Bitcoin Forum

Scammers ("profile hijacker") on airdrops are a problem nowdays, some of them has over 10k abusers.
How can managers finds the fake account?
This is the solution.

https://docs.google.com/forms/d/e/1FAIpQLSeNKc3xdCqqEIDd67NwrAqC31FkWvkSxxJpsC_HWjvoMKAxtQ/viewform

This form sadly needs a manual check but I'm pretty sure that someone with skill can create a bot/script for automate the spreadsheet and automatically reject if the informations don't match up


Note:

• The proof of authentication for social media needs to be done One time for users (they can save the link somewhere) and for further airdops they already have the link.
• You can improve the security with a signed eth message.
• ...

The only way to cheat with this module is having more accounts.



What do you think about it?

It's generally accepted that these alt accounts registering in signature campaigns are nuisance spammers, some of these campaigns/bounties don't even have a rule of "no enrolling alt accounts" and hence the participants aren't even breaking a rule if they do it. 

The altcoin bounty managers just don't give a shit whether they're employing spammers or not, and in fact I suspect that's exactly what they want.  Unless the forum starts holding them accountable and makes them tighten up their standards, there's nothing any of us can do about the problem.  Still, I'd be interested to hear what others have to say about this, because the problem that you've mentioned is pervasive, serious, and really needs to be addressed.

Tl;dr:  The managers are the problem.

I think it may be a bit harsh to say that managers are the problems. I don't think that they are, as a collective, blameless, however the spammers and shitposters are the actual issue/concern/problem.
The introduction has had a decent impact on the numbers of new users which suggests that people are no longer making alt accounts in droves.
I've also seen over a few bounties that the standards for rank have increased and full membership is required.
IMO a third offensive in this wave of digging the forum out of the shit just needs the managers to get on board and be part of the solution.
How many rules say that posts need to be constructive and on topic etc? Given some of the posts I see around there is no way that these standards are being enforced. If this were to happen it would make a nice new dent in the amount of spam. Obviously how to get them on board is the million $ question for this though. 

I sorta disagree with your stance that the Manager are the whole problem. You have to look at the whole point of the bounty campaign to understand my thinking here I think.

Companies do these bounties for many reasons. My belief in their main reason being is they get these coins created and want to do marketing at 0 cost to them. They have to put 0 out of pocket money into the campaigns from that point. They could care less if users are spamming the forum, or if accounts are being banned for posting trash. All they care about is they get some exposure for bottom dollar. Hence why you see all these new managers popping up. These reasons are why I feel its the companies fault and not the manager.

Instead of being eager to accept a campaign, these newbies taking their shot at managing bounties should be more firm in options they offer.

So, I suppose technically it is the managers fault for accepting the job, but not all managers are shit. If you look at the bounty campaigns I have done you will only see 1 bounty campaign that I ran that had a signature campaign along with it. I will not accept most bounty campaigns that want a signature campaign ran with them usually. I believe if Signature campaigns were disallowed from bounties, the whole forum would benefit and see less of the bullshit spamming. Signature campaigns should only be a paid advertisement option IMO. Either the company can afford it or they cannot. No ifs, ands, or buts.

Bounties should be reserved for all other forms of marketing. Twitter, facebook, youtube, blogs, etc. This would only cause clutter in each particular bounty thread and not all over the forum being as users have no reason to spam everywhere with all the bounties being off forum activity. The only thing that might contradict my opinions here are the translation thread. I personally believe having a billion threads translated and placed in each local board is retarded, but I have allowed companies to utilize the option. I would be just fine if it was banned from bountires too and companies were forced to put a little more effort into their webpage and have it in many languages instead.

Anyways, these are my thoughts on bounty campaigns. Maybe Theymos will read and agree with some points

This is like a never ending story and IMO I think the managers are not really the problem here. But yes, I strongly agree regarding tighten up the standards.
Overall, I am happy with how merits had reduced a lot of junk accounts.

