I’ve been noticing an influx of users with anonomized usernames (ie: fjdasklfpudiosa722104891fdaf20j.srv.us).

As a moderator this concerns me because it immediately triggers a ‘this is a bot or nefarious actor’ instinct. Is there any reason not to be wary of these accounts?

  • ddh@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    11
    ·
    9 hours ago

    No more wary than, say, CriticalBadger or SuccessfulCrab45. Some of the more obvious bots have very normal-looking names.

  • user@startrek.website
    link
    fedilink
    English
    arrow-up
    9
    ·
    11 hours ago

    You’re mostly right – those names sound like overkill. However do note I have been using Bitwarden’s Name Generator (random noun + number) and I’ve evolved the scheme a bit ( it is now always ‘user’ and I keep adding numbers until the generated username is available ).

  • e0qdk@reddthat.com
    link
    fedilink
    English
    arrow-up
    11
    ·
    12 hours ago

    I picked an RNG name since my old common username (from reddit, etc) was not available when I started on kbin.social (RIP) and I couldn’t think of anything else I wanted to be called. I deliberately kept it short though. Not sure what to make of other RNG names – esp. long unintelligible ones – but I’ve seen at least one account that I think is legit which has a long, bizarre RNG-looking username and a non-English display name, so 🤷️

  • Kualdir@feddit.nl
    link
    fedilink
    English
    arrow-up
    18
    ·
    15 hours ago

    Technically it can be someone who just wants to be anonymous, but honestly they could at least use something readable

  • symbolic@infosec.pub
    link
    fedilink
    English
    arrow-up
    29
    ·
    edit-2
    17 hours ago

    I’ve been using Fedi for a long time and from the very beginning I’ve been afraid of spam and bots ruining it, at least temporarily. Spam is still a problem with e-mail, and it’s been around for 40 years and they’ve developed very sophisticated anti-spam mitigations for it.

    • Secret Music@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      9
      ·
      16 hours ago

      The problem is that most of the ‘spam’ comes from official things like websites that you’ve signed up to and didn’t realise would also include dumb fkn emails periodically. And they don’t always do it right away either. I’ve had emails suddenly start arriving from somewhere that I signed up to like a year before.

      Personally, my spam mitigation is to have one email address for signing up to shit with. Then these assholes can email me until they’re blue in the face and I don’t care because the only time I ever visit that inbox is for verification. And then I have another email address for personal use that never gets used because who uses email for personal use these days?

      In conclusion. Email is for signing up to things and collecting trash that I’ll never look at.

      • symbolic@infosec.pub
        link
        fedilink
        English
        arrow-up
        9
        ·
        15 hours ago

        That’s probably just mail that lands in your spam folder without being entirely blocked. According to Microsoft and Google approximately 99% of incoming spam (of the ~160 billion spam emails sent per day) never even reaches their users mailboxes. I assume that’s roughly standard across email providers. I am concerned comparably sophisticated filtering may become necessary on the Fediverse eventually.

        • SorteKanin@feddit.dk
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 hours ago

          I get the concern but I don’t think you need to be as concerned as with email. Email is a lot simpler without a lot of validation. On the fediverse, HTTP Signatures are used to verify requests, so you can’t spoof stuff as easily.

          That said, spam mitigation will probably still be an issue that continuously needs to be dealt with.

      • Flax@feddit.uk
        link
        fedilink
        English
        arrow-up
        3
        ·
        16 hours ago

        I, for the life of me, couldn’t stop nextdoor from emailing me. I could unsubscribe myself from one category of email and they’ll start popping up again. Just had to block it on my end.

      • schnurrito@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        15 hours ago

        IMHO messages from things you’ve signed up to are unlikely to be “spam”. I’ve always understood that word to mainly mean completely unsolicited messages from people you have no previous relationship with at all; though if it’s clearly unwanted it might include some of the former too.

        • snooggums@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          15 hours ago

          A ton of things I have signed up for spam me with trash emails that they don’t put in the ‘sales’ or ‘offers’ categories I unchecked. Just because I was forced to create an account to buy one thing doesn’t mean I have a ‘business relatiotionship’ that justifies multiple daily reminders of what they have in stock.

  • fxomt@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    16 hours ago

    Checking the modlog i see one user - @abff08f4813c@j4vcdedmiokf56h3ho4t62mlku.srv.us, who [despite the weird name] seems like a legitimate account.

    Which the reason afaik they have such a weird name is: https://lemmy.dbzer0.com/post/26773150/14235814

    Are there any other users you’ve noticed with this type of username/instance name? This is the only one i saw.

    • Burstar@sopuli.xyzOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      15 hours ago

      Which the reason afaik they have such a weird name is:

      Wierdly, when I click on the link I get a ‘server cannot handle the request error’.

      Regardless, I agree that it ‘acts’ like a legit account, but still think it’s sus as hell. That entry in the modlog is from today, but I’ve definitely handled similar accounts in the past, and seen others do so elsewhere.

      • fxomt@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        8
        ·
        15 hours ago

        Sorry bout that. Instance was down for some time.

        Anyways here’s a mirror just in case

        That entry in the modlog is from today, but I’ve definitely handled similar accounts in the past, and seen others do so elsewhere.

        I didn’t see any of that, but i’ll take your word for it. Still, this is most likely, if not definitely a real account.

  • hisao@ani.social
    link
    fedilink
    English
    arrow-up
    7
    ·
    14 hours ago

    My first guess with this would be: they were read-only, then they wanted to post something or write a reply to someone and at the time considered it to be a one-time thing and created sort of “throwaway account” for that specifically, but then they kept visiting the place and it kind of just stick with them. Yet again, my guess might be completely wrong. But at least this is one of the possible motivations behind such accounts.

  • crawancon@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    15 hours ago

    maybe we could create a suspicious account review channel and submit them there for folks to do some digg’ing.

    not sure about comms with other Admins but it would be nice to harmonize efforts amongst them a bit more/better.