caught all of these emails at the server level and I never saw any of them in my Apple Mail Client. Glad to see the Apple Mail server sees junk like this and dumps it.
Hi Taylor, this has nothing to do with the issue you mention here. It wasn't a hack as much as a spam bot who got through captcha. We're looking into ways of improving this in the future. Thanks everyone for your understanding.
Thanks so much, guys. Your follow up replies are appreciated.
What! You mean captcha is defeatable?
Yes, captcha is very much defeatable.
If not by automated OCR systems that can recognize the characters, then potentially by spammers that just queue hundreds of captcha sites and have a real person sign up for accounts on the sites in the queue to provide credentials to an automated spam posting system.
Technet is based on Jive, so FM is dependent to a point on the security and rules that software platform provides for running technet.
Compared to other forums I've partaken in, especially those based on open source such as PHPBB or bbPress, technet is pretty much spam free.
but often UNREADABLE by the humans it was meant to "protect". Ha ha
definitely, captcha has gotten ridiculous.
Even more ridiculous is older "roll your own" systems, like "what is 2+2 ="...
I can't understand (if if works) where there is a "speak" feature to the captcha... sigh
and again the same spam. :-(
different user, but obviously the same person on the backend.
I wonder if Jive has a prohibited dictionary function to block spam posts, or at least delegate them to a spam queue for moderation. I don't think terms like "escorts" or "call girls" are really ever in our vocabulary.
Do you not see market opportunity though?????
Yep, another 80 spams just came through again this morning. This time from "sweetyji01".
Steve Romig and Julie Sigfrinius... Thought you had this resolved yesterday.
As such, my (our?) inquiry on the "Do Not Follow" function not working is reaffirmed.
Please kindly advise on when that might get fixed and on what security measures you all are going to proactively employ to put an end to this infiltration; regardless of the cause or how many times the hacker changes their name.
Look forward to your next status update reply on this. Thank you so much.
"Yep, another 80 spams just came through again this morning. This time from "sweetyji01”."
Different user, I doubt they were able to predict or control it before it happened.
Finger pointing will get you nowhere and is uncalled for.
May be i got lost somewhere but what does Julie have to do with a technical issue?.
Steve and Matt gave us a satisfactory (at least to me) technical explanation of what happened. I'm sure Julie can defend herself but I don't see the point of asking a technical fix (which up to a point is "unfixable") to someone who has nothing to do on the technical side of FMI.
Just my 2¢ of mexican pesos.
Mike and Ibrahim,
Truly meant no disrespect nor to "finger point."
Please understand that having had my personal info security breached in the past (not here), for better or worse, I am now very vigilant with all online security.
Steve Romig was referenced above due to his apology yesterday on behalf of FileMaker, Inc. since the hack occurred again today.
Julie Sigfrinius was referenced again due to FM Customer Service advising yesterday morning that this matter would be reported to her as Julie oversees these kinds of problems.
It sincerely is hoped there are no hard feelings as the intent only was to be constructively helpful based on what Customer Service had clearly stated to me yesterday. Fair?
Your feedback is appreciated. Thank you.
You were coming across as a bit harsh, that’s all. I’m all about working towards a solution, which your comment was not.
As noted it was not a hack, no account data was breached. The repeat is just a mirror of what happened yesterday. I doubt there is any “fix” to the software, just that fixing it when it happens will be the course of action. With thousands of signups and few spam incidents, I’d say so far that technet has been relatively good on spam.
If it’s of any further concern you can probably set up mail rules on your end to trap for anything coming from technet with a few key words (Here’s a great list of trigger words to start creating rules with: http://blog.hubspot.com/blog/tabid/6307/bid/30684/The-Ultimate-List-of-Email-SPAM-Trigger-Words.aspx )
Thank you for sharing your perspective, Mike. That was not my intention as I, too, am about win/win solutions. As a fellow Buckeye (Cleve), hope you'll please forgive me.
Since I am a "one trick pony" only doing custom database (Cobb relational architecture) development since 1985, please know that I have little working knowledge on mobility, networks and their security technology. I leave all that for you guys.
Your IT comments are noted but it's not understood why this can't be "fixed". Surely a "keyword" filter could be added to the system to trap-n-purge that kind of junk. Yes?
As for "mail rules", been employing the Outlook white/black list Rules Wizard from the beginning. In this case, I immediately went to the Forum "Do Not Follow" "control panel" after getting 25 spams yesterday and black-listed the user. However, that feature/function failed to keep them from coming through.
Oh well, thanks for your replies and info.
I meant not possible to fix in the sense that a human can still maliciously sign up for an account.
Also, blacklisting a user is not helpful if said malicious human signs up for a second account, like what happened yesterday.
Hacked again !
I meant not possible to fix in the sense that a human can still maliciously sign up for an account.Also, blacklisting a user is not helpful if said malicious human signs up for a second account, like what happened yesterday.
Mike, your follow-up comments are understood. Yet now this forum, unlike all others I am on or have ever been on, has been hacked three times in five days. It also is the first time this user/member of 2.5 years ever has experienced this problem here.
As such and as previously suggested above by another user, would you or one of the SysAdmin Monitors please explain...
Why FM can't simply add an internally controlled and monitored keyword filter to their Email Alert System to snag and block all outbound Forum Email Alerts that contain the kind of foul porno junk that over 230 Alert Emails have contained since Tuesday in the same way as ISP Email vendors have "Control Panels" that allow their users to configure Spam Filters on the Server-Side before the Email is sent out to the customer's "client-side" Inbox?
It would seem that employing this concept would be a win/win so the "Cannot Do" issues you and a few others noted above could be worked around.
