Wow! Just won 3000 robux! (recaptcha request)

This was totally not a scam to steal accounts! Can we please like, do a ‘send message code’ people have to put in before sending messages so we can cut back on spam bots? Thanks.

5 Likes

this isn’t development discussion?

3 Likes
14 Likes

Duplicate and related threads (to name a few):

http://devforum.roblox.com/t/site-wide-captcha/21720

http://devforum.roblox.com/t/someone-has-found-the-solution-to-pm-botting/20649

What if facebook or your email had this feature? it would add too much friction to socialization on roblox.
We need better automated moderation for messages. Maybe a captcha would be appropriate if the message was similar to common spam messages. Same applies to comments (although I’d rather be able to fill out a captcha than not be able to comment at all e_e).

we honestly wouldnt need to duplicate threads if roblox did something about it, it’s obviously a very large issue in the community and should be fixed.

4 Likes

How does that work? How are computers not able to emulate clicking it?

1 Like

I believe it looks for inaccuracies in how the mouse is moved onto the button along with other things. Like if the mouse position is just instantly moved to the button, its denied, or if like the mouse linearly moves at the same speed and in a line to the button, then its denied.

I imagine it’s more complex than that because then you could record your mouse’s position while manually verifying on of those and bam replay that and 100% bypass every time.

1 Like

ReCaptcha (To my understanding) uses Google’s risk analysis engine to determine if someone is human or not. Google likes to keep its work secret, so we won’t really know how it works.

However, I’d imagine that it takes several factors into account before presenting a challenge.

  • Looks at the IP, checks to see if it’s blacklisted/suspicious.
  • Checks the client’s web browser.
  • Looks at interaction on the page (Eg. How their mouse moves when it hovers over the ReCaptcha box, how long they wait until they click etc.)
  • The cookies on their machine (To see if a user is already logged in or not, with a Google account).

Someone also reverse-engineered the ReCaptcha code, here’s a link.

they really need to make this a priority

I mean we had stuff like “join my game” and what not before, but comments now are almost always robux scam sites

I don’t even want to imagine the number of people who have fallen for this and lost their account

comments currently are disgusting and full of cancer, captcha would clear out most of this garbage

1 Like

The bots are run on javascript, and using a console, like the one in chrome, you can execute it, and it runs on all the servers of a game or all people in a group.

“Roblox Inc. LLC”
because Roblox is any of these

I got the website shutdown last night.

Reported it to Hostinger, which was their host. I emailed them, within about 20 minutes it was gone. :slight_smile:

Keep sending them to me, I’ll make sure they don’t stay up.

2 Likes

It can also give you these sometimes if it detects the need for added security.

1 Like

We really need this.

I was viewing the comments on this game and there are several accounts with BC that were spamming those scam websites.

I do not get it. It’s heavily filtered?

1 Like

It’s a comment I found on the Plaza.

Do those links actually steal your account and change your password? Or are they more like Twitter bots that just spam on your account?

1 Like