I personally only do signature campaigns, I have done other campaigns in the past but later left/stopped doing them seeing how 100s of scam/fake twitter/fb accounts are being allowed to participate in the bounties.

Eventually, here is my take on why companies put a no brainer while allowing small alt accounts:

1. They just want to spread there signature as much as possible through out the forum, by allowing newbies or Jr Member alt profiles (which they have to pay very less(change money) compared to higher ranks), there agenda is getting fulfilled.

2. Airdrops > Just a way to increase Telegram group size, a lot many ICOs are doing that to gain traction, showing a large number of people being interested in there projects.

3. In recent weeks, we have seen some bounty managers promoting a project even after knowing it was a SCAM. Quantity is getting over Quality. The ALT accounts out there are the most who get scammed by such cases. Or in another way help these scams widespread which affects others.

IMO, there must be strict rules and standards which both bounty managers and companies must pass before the bounties are kept in place.

The best way I think, if the campaign is serious enough, is to check each participants posts. If they're just writing crap on random topics, with one word posts, then remove them from the campaign.

As long as they are not spamming BitcoinTalk then who cares except the ICO team. They can spam Facebook, they can spam twitter. If the team is ok for receiving tweets 10 times from the same person from 10 accounts then we are fine.

However, team does not care basically...
# They are not paying any money upfront to these spammers

Tell them to pay upfront in BTC or in ETH then you will see, they will bring all sorts of terms and conditions to minimize the spending and will hope to get maximum quality.

Hm, interesting, it's real to make a base of all participants of all projects?
With some ratings, with comments
And if anybody has a bad reputation in this base, you can don't pay for them

Agreed.  And I knew I should have qualified my statement with the fact that when I say "it's the managers' fault", I mean altcoin bounty managers, not legitimate campaign managers who manage campaigns in the Services section and which pay in bitcoin.  You're not part of the problem, Yahoo62278.  I do agree that the project developer shares a lot of responsibility and that managers are not completely free to do what they want once having taken the job.

I don't even know specifically who's managing these altcoin campaigns, but I've seen spamming alt accounts in Shivom, Traxia, Datareum, EQUI, and a whole lot more--I don't even know what these projects are, but their signature bounties are/were out of control.  There appeared to be no quality checking or anything else going on.  They basically accepted anyone with a pulse and a keyboard.  By contrast, in Services you can frequently see campaign applicants being rejected for low post quality, post gaps, burst posting and, lately, too few merits in Yahoo62278's campaigns.  That's how things should be run.

Really, there should be some significant accountability starting at the top of the food chain, which would be with the project managers.  They ought to be selective about who they hire as campaign managers--ideally not some idiot with zero experience and no standards whatsoever.  There ought to be sanctions if the outcome of the bounty is a mountain of spam, and that's fairly easy to measure.  But even before that, bounty program rules need to be tightened up beforehand so that shitposters are weeded out and don't even get the chance to wear a signature.

So what I propose is automatically link social media accounts with an ETH address. An ETH address will be stored in the user's bio, so one account can only be used for one person? No one can claim that another's is theirs.

It's not hard to use GoogleScript or even Sheet formulas to scrape a Twitter bio, IIRC.

Correct me if I'm getting anything wrong, OP simply says "solution" and proposes something convoluted and doesn't clearly state the problem they are trying to solve besides "scammers". Is it bitcointalk accounts claiming multiple social accounts or vice versa?

I tried to implement this in the Google Sheets, and it is working fine.
Link : https://docs.google.com/spreadsheets/d/1yQ67vjHTOmvCYUEZrlvoe1cmB5CzYjYelorRH_Pjk4k/edit?usp=sharing (https://docs.google.com/spreadsheets/d/1yQ67vjHTOmvCYUEZrlvoe1cmB5CzYjYelorRH_Pjk4k/edit?usp=sharing)

The requirements are that the address should be the first string in the Bio.

For this to succeed, the campaign managers must collectively make it a rule to include their eth address in their bio, which I think most participants would do because they even change their telegram names to include project they are promoting.

