

Ask HN: Nigerians flooding my site with phishing emails - what to do? - barmstrong

I've been seeing the number of messages on my site - UniversityTutor.com - increase a lot lately.  It looks like a lot of them are phishing emails (the same common Craigslist scam where they send you a fake money order and ask for a refund) and Google Analytics shows an unusual amount of traffic from Nigeria.<p>I have in place:
* captchas
* rate limiting per account
* geocoding the IP to block Nigeria<p>Because of the captchas I'm pretty sure humans are sending the messages (not bots).  Of course the rate limiting and geocoding isn't fool proof because they can create new accounts and proxy the IP.  So I am still seeing lots come through.<p>Any clever solutions to this?  Thanks!<p>P.S. I'm looking into Evercookie and Panopticlick, but not sure if these are production ready yet.
======
zoowar
How do you validate the email address? You may consider DNSBL (DNS Block List)
validation which is basically a dns lookup at an rbl site like dsn.rfc-
ignorant.org, zen.spamhaus.org, bl.spamcop.net.

Learn more at <http://tinyurl.com/6ba6mq>

~~~
barmstrong
Hmm....I'm not currently validating IPs for clients (only for tutors) because
I didn't want to introduce an account creation step.

I could add this - although from what I can tell the emails they are using are
real (usually Gmail accounts) since they want to be able to respond back and
forth with the tutor to complete the scam, and get them to send stuff, etc.

------
zoowar
You're not using an effective captcha => Confirm Human: 2 + 2 = Consider a
more powerful implementation like <http://www.captcha.net/>

~~~
barmstrong
That's just something I threw on the new tutor form.

I'm using a real captcha on the contact form for tutors' profiles (which is
what is being abused):

Example: <http://berkeley.universitytutor.com/tutors/40157>

(click "Send A Message To This Tutor")

There are humans filling them out.

