Maybe we could have an account cooldown, that looks to see how many accounts were created on that IP, and stops account creation after a certain number of accounts were made, or something like that? I know that people can use a VPN, but a hidden cooldown feature would be one idea on how to stop these bots.
If there is a feature like this on ROBLOX, maybe it could be enhanced? Like prohibiting the account creation of, say accounts with ‘worldevent’ in the title, for a period of maybe a few hours, for anyone trying to make an account with that word in the username.
A verified email is already required for comment posting. Also the account has be 1 day old to post a comment. And we do have IP address floodchecking for account creation. All the bots you see posting comments have a verified email, have existed for more than a day, and used IP address masking to be created en masse. We know it’s a big problem that we do not have a great solution for yet.
I’m pretty sure these accounts aren’t botted. These spam links lead to phising sites so the large quanity of these accounts probably originated from people inputting their account info (or alt account info) hence some have items on their account/have older join dates.
Either way, it’s a tough system to combat and I feel like adding a captcha to messaging would help (as a temporary solution)
I misread your post the first time. They do not manually create these accounts AFAIK. There’s no way they are. I can easily write a bot to create accounts with the current system. A CAPTCHA would prevent me from doing so.
Edit: there are easily tens of thousands of spam bot accounts currently. Do you honestly think they were created manually??
Edit 2: they are always very predictable usernames as well, which also supports my claim that they are not manually created. I have absolutely no belief they create these accounts manually. Show me the person spending hours making this amount of accounts and then I’ll believe you.
Commonly, the username is either a random word with a 4 digit number at the end (the biggest spam operation currently uses this). Otherwise, it is usually a word (i.e “robuxapp” or “worldevent” in this case) and then a number at the end of the username - this number is the bot number.
Accounts like “worldevent172” lead me to believe it’s the 172nd bot created for this particular spam. Did he create all 172 accounts manually?
Edit 3: More evidence to support my claim that they are not at all manually created.
So, all 200 of those accounts were created manually, in order? I personally believe a bot created them. The number at the end of the username coincides with the creation date. And, can’t leave out the fact that there is 23 pages of this.
Also, I did check. The creation date does appear to match up with the number at the end of the account. They were created in order, from 1 to 200, manually?
To clarify what I’m trying to get at here. There wouldn’t be as big of a spam problem if there wasn’t tens of thousands of accounts posting the spam. There wouldn’t be tens of thousands of spam bot accounts if there was a CAPTCHA.
This is just my two cents on the matter. A very simple solution that could be implemented quickly.
Like I previously said, this won’t solve the spam issue entirely. However, it will help ease it a ton. What’s the harm in adding a CAPTCHA to the signup page?
Take a log of the contents of the message, if there is a 90% overlap or it contains a phrase deemed considerably spammable: Website name, “15,000 Free R0Bux!” ect, the message is never delivered, the account is striked.
As an automated thing to tackle the problem at hand, after a certain number of logs these accounts should then be set to privacy mode permanently, with a roblox automated message telling them the phrase that had them shutdown. If they wish to appeal, that should be open to.
@ReeseMcBlox, how hard would it be to implement a basic version of a filter like this to messages?