I find ABUSERS that use this technique on every bounty where I join. I can post examples if needed.
This is how it works: People try to steal other people work using their data and a different ETH, on airdrops, telegram campaigns, blog campaign, signatures even social media this is the solution to avoid this problem.
This is not only for signature abusers.

@yahoo62278 for example this one also scammed on your campaign(BoutsPro), aswell amaxiz campaigns and others on telegram/airdrop https://etherscan.io/address/0xac70e5fdf245a9fa2fadb5357a74bc801819104d#tokentxns

@The Pharmacist, I agree some bounty managers simply don't care cause in the end they will have the money anyway only buonty hunters will be afflicted by cheaters. I see a lot of people using bot also (probably I need to start to report them aswell, but I've reporterd over 200 abusers so far and I'm not a manager and not payd :'(), and the question is simple why if I can find them without searching them but only reading some reports above or under mine, managers can't find them?

Goddammit, what technique?

Multiple accounts using the same tweet, or using the same tweet for different bounties?

I think what coinlocket$ meant is a perp deliberately re-applying on someone's behalf with the perp's ETH payout address
so the spreadsheet would have double entries of a targeted user, then the last entry (if not both) is getting paid
there are already some threads opened talking about this, some called it "profile hijacker"

Exactly, I will add the term "profile hijacker" on 1st post.

Well im not 100% sure that i am an excellent member of this forum and worthy enough to not to be in the list, but i think managers must have a standard like SMAS list or DarkList. I do believe if "some" managers put works and times for their job, this forum would be less spammy than right now.

The blacklist do not works in this case, you will blakclist only honest people, as scammers use the profile of a genuine person by changing only the eth address. Verification via the eth address on the profile is the only way to look at honest people. In the shivom bounty they also used the profiles of Lauda and Mitchell as you can see on my personal log:

https://docs.google.com/spreadsheets/d/1snYAM149wlNDyh0_lkR1I3ZQdHkI9Rme-P0IFG9EvBs/edit#gid=0

Row 24 Mitchell's Account
Row 95 Lauda's Account

Making a user put an eth address on their profile still doesn't stop multi accounters from cheating the campaigns. Some of these cheaters own 20+ accounts according to the alts thread.

I totally agree with you, but the purpose of this script is to stop the "hijack account" from some people who uses from 100 to 10000, yes ten thousand accounts on certain airdrops and on telegram campaigns(on social media like twitter and facebook is limited at few hundreds). Regarding the multiaccount the number of accounts I have found several times is 19, I think it is the limit of the bot and with this method can not be stopped even if we facilitate the investigation.

Guys, who can answer me such question? I was in such situation that I was working hard during the bounty not violating the rules and after that, the admin of the bounty said that I have violated the rules. I have reread the rules and noticed that the rules were described not correct and many people were suffered not only me. If there any person who can help handle in such situation, like judge in court )

That's very vague.  What campaign were you in, what were the rules, and why do you think you weren't violating them?  And no, there's no fucking bounty court to take care of your problems here.  You're on your own, and if you didn't get paid for something you think you should have, the only thing you can do is leave a feedback on the manager's trust page.  You'll probably get blacklisted for doing so, but in your case it's probably for the best.

But with no details given, no one here can even offer you solid advice.

I am speaking about Merculet and Egretia bounty, here is his response: "You violated the bounty rule: you can't post more than 20 posts/shares per day during the campaign". Here is the rule: "You can't post more than 20 posts/shares per day during the campaign." I understood that the limit of posts is related only to this project, there is no any clarification that the limit is the limit of all post of other projects during the day ) I am confused. Am I right or wrong?

I think the ICOs are not overly concerned about this as to them exposure is exposure, however generated. It might harm the ecosystem and deter potential participants if there are restrictive measures to prevent this percentage of individuals

In the end, rules of the managers should still govern in order to remove them. But we still cant stop them specially low rank members to spam an airdrop. Who else don't want a free coin for an exchange?