fake accounts

4 months ago
anyone else get this on the NOP SITES.

Geraldoffig  Geraldoffig GeraldoffigKY
Василий  Василий ВасилийHI
ZauriceStove  ZauriceStove ZauriceStoveIS
Tuncayphirm  Tuncayphirm TuncayphirmDO
PhillipPaype  PhillipPaype PhillipPaypeNG
Alfredodox  Alfredodox AlfredodoxGB
ShirleyNAL  ShirleyNAL ShirleyNALXG
austinamawl  austinamawl wyattamawlQR

Anyway to stop it

4 months ago
Yes, we've seen similar.

Are you using CAPTCHA?
4 months ago
Yes , happens on my 3.5 and 4.10
4 months ago
How about Honeypot?
4 months ago
Try to implement CAPTCHA v3.
2 months ago
If you have the source code for your NOPCommerce:

In the CustomerController there is an ActionResult called Register (the second one). I have just today put a loop in there to check if the company name is google and if it is then return a text string.
Just put the code snippet below above all the other code in that ActionResult. You could even add a check for || model.Email.EndsWith("yandex.ru") and other provider names that you know will signal a spammer if they don't use google, or stop using google, as the company name.

            if (model.Company == "google") {
string spammerstring = "";
                // 10000 will take some time to do so reduce it if you are worried about server load
                // or remove the loop altogether (and the string declaration above)
                // and then just type the phrase in the Content()
                for ( var s = 0; s < 10000; s++)
                    spammerstring += "Type your preferred text here, I use 'No F**KING SPAMMERS!' without the censoring";

                return Content(spammerstring);

It is probably possible to change the code to write the IP address to a new table and check against that each time for repeat offenders who might change what data they use. but I'm just going to try this for now.