Chinese Netcommunity sign-up attacks
I noticed yesterday that we had over 2k sign-up requests from China in my Netcommunity plug-in in RE.
I opened a case where the technician identified a common email and ran a script to delete several based on the email but when I checked today, I had even more.
Yesterday, it was also recommended that I enable ReCaptcha on our Netcommunity/Online Express forms, which I did.
But when I looked at the sign-ups, we still had over 2K sign-ups that were dated from yesterday.
Also, since the tech said that he removed via script the ones from yesterday, he didn't see a commonality in the sign-ups in the database for these new ones, but yet I see several, like each name uses a title "2nd. Lt." and an email site as "www.cai005r.com" etc. But the tech has told me that I have to select each of them (250 at a time) and delete them manually. Of course, I have to scroll through each one because there might be a valid sign-up mixed in with the trash. Either way, only being able to see these 250 at a time and not being able to sort the window is not fun.
I really hope this captcha thing prevents this, but I guess we will see again tonight if we have a lot of sign-ups again, because I really see this as an attack on our website that seems like it could be prevented in other ways.
I opened a case where the technician identified a common email and ran a script to delete several based on the email but when I checked today, I had even more.
Yesterday, it was also recommended that I enable ReCaptcha on our Netcommunity/Online Express forms, which I did.
But when I looked at the sign-ups, we still had over 2K sign-ups that were dated from yesterday.
Also, since the tech said that he removed via script the ones from yesterday, he didn't see a commonality in the sign-ups in the database for these new ones, but yet I see several, like each name uses a title "2nd. Lt." and an email site as "www.cai005r.com" etc. But the tech has told me that I have to select each of them (250 at a time) and delete them manually. Of course, I have to scroll through each one because there might be a valid sign-up mixed in with the trash. Either way, only being able to see these 250 at a time and not being able to sort the window is not fun.
I really hope this captcha thing prevents this, but I guess we will see again tonight if we have a lot of sign-ups again, because I really see this as an attack on our website that seems like it could be prevented in other ways.
Tagged:
0
Categories
- All Categories
- 6 Blackbaud Community Help
- 209 bbcon®
- 1.4K Blackbaud Altru®
- 395 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.5K Blackbaud Financial Edge NXT®
- 648 Blackbaud Grantmaking™
- 567 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 937 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.5K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 247 ResearchPoint™
- 118 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 239 The Tap (Just for Fun)
- 33 Blackbaud Community Challenges
- 31 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 782 Community News
- 2.9K Jobs Board
- 53 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)