Then, when the SysAdmin arrives for their next work-day, this internal system would have all the junk with the hackers' user name in order to purge/delete from their back-office system(s). If the suspected junk was, in fact, legit, then the SysAdmin could release those Alert Emails at that time; which ought not to be a problem since this kind of junk is quite explicit and cannot be "confused" with our professional posts.
Isn't this a fair and reasonable idea and approach for "working towards a solution" that FM should investigate and employ to resolve this ongoing problem?
SysAdmin: Please kindly reply back on this requested suggestion next week. Thank you.
I have email notifications turned off by default; instead I read messages directly in the forums at fmdev.filemaker.com. Partly that's personal preference; I like to condense this kind of reading to specific parts of my day rather than get real-time emails throughout the day (I find them distracting).
One side benefit is I never recieve any of these spam posts via email.
Point is, as a temporary solution, turn email notifications off for the all the major discussion forums - General, Advanced, etc. You will still get notifications for threads you participate in, like this one, unless you turn off notifications for those individual threads too.
Oh, and Bill, I wonder if Do Not Follow really is a setting that would be effective. You would still receive messages from me inany forum you're subscribed to, even if I posted there - I don't think you "Follow" me, right?
Not sure what Follow does but probably has nothing to do with email notifications...
A simple filter based on the phone number has deleted all the spam via forum for me.
I do want to follow forums and get emails for new threads.
Still I would vote for FM admins to put filters and put all messages containing some keywords into moderation queue for manual check.
Can we please just stop beating a dead horse. Filemaker obviously knows it’s an issue, and if the issue persists, will most likely step up their game to solve it.
Unless you’re an expert in the jive platform and can offer helpful advice to the FM people in charge of technet, any sort of complaining about spam is pointless.
These attacks expose the weak spots in the Jive platform for users. There doesn't seem to be a simple method for us to stop receiving mail temporarily. Do I have to go through every thread that I am following at switch it off? What a pain! It's quicker to read the email from Dubai.
Hi Bill and everyone:
A quick update on this... We do have a case opened and are actively exploring our options to avoid spam in our community. Unfortunately, malicious users will work around filters.
But we'll keep trying. We apologize for the annoyance, and hope to have it resolved as soon as possible.
Senior Manager, FileMaker Developer Relations
FileMaker, Inc. — An Apple Subsidiary
Thank you for your "quick update" on this recurring problem. Glad to hear that FM has a case open with their 3rd-party forum vendor, Jive, to resolve this security breach with an appropriate patch of some kind... Hopefully sooner than later.
When resolved on your end, it would be a great assurance if you please would post back to the community to let us know that has been accomplished. That way we won't wonder if this ever got fixed.
Again, your post (and future update) sincerely is/will be appreciated.
We are currently trying a few different techniques, but to be honest none of them are foolproof. I wish I could give you a response and say this is "fixed", but based on the history of the epic war between public sites and spammers, saying that this is "Mission Accomplished" and we'll never have spam again is probably foolhardy.
We will keep doing all within our power to minimize spam on the forums. Thank you all for helping and alerting us when this does happen.
Hope this helps,
Technical Marketing Manager
Is this really such a big deal that we have to continue to see messages about it?
Just delete the spam messages and move on … The FileMaker, Inc. staff will take care of things as soon as they can and as best they can given the time and costs involved.
As for me, I find the complaining emails to be just more spam …
In the grand scheme of things, aren’t there many more important issues to deal with in this life?
Peace, love & brown rice,
FileMaker + Web: Design, Develop & Deploy
Certifications: FileMaker 9, 10, 11, 12 & 13
Member: FileMaker Business Alliance
One Part Harmony <http://www.onepartharmony.com/>
Austin, Texas • USA
I am with Morgan on this. I think it is time to let this rest. It is NOT a security breech. Just an annoying, overly zealous marketing scheme. With that, the admins will make some changes to lessen it...but I have now deleted 43 msgs on 12 different days. The spam problem was only 2 days and not that many more messages...and was fixed with a simple filter in my email. So now I've had to put more time into deleting these messages than the spam itself.
I shall sing a farewell song to this topic, and maybe do a little jig.
Off topic Matt, but re: your profile picture, is FMI now requiring employees to wear clean room gear when in close proximity to FileMaker Next?
FMI Engineering team beta testing FileMaker Next
Why is it so difficult?
I have several forums. New people are moderated until they make a posting which shows they are not spamming.
And postings with some keywords (Where you can easily put that phone number) in the keyword list, are also moderated.
This eliminates 99% of spam directly. And normal users are not annoyed.
60K members have joined this forum since it was started, what, three years ago? FMForums.com has 27K and they've been around for 14 years at least (and they are by far the most successful FM forum prior to the TechNet forum relaunch).
The volume of new members joining is probably around 50/day. Not all forums are equal, and in one respect I see the fact that there has been only one spammer (with several accounts) in that time out of 60K users as not the horrible thing this thread is making it out to be.
Now that there have been more emails on this topic than the actual spam as far as I can tell (three of them admittedly from me) I'm also dropping out of this conversation to save some digital trees.
See you all (hopefully) at DevCon.
People, this ongoing hacking problem ~ that is a horrendous inconvenience ~ just got the worst ever today!
431 Asian Spams came through!
When will FM have their 3rd party vendor fix the HUGE HOLE in their Security system?
Frankly, this is NOT something we "should have to live with" ~ as some have suggested ~ when every other forum this 30-year veteran IT engineer belongs to does NOT have this kind problem.
Doesn't anyone else believe this should be fixed; once and for all?
Matthew O'Dell, please kindly get this problem resolved asap. Thank you.
Retrieving data ...