Thanks for the help, some food for thought.
(The accounts are happening at a rate of about 1 per day, from all over the globe, the account names are like this
First name: iNvHXJCQlmncEuFf
Last name: kvpBILhXamZKrj)
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Reply to: Bots registering accounts
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "Bots registering accounts"
Collapse
-
Originally posted by Archangel View PostI have an e-commerce website and recently I’ve noticed a lot of new accounts being registered with long random strings as account names and bogus credentials. These accounts obviously don’t order anything.
What’s their game? What are they attempting to achieve?
Any ideas welcome
E.g all created within 5 secs of each other.
Are the account names with long strings in the format of GUIDs?
If yes to all the above, then it's possible it's an automated hacking tool trying different ways of submitting the signup data to compromise the site.
See if you can stick a CAPTCHA on the front of the signup process.
Everyone loves a good CAPTCHA!
Sent from my SM-T835 using Contractor UK Forum mobile app
Leave a comment:
-
If various information is only provided to users rather than visitors then they may be registering dummy accounts to access that data for web scraping or other means.
They may also be part of some penetration testing to find any weaknesses they can exploit for whatever reason, such as if they think you have a list of customers and their details and maybe payment details vulnerable to such exploits.
Look at putting in additional verification steps for new accounts, such as an email link to complete registration so at least the email account must be valid, and ensure only one registration per email account, if only to slow them down and disuade any 'script kiddies' messing about either for entertainment or something more nefarious.
Also worth checking with any others in the business (if applicable) that they're not doing this to massage the user numbers for some reason, such as to hit any targets for sales and marketing.
Leave a comment:
-
I wonder if they aren't part of an entire profile that is then sold on the dark web. If you've got a big list of stolen credit card numbers and want to test them or use them to make purchases, you could buy a package of already established profiles that are already signed up for various e commerce sites.
That's my guess anyway.
Leave a comment:
-
As to why, I suspect they often target small sites just for practice. I've had various pointless uncompleted purchases, emails, and even tinkerings with the database before I upped the security. No obvious gain for them.
Leave a comment:
-
It may help to find where they came from. Is your site aimed at UK users? If so, real users are more likely to be from UK and use recognisable British internet suppliers, BT, Virgin etc. I found most of the garbage visits to my site have come from Russia etc.
In PHP this is really simple, get the ip and internet supplier with:
$ip=$_SERVER['REMOTE_ADDR'];
$addr = gethostbyaddr($ip);
Then use IP2C to get the country:
ip2c.org | free IP to Country server | self-updating every dayLast edited by xoggoth; 5 May 2020, 19:30.
Leave a comment:
-
Bots registering accounts
I have an e-commerce website and recently I’ve noticed a lot of new accounts being registered with long random strings as account names and bogus credentials. These accounts obviously don’t order anything.
What’s their game? What are they attempting to achieve?
Any ideas welcomeTags: None
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Leave a